The easiest thing to do is to scan your site code to see what pages contain the cfmail tag. The next thing is to look at your web server logs to see who is requesting those pages. If you allow for the site visitor to specify who the mail is being sent to, then you are opening yourself up to someone sending spam through your site.
On Mon, Aug 18, 2014 at 4:39 PM, G T <tran.ga...@gmail.com> wrote: > > The server itself is our own dedicated webserver, and as for our email > server we're using Microsoft 365 so I do not think the compromise is at > that level. > > I may implement the smtp auth piece to at least mitigate the issue as of > now. > > Thanks for the suggestion! > > >Do you have admin control of this server or is it a shared host? If its > a > >server you control then its a simple matter to lock down the mail server, > >right? Require smtp auth for all senders and then use smtp auth in your > >cfmail statements in your code. That would be just step 1 of a hardening > >process that should have more than this layer to it. > > > >I realize this doesn't bear on your discovery question but if this is > >happening at all it points to a hole in security in at least one place. > >And if its a shared host then the situation may not be in your control in > >the first place. > > > > > > > > > >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:359140 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
