Also, you could start logging the user_agent so you can check them out. You might get lucky and the bot is misreporting a browser or not even trying to mimic a valid user_agent. Then you could just block that agent all together from the site. ..:.:.:.:.:.:.:.:.:.:.:.:.:.:. Bobby Hartsfield http://acoderslife.com
-----Original Message----- From: Figy, Kam [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 06, 2005 12:41 PM To: CF-Talk Subject: RE: Spammers getting at my forms and submitting Are you positive the bounces are from your mail server and someone isnt sending spam using your client's email as a return address? Turn on CF's mail logging and see if the mail actually is going through your server, perhaps. Hth, Kam -----Original Message----- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 06, 2005 7:50 AM To: CF-Talk Subject: RE: Spammers getting at my forms and submitting Thanks Mark... That's what I thought originally, but my client (the one getting the emails) tells me that he's also gotten bounces from AOL, which seems to indicate that the form is actually getting used to send emails as well. I don't mind if the client gets some spam attempts, but if those bastard spammers are using my code and our servers to send out spam, that's a very bad thing. We've got over 700 websites in our cluster and if we somehow get marked as a spam server, that could be disastrous for our company and our clients. <!----------------//------ andy matthews web developer ICGLink, Inc. [EMAIL PROTECTED] 615.370.1530 x737 --------------//---------> -----Original Message----- From: Mark A Kruger [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 06, 2005 9:39 AM To: CF-Talk Subject: RE: Spammers getting at my forms and submitting Andy, It's an email injection attack - generally harmless to cf servers - other than the fact that YOU are receiving emails. Here's a blog post on the topic: http://mkruger.cfwebtools.com/index.cfm?mode=alias&alias=email%20injecti on -Mark -----Original Message----- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 06, 2005 8:49 AM To: CF-Talk Subject: Spammers getting at my forms and submitting I've recently had some attacks on a form which was created by a coworker. Somehow, bots are using a subscription email form to send out spam. They're using a jibberish email address from the domain I'm working with, but somehow sending out emails to AOL users. The client is saying that in addition to their being some crap in the registrations database, they're also getting bounces from AOL with these addresses. a) Has anyone else experienced this? b) What can I do to prevent it? I'd be happy to post the complete code for review if that would help. <!----------------//------ andy matthews web developer ICGLink, Inc. [EMAIL PROTECTED] 615.370.1530 x737 --------------//---------> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:226230 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
