Mail server hijacked by pornographers.

[coastal]

I've got a simple php mail script on my homepage that allows my potential clients to e-mail me. In the last few days someone has somehow hijacked it and has been sending me 200-400 e-mails a night.

Anyone know of a simple way to solve this?

Here is a sample of the mail header,

[Message from bwbeach home page]
bwbeach@contact.com
to: mike@bwbeach.com

Name: Rhea_aziza@doglover.com
Comments: Can't type it here because it's advertising for porn sites.



As i said I get 200 or more of these a night each with a different NAME: and slightly different comments.


For me it is just annoying but my fear is that they are using my mail server to send this crap out to others as well.

Any solutions?

[pcdoc]

Anyone know of a simple way to solve this?

You will think me a smart*** but simply remove it and replace it with a "clickable", cloaked email address.

[judyo]

This was happening to me about 2 weeks ago. Some kind of mail script was put into place by REW but I don't know what it is. However, in my case the spam was coming through my contact forms as I don't have my e-mail listed.

I've tried using a cloaked e-mail address but I couldn't get it to work for some reason.

[ResaleBroker]

Coastal, most likely what you're encountering is email "spoofing" not "mail server hihacking".

You might consider "encoding" any email addresses displayed on your site. Here are a couple of links that might be of help:
http://automaticlabs.com/products/enkoderform/
http://www.wbwip.com/wbw/emailencoder.html

If you're having problems with "contact form spam" you might consider some form of "image verification" or other deterrent.

[coastal]

I agree with most of what you are saying but I want to keep the contact form as simple to use for my clients as possible.

Giving them my e-mail address means they have to open up whatever mail program they use to send mail.

Even image verification is an added level of "pain in the butt" for my potential clients.

pcdock, I certainly don't think you are a smartA$$ but I do prefer a super simple contact form even if it is a pain for me to have to go in and change the code every now and then.

As my short term solution I may just change the name of my mail.php form.

It should fix my current porn spam at least till this spammer puts the time into figure out the new name...

[ryduh]

This has happened to me before. Check out the first few links here and implement their ideas. It will stop the emails.

http://www.google.com/search?q=php+f...en-US:official

This is also a really good resource: http://www.securephpwiki.com/index.php/Email_Injection

[coastal]

Thanks Ryduh,

The changes you showed me seem to work. I'm back to my pre-level of daily spam from other servers rather than hundreds from my own!

[ryduh]

awesome! glad to know it worked.