Results 1 to 4 of 4
  1. #1
    Senior Member
    Join Date
    Nov 2003
    Posts
    248

    Default How to know/detect if ppl using my php script to send spam

    I saw some bounced mail only 1 or 2 to state that this mail was not delivered due to non existant email address, could my domain's smtp be used as relay to spam ?
    Since I know the php script/form that I'm using is not secure as formail with the many env_variables set in place.

    Thanks

  2. #2
    Senior Member FZ's Avatar
    Join Date
    May 2003
    Location
    Johannesburg, South Africa
    Posts
    1,024

    Default

    A possible explanation is that the Worms going around these days use addresses harvested from infected users' address books to spoof the From: header - in my case, I'm affected really badly - yesterday I got about 1000 bouncebacks saying mail I sent had a virus in it. Another explanation could be that you yourself are affected - check out http://housecall.trendmicro.com to do a virus scan online (it's free).

    Apart from that, I guess I would have to skim the code of your script to be able to tell (or guess) if it is not very secure.
    Fayez Zaheer

  3. #3
    Senior Member
    Join Date
    Nov 2003
    Posts
    248

    Default

    thanks for the tip, but i know i dont have the virus. Probaly the strange bounceback mails i receive was because it was harvested & used that as a reply mail, while in your case, why did you get back that 1000 bounce mails ? Is it your script ? Mine is rather simple, I'll pm you on it. thanks

  4. #4
    Senior Member FZ's Avatar
    Join Date
    May 2003
    Location
    Johannesburg, South Africa
    Posts
    1,024

    Default

    No problem. Actually, the bouncebacks I get do not have anything to do with a potentially insecure mailer script - it's because my e-mail address has been harvested that I have this problem. It's been like this for over a year now, but using Procmail to filter out the bad mail means it does not harm me (apart from the bandwidth wasted). I suppose the reason I get so many is because of a JavaScript I wrote (Link Fader Script) which has my e-mail address in it, and I guess the worms scan all HTML/JS files on the infected computer too and pick up my address Anyway, I've since changed my address (using a different one now) so it's not a problem. Also, it's not usually this bad (1000 a day), I guess this is just the latest epidemic. After a week or two it dies down (then averages around 250 a day, including spam).
    Fayez Zaheer

Similar Threads

  1. exec(), popen(), etc. for executing a php script
    By Tlanuwa in forum PHP / MySQL
    Replies: 3
    Last Post: 09-18-2006, 06:25 PM
  2. SPAM In General
    By JDE in forum E-mail / FTP Management
    Replies: 31
    Last Post: 06-23-2004, 01:55 PM
  3. PHP script to run a club.
    By Armadillo in forum PHP / MySQL
    Replies: 5
    Last Post: 05-19-2004, 10:17 PM
  4. Spam Abuse Using My Script
    By surecheck in forum CGI Scripts / Perl
    Replies: 7
    Last Post: 04-28-2004, 01:15 PM
  5. send spam to alternate email address
    By dansroka in forum E-mail / FTP Management
    Replies: 5
    Last Post: 03-13-2004, 01:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •