> The > form-spammer might receive an email confirmation of their submission though, > and I bet they start sending spam to that address. We'll keep an eye on > this and see if it becomes more of a problem. Be shure that you don't have the email adress in any (hidden) form field and that the recieving mailing script will not accept domains from a page. To be shurte, the allowed adresses must be hardcoded in the script! If not it is very easy to create your own "form" and send it to your script. I see formail attacks very often. Many spammers scan for formmail.php ... So use a Intrusion Prefvention System to filter this out (Block all formail.php? with an @ in the parameter... - we use the powerful and cheap Tiny personal Firewall - But I am shure Black ICE for servers will do the same.)
Matti To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
