The "Freeola Customer Forum" forum, which includes Retro Game Reviews, has been archived and is now read-only. You cannot post here or create a new thread or review on this forum.
Recently one of my sites has started to receive was is commonly referred to as FORM spam. This is where someone malicious has found my contact FORM and started to use the script to generate spam.
I only receive the 1 email each time they target me (as if someone had filled in my feedback FORM), but reading up about 'FORM spam' I see people use it to 'inject' many, many
BCC
email addresses, so it's possible that each time I see 1 email 1000's are being sent!I believe that only emails from Freeola domains can be used with your script (haven't tested this myself), can you please confirm that your script is safe from this form of abuse?
Obviously I don't want it to look as if my website is producing spam to the outside world, and I'm sure Freeola won't want their mail servers abused either.
Many Thanks.
The most likely situation is as you've stated some bot is spamming you using the form script online. We are looking into other ideas like security images to try and remove this issue but I'm afraid I do not have a time frame at present.
> The script is based on Jack's Formmail but has been modified. We
> are reasonably sure that it is not vulnerable to this attack as
> the e-mails are sent through our smtp servers and not directly
> from the web server.
>
> However as the script was written a while ago, we will double
> check this with our technical team and post back when we find
> out.
I'm aware of the recent 'form_mail' problems, and wondered if Freeola have checked their script incase it's being used to produce spam - BW20 reported this was going to take place a while back but this thread hasn't been updated with the outcome. If the script is being hijacked to produce spam it may explain the recent problems?
I've had some strange emails from one of my site's 'form_mail' scripts today. Instead of the normal subject and from address which would normally always be the name taken from my site's code - these emails show the from address to be: [email protected] and the content in the note is spam from a Russian address.
Thanks in advance.
However as the script was written a while ago, we will double check this with our technical team and post back when we find out.
I'm not quite sure what you mean when you say "Our e-mail form does not pass code from any of the fields, it merely copies the data as a whole and e-mails it on to whoever you specified when you set up the form."
From my point of view the data from the each defined field is passed on to the script.
Digging around some more, I see you are actually using Jack's Formmail.php 4.1b - on Jacks Formmail site (the script hasn't been supported for a couple of years) he mentions this under the BCC field:
Field: Bcc
Description: This variable allows you to specify to whom you wish for your form results to be Blind Carbon Copied to. For Multiple Recipients seperate the email addresses with commas.
[B]Due to a storm of problems related to scum abusing peoples formmail.php installations[/B], I now recommend this option to all formmail users.
The most hopeful thing I've read is in your support page for the Formmail, where you state:
"Recipients- Next you will need to set the recipient e-mail address; for anti-spamming reasons this must be an e-mail address hosted on the Freeola servers."
So hopefully this will stop any spam getting out.
But you may like to test this to make sure so that Freeola don't get blacklisted etc.
The spam attack isn't carried out by completing the Form but by directly referencing the script and 'injecting' the BCC data. As the address to formmail on ALL Freeola sites is the same, a spammer doesn't need to find the page using a search engine.
I'm happy if you are, but I thought I would bring this to the attention of Freeola.
The forms are found by querying search engines with specific phrases like "contact us" etc. The best way to minimise the amount of attackers who find your form is to place it on a seperate page on your site and then change the Meta Tags so that this page is not indexed in any search engines. That way, no-one will be able to find the form by using a search engine, but it won't effect the rest of your site.
Recently one of my sites has started to receive was is commonly referred to as FORM spam. This is where someone malicious has found my contact FORM and started to use the script to generate spam.
I only receive the 1 email each time they target me (as if someone had filled in my feedback FORM), but reading up about 'FORM spam' I see people use it to 'inject' many, many
BCC
email addresses, so it's possible that each time I see 1 email 1000's are being sent!I believe that only emails from Freeola domains can be used with your script (haven't tested this myself), can you please confirm that your script is safe from this form of abuse?
Obviously I don't want it to look as if my website is producing spam to the outside world, and I'm sure Freeola won't want their mail servers abused either.
Many Thanks.