If you are using cfmail to send a form submission, check the referrer to make sure that the form is actually posting and not a user with their own script.
One thing we have done is place a log on every script that uses the cfmail tag so we can track the usage independent of client. Sucks if you have A LOT of files using cfmail. But an ounce of prevention.... Mike ----- NOTE: Sorry, i had posted this earlier to the wrong forum =( We are experiencing a problem with a spammer using CFMAIL to send out spam. I don't know if it's a direct customer or someone using email injection on a customer's site. The mail logs only show when, who, where and what was emailed, but I need to figure out who's scripts are being run that is doing this. The CF logs don't help. Is there a way to find out who's abusing the cfmail tag? The only thing I can do is add filters on the mail server to prevent the email from going through, but the spammer just keeps changing his domain name and content. Any ideas on how to fight this? ://www.houseoffusion.com/tiny.cfm/54 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:10:5864 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/10 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:10 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.10 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
