[ic] spamming with IC contact form?
Dan Bergan
danb at championshipproductions.com
Fri Apr 1 10:24:12 EST 2005
I received a suspicious "bounce" message today and it looks like someone
used my IC contact form to send spam.
I use the contact form from the Foundation catalog. The form allows
input fields for a customer's name, email address, phone number and a
message. It looks like the form submission was crafted so that email
address field contained much more information.
I found the session and the "email address" field contained the following:
From: (email address deleted)
To: (email address deleted)
BCC: (email address deleted)
Content-Type: multipart/mixed; boundary=cckdvsl
X-GUID: 959f8348-c59f-bd69-965d-e19cf43bab12
--cckdvsl
Content-Type: text/html
Content-Transfer-Encoding: base64
Pzw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9InV0Zi04Ij8+PE1haWxGb3JtIHhtbG5zOnhzZD0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIElEPSI5NTlmODM0OC1jNTlmLWJkNjktOTY1ZC1lMTljZjQzYmFiMTIiIFRlc3RGYWlsZWQ9IjAiPjxCb2R5Pm12X3Nlc3Npb25faWQ9ZHloMzVSd0ImYW1wO212X2Zvcm1fcHJvZmlsZT1jb250YWN0X2Zvcm0mYW1wO212X3RvZG89cmV0dXJuJmFtcDttdl9uZXh0cGFnZT1jb250YWN0X2Zvcm0mYW1wO212X3Nlc3Npb25faWQ9ZHloMzVSd0ImYW1wO25hbWU9YmVybmFyZGFAc291bC1zdXJmZXIuY29tJmFtcDtlbWFpbD05NTlmODM0OC1jNTlmLWJkNjktOTY1ZC1lMTljZjQzYmFiMTImYW1wO3Bob25lPTgzODIzNTg2NTc0NjczMTU1NTY1JmFtcDttZXNzYWdlPXhlYnhtb2ZlaGw8L0JvZHk+PEZvcm1Vcmw+aHR0cDovL3d3dy5jaGFtcGlvbnNoaXBwcm9kdWN0aW9ucy5jb20vY2dpLWJpbi9jaGFtcC9wcm9jZXNzPC9Gb3JtVXJsPjxSZWZlcmVyVXJsPmh0dHA6Ly93d3cuY2hhbXBpb25zaGlwcHJvZHVjdGlvbnMuY29tL2NnaS1iaW4vY2hhbXAvY29udGFjdF9mb3JtLmh0bWwjPC9SZWZlcmVyVXJsPjxTZW50PjA8L1NlbnQ+PC9NYWlsRm9ybT4=
--cckdvsl--
Can someone give me some suggestions on how I can prevent this?
Thank you,
Dan Bergan
More information about the interchange-users
mailing list