YES! I've been getting exactly the same thing from the same email address ([EMAIL PROTECTED]) I reported this to AOL and even gave them my work phone number if they want to call and discuss it but haven't heard a peep.
I've added a check into my form processing, if ANY field has "content-type" or "multi-part" I don't process the form, but instead say I've logged all their information, including their IP, and this has been forwarded to our security department for investigation. I felt like I'm boarding up one window, but may not know there are others the flood waters can come in through. Looks like I need to add a check for that '0a' mentioned in the referenced article (http://securephp.damonkohler.com/index.php/Email_Injection) Les Mizzell wrote: >Thought you folks would like to actually *see* what comes through a form >filled out by one of these bots. Note that there are only 6 form fields >here: Name, Email, Phone, Fax, Address and Message. Check what got put >into the "Address" field, which is the bulk of the message. > > >*********************************************** ><p><strong>I am interested in the [EMAIL PROTECTED]</strong></p> ><strong>Name</strong>: [EMAIL PROTECTED]<br /> ><strong>Email</strong>: [EMAIL PROTECTED]<br /> ><strong>Phone:</strong> [EMAIL PROTECTED]<br/> ><strong>Fax</strong>: [EMAIL PROTECTED]<br /><br /> ><strong>Address</strong>: [EMAIL PROTECTED]<br /> > [EMAIL PROTECTED] >Content-Type: multipart/mixed; boundary="===============0675549753==" >MIME-Version: 1.0 >Subject: 7d1b6022 >To: [EMAIL PROTECTED] >bcc: [EMAIL PROTECTED] >From: [EMAIL PROTECTED] > >This is a multi-part message in MIME format. > >--===============0675549753== >Content-Type: text/plain; charset="us-ascii" >MIME-Version: 1.0 >Content-Transfer-Encoding: 7bit > >yosf >--===============0675549753==-- >, [EMAIL PROTECTED] >Content-Type: multipart/mixed; boundary="===============0675549753==" >MIME-Version: 1.0 >Subject: 7d1b6022 >To: [EMAIL PROTECTED] >bcc: [EMAIL PROTECTED] >From: [EMAIL PROTECTED] > >This is a multi-part message in MIME format. > >--===============0675549753== >Content-Type: text/plain; charset="us-ascii" >MIME-Version: 1.0 >Content-Transfer-Encoding: 7bit > >yosf >--===============0675549753==-- >[EMAIL PROTECTED]<br /><br /> > ><strong>Message</strong>: [EMAIL PROTECTED] ></font> > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:218530 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
