PDA

View Full Version : Spam Abuse Using My Script



surecheck
04-26-2004, 06:33 PM
We recently fell victim to someone using our sendmail-style Perl script to send their own spam off our website, causing Westhost to shut us down. :evil:

Now, due to the large number of spam processed from remote calls through our script I have to either remove the script or protect it somehow using some method of security.

Anybody else experience this? Any suggestions on how to protect the script against outside calls?

wildjokerdesign
04-26-2004, 07:51 PM
This should really be down in the cgi perl area so it may not get that much feedback for you.

It is hard to know what to tell you with out more info. What is the script used for? Are you the only one who uses it? If so then you should be able to password protect a directory and put it in that directory. That is a simplified answer.

You may need to look on the net for a better script that is secure. If we knew what your needs where it might be we could suggest some.

surecheck
04-27-2004, 11:03 AM
Thank you. I was in a panic as westhost shut down my site and didn't see a Perl area :?

It's a simple script that processes incoming information from our contact page. I didn't want to give out direct emails, so the script uses sendmail to email "behind the scenes".

Since last night I've realized I can put a HTTP_REFERRER check to make sure the request is coming from our site. I can also make sure the email is only going to our local emails.

Any further security suggestions are always welcome :lol:

Thanks!

jalal
04-27-2004, 11:25 AM
You are best off you using a well tested script that is generally regarded as secure. Writing your own secure scripts is not easy.

I usually recommend the London Perl Mongers script "NMS FormMail".

HTH

wildjokerdesign
04-28-2004, 08:00 AM
Surecheck,

Looks like one of the moderators moved your post down here to perl/cgi area. :)

I would have to second what Jalal said. The script he mentioned has the same type of securtiy checks as you mentioned in your post about HTTP_REFERRER along with some others. But you do have to make sure to configure it. It may be the script you are using well work fine once you set those security checks. Could even be it is the one Jalal mentioned. Beyound making sure those checks are activated there really isn't anything should need to do. It is always a good idea to know what scripts you are using and to keep track of updates on them. That is the nice thing about using the NMS FormMail since you can be pretty sure this group is going to keep up with changes and post them to thier site.

surecheck
04-28-2004, 09:33 AM
WJD:

Thanks for the heads up. I put a couple of security features on our formmail script and it seems to be working great, including the HTTP_REFERRER and a limiter on who it sends the mail to. Thanks for the heads up. I'm fairly experienced at Perl/JavaScript/PHP/SQL programming, but this one threw me for a loop. Guess there's always something new to learn!

Thanks again.

wildjokerdesign
04-28-2004, 09:43 AM
Are you using the old Matts formmail script? If you are you really should switch to the NMS FormMail script. It is the "fixed" version of Matt's formmail program and offers even tighter security and they say that in the future they hope to add to it's features.

surecheck
04-28-2004, 01:15 PM
I think it is a highly-modified version of Matt's. I will check out the NMS version. Thanks!