[ic] spamming with IC contact form?
danb at championshipproductions.com
Fri Apr 1 14:35:24 EST 2005
Mike Heins wrote:
>Quoting Dan Bergan (danb at championshipproductions.com):
>>I received a suspicious "bounce" message today and it looks like someone
>>used my IC contact form to send spam.
>>I use the contact form from the Foundation catalog. The form allows
>>input fields for a customer's name, email address, phone number and a
>>message. It looks like the form submission was crafted so that email
>>address field contained much more information.
>>I found the session and the "email address" field contained the following:
>>From: (email address deleted)
>>To: (email address deleted)
>>BCC: (email address deleted)
>>Content-Type: multipart/mixed; boundary=cckdvsl
>I am not aware that we have had such a form in the distributed foundation
>since 4.6. Do you have a page name or URL that says where this is?
The form is in the "pages" directory and it is called contact_form.html
My version of IC is 5.2, but I originally installed 5.0. I have a
catalog that has been pretty much left "as-is" that I use for some
testing, and the "contact_form.html" is in there.
More information about the interchange-users