Well, it is worse than that. Someone with a script that was looking for an insecure mailer script sniffed my scripts and it is a form collecting information and then sending it to me.
I've been doing a little bit of reading and the way to do it seems to be to make sure that it can only send the form results to the specified email/domain. I'm not sure how to accomplish this. I have a perl script that gathers form results that runs on a bunch of my sites that I wrote, and I have some php scripts that handle this sort of thing too. Help? Marian --- In [email protected], Brandon Smith <[EMAIL PROTECTED]> wrote: > A pretty straightforward approach to securing your script is to make a > simple login system. Modify the mailing script so it will not mail > anything unless you are logged in. You can also put the script in a > directory that is protected with standard http authentication, which > prompts the browser for a username and password. > > Brandon > > Pete wrote: > > >In message <[EMAIL PROTECTED]>, Marian Briones > ><[EMAIL PROTECTED]> writes > > > > > >>HI gang > >>Some evil spammers exploited my server yesterday while I was out > >>playing on my new Harley. They were able to use a mailer script that > >>I use for broadcasting emails to mailing lists and I can't figure out how. > >> > >>What needs to happen to make a 'secure' script where these evil thugs > >>can't do this? > >> > >>Marian > >> > >> > > > >Surely it depends on your script? How do you do things at the moment? > > > > > > > > > -- > --------------------------------- > * Brandon Smith > * programmer / web designer > * http://sproutworks.com Community email addresses: Post message: [email protected] Subscribe: [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] List owner: [EMAIL PROTECTED] Shortcut URL to this page: http://groups.yahoo.com/group/php-list Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php-list/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
