Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Email spam - possible problem.

Hi Scott,

I just got a spam email this morning. I went to the mail logs and did not see any indication of it being sent. If a spammer uses my script, will all the emails that were sent with his injection show up in the mail log?

Regarding cleaning the email, I am doing that... as least I think I am. Here's the cleaning routines:

<CODE>

if (preg_match(' /[\r\n,;"]/ ', urldecode($_REQUEST['email']))) { // Check for Email Injection in user entered email address.
header("Location: error.php?action=error&error=2");
exit;
}
foreach ($_POST as $key => $value) {
if ($key == 'comments') {
continue;
}
if (preg_match(' /[\r\n,;"]/ ', urldecode($value))) { // Check for Email Injection in everything.
header("Location: error.php?action=error&error=4");
exit;
}
}

</CODE>

As well, you suggest not having the email I receive have the actual sender's email address in the return email spot, but rather have something like this:

To: email@hidden
From: email@hidden

User's input: <user's comments>
User's email: <user's email address>

is that what you are saying? I can see the logic in that.

Mark

----------------------------

On Nov 21, 2006, at 12:01 PM, Scott Reynen wrote:

On Nov 21, 2006, at 12:52 PM, Mark Wheeler wrote:

I've had a couple of spam emails com through one of our web email responses. There is a form on our web site that allows people to send us feedback. I am getting some spam through that form. It is a PHP script which checks for php injection but what I want to know is two things.

1. How do I know if my php injection filter is working and the spam is only being sent to me (web master)?
2. If the spam is only being sent through the form, and they are spamming only one email at a time and it's only coming to me, how can I stop that?

How could you possibly know it's only coming to you if you haven't checked your mail logs yet? Unless you're checking my email, how do you know it's not coming to me? (And if you are checking my email, stop it.)

I'd put my money on the spam being sent via Bcc: headers injected into a From: field you're adding straight from user input, something like this:

mail( 'email@hidden' , 'hand coded subject' , $cleaned_user_submitted_body . 'From: ' . $uncleaned_user_submitted_from_address );

If that $uncleaned_user_submitted_from_address is something like "email@hidden\r\nBcc: email@hidden", you're sending spam to the world, and you can (and should) stop by hand-coding the from address and putting any reply-to address in the body.

Peace,
Scott

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Web-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/web-dev/email@hidden

This email sent to email@hidden 

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Web-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/web-dev/email@hidden

This email sent to email@hidden
References: 
 >Email spam - possible problem. (From: Mark Wheeler <email@hidden>)
 >Re: Email spam - possible problem. (From: Scott Reynen <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.