Apparently I was wrong about "a vulernability is being exploited on the
top-level script." Criss, who helped me upgrade to the latest version of
PmWiki, tells me:
The way the mailform works, people *can't* get your email address.
Your email address is in the config file, not anywhere a spammer
could get to it.
But after the upgrade, I'm still getting about 15 spams each day. Here's
an example:
<a href="http://www.spazioforum.it/forums/cayman.html";>viagra online</a> [url=http://www.spazioforum.it/forums/cayman.html]viagra online[/url] <a href="http://www.spazioforum.it/forums/gtcup.html";>buy levitra</a> [url=http://www.spazioforum.it/forums/gtcup.html]buy levitra[/url] <a href="http://www.spazioforum.it/forums/carrera.html";>viagra cheap</a> [url=http://www.spazioforum.it/forums/carrera.html]viagra cheap[/url] <a href="http://www.spazioforum.it/forums/cayenne.html";>buy generic viagra</a> [url=http://www.spazioforum.it/forums/cayenne.html]buy generic viagra[/url] <a href="http://www.spazioforum.it/forums/boxster.html";>generic cialis</a> [url=http://www.spazioforum.it/forums/boxster.html]generic cialis[/url] cnk7inl180cn9n9
-------------------------------------------/*
**This message was sent by the PmWiki MailForm at Comment.Home*/
But http://progressiveresourcecatalog.org/index.php/Comment.MailformWh
no longer exists. I deleted it and substituted "To contact the
Progressive Resource Catalog, send email to Wade Hudson, whudson AT igc
DOT org." (See
http://progressiveresourcecatalog.org/index.php/Comment.Home). How can I
be getting spam from a mailform that is no longer on my site?
Using Thunderbird, I filter that spam into my Junk mail folder and
periodically delete them. So it's no real problem for me and my web host
no longer seems worried about a more serious vulnerability.
But this spam remains a curiosity that may be of interest to others and
may be a problem that we can solve somehow. Could the spammers have
captured what they need to use the mail form even though that page is no
longer on the site?
Should I update my comments.php or my mailform recipe (they're both old)?
Thanks,
Wade
[EMAIL PROTECTED] wrote:
On Thu, 21 Dec 2006, Wade Hudson wrote:
Dear pmwiki users:
On my site, a vulernability is being exploited on the top-level
script. About ten times a day, I receive spam that includes a number
as the username and then has "@users.hostname.net" as the domain name.
I'm not to clear on the details here. Are you saying that pmwiki.php
is being used to send spam?
/Christian
------------------------------------------------------------------------
_______________________________________________
pmwiki-users mailing list
[email protected]
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
_______________________________________________
pmwiki-users mailing list
[email protected]
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
