[ic] spamming with IC contact form?

Dan Bergan danb at championshipproductions.com
Fri Apr 1 10:24:12 EST 2005


I received a suspicious "bounce" message today and it looks like someone 
used my IC contact form to send spam.

I use the contact form from the Foundation catalog.  The form allows 
input fields for a customer's name, email address, phone number and a 
message.  It looks like the form submission was crafted so that email 
address field contained much more information.

I found the session and the "email address" field contained the following:
From: (email address deleted)
To: (email address deleted)
BCC: (email address deleted)
Content-Type: multipart/mixed; boundary=cckdvsl
X-GUID: 959f8348-c59f-bd69-965d-e19cf43bab12


--cckdvsl
Content-Type: text/html
Content-Transfer-Encoding: base64

Pzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9InV0Zi04Ij8+PE1haWxGb3JtIHhtbG5zOnhzZD0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIElEPSI5NTlmODM0OC1jNTlmLWJkNjktOTY1ZC1lMTljZjQzYmFiMTIiIFRlc3RGYWlsZWQ9IjAiPjxCb2R5Pm12X3Nlc3Npb25faWQ9ZHloMzVSd0ImYW1wO212X2Zvcm1fcHJvZmlsZT1jb250YWN0X2Zvcm0mYW1wO212X3RvZG89cmV0dXJuJmFtcDttdl9uZXh0cGFnZT1jb250YWN0X2Zvcm0mYW1wO212X3Nlc3Npb25faWQ9ZHloMzVSd0ImYW1wO25hbWU9YmVybmFyZGFAc291bC1zdXJmZXIuY29tJmFtcDtlbWFpbD05NTlmODM0OC1jNTlmLWJkNjktOTY1ZC1lMTljZjQzYmFiMTImYW1wO3Bob25lPTgzODIzNTg2NTc0NjczMTU1NTY1JmFtcDttZXNzYWdlPXhlYnhtb2ZlaGw8L0JvZHk+PEZvcm1Vcmw+aHR0cDovL3d3dy5jaGFtcGlvbnNoaXBwcm9kdWN0aW9ucy5jb20vY2dpLWJpbi9jaGFtcC9wcm9jZXNzPC9Gb3JtVXJsPjxSZWZlcmVyVXJsPmh0dHA6Ly93d3cuY2hhbXBpb25zaGlwcHJvZHVjdGlvbnMuY29tL2NnaS1iaW4vY2hhbXAvY29udGFjdF9mb3JtLmh0bWwjPC9SZWZlcmVyVXJsPjxTZW50PjA8L1NlbnQ+PC9NYWlsRm9ybT4=

--cckdvsl--

Can someone give me some suggestions on how I can prevent this?
Thank you,
Dan Bergan





More information about the interchange-users mailing list