Printable Version of Topic

Click here to view this topic in its original format

914World.com _ 914World Garage _ OT: darn spammers...

Posted by: Jeroen Feb 28 2006, 08:09 AM

I can understand they grab your e-mail addy anywhere from the net

but now they're even (ab)using http://www.rennware.com/index.php?cont=email on my website...
WTF.gif

any way to stop this?

Posted by: Part Pricer Feb 28 2006, 09:02 AM


I have the same thing going on with my site. I'm not sure that they are just spammers though. I think a lot of them are looking for sites/scripts that are vulnerable to a MySQL injection exploit.


Posted by: drewvw Feb 28 2006, 10:29 AM


tough situation. A simple, draconian approach would be to take down the email form on your site for a bit and hopefully they move onto the next victim. I didn't look at your site though, and this may not be appropriate depending on how critical the functionality is.

another (more complicated) approach would be to implement one of the anti spam mechanisms that require you to type in an alpha numberic code for each submitted request. But again, it all depends on the nature of the form and how much time/effort you want to put in.

just my .02

Posted by: davep Feb 28 2006, 11:50 AM

The thing I find so funny with the spam I get is all the incorrect names it comes with. Sorry, I'm not John Turner, or Arun, or Cathy or any ot the other names. I'm not sure how they get the names so mixed up. Some are other company employees and others are not. My home provider kills all but a few spam coming in. The company provider separates 80% into a spam folder for review.

Posted by: SirAndy Feb 28 2006, 11:54 AM

QUOTE (Jeroen @ Feb 28 2006, 06:09 AM)
any way to stop this?

yupp, simple ...

use the "HTTP_REFERER" server variable to determine if the form data submitted to your script came from your own server or from somewhere else ...

i don't have any PHP example, but here's a ASP code snippet from my server:

CODE
' ---------------------------------------------------------
' check to see if HTTP_REFERER matches our own domain
' this prevents hack attacks from other sites that try
' to submit form data to us
' ---------------------------------------------------------
sub CheckReferer(aPage)

sRef = Request.ServerVariables("HTTP_REFERER")

if (sRef = "") OR (InStr(sRef,Session("HostURL")) <> 1) AND (InStr(sRef,Session("HostURL2")) <> 1) then
 Call SendErrorAndExit("Off-Site Request/Post!<br><br>Your IP and other info has been tracked and our Administrator has been alerted.",aPage,"/index.cfm")
end if
end sub


simply replace "Session("HostURL")" with your own server URL, like "http://www.rennware.com/", note that i'm checking for two possible URLs in my code (http and https) ...

beerchug.gif Andy

Posted by: boboli914@att.net Feb 28 2006, 12:26 PM

I believe AA is getting members email addresses from the sight. I keep getting their spam! ar15.gif stromberg.gif

Posted by: SirAndy Feb 28 2006, 12:51 PM

QUOTE (boboli914@att.net @ Feb 28 2006, 10:26 AM)
I believe AA is getting members email addresses from the sight. I keep getting their spam! ar15.gif stromberg.gif

well, in your case it's *easy*, as you used it as your members name.

that's like handing it to all the spammers on a golden platter ...
unsure.gif Andy

Posted by: boboli914@att.net Feb 28 2006, 02:32 PM

QUOTE (SirAndy @ Feb 28 2006, 10:51 AM)
QUOTE (boboli914@att.net @ Feb 28 2006, 10:26 AM)
I believe AA is getting members email addresses from the sight. I keep getting their spam! ar15.gif  :stromberg:

well, in your case it's *easy*, as you used it as your members name.

that's like handing it to all the spammers on a golden platter ...
unsure.gif Andy

Actually its not! It used to be at one time,but I did not know how to change it??? unsure.gif

Posted by: SirAndy Feb 28 2006, 02:35 PM

QUOTE (boboli914@att.net @ Feb 28 2006, 12:32 PM)
Actually its not!

well, then how is AA getting your email address off this site ???

confused24.gif Andy

Posted by: boboli914@att.net Feb 28 2006, 02:42 PM

QUOTE (SirAndy @ Feb 28 2006, 12:35 PM)
QUOTE (boboli914@att.net @ Feb 28 2006, 12:32 PM)
Actually its not!

well, then how is AA getting your email address off this site ???

confused24.gif Andy

Possibly through PM or through the classifieds section confused24.gif How the heck do I know! Unless there on the Upholstery Journal website aswell, but I seriously doubt that.

Posted by: jd74914 Feb 28 2006, 04:43 PM

QUOTE (SirAndy @ Feb 28 2006, 03:35 PM)
QUOTE (boboli914@att.net @ Feb 28 2006, 12:32 PM)
Actually its not!

well, then how is AA getting your email address off this site ???

confused24.gif Andy

AA and GPR got mine also somehow. I don't know how/why/where though, as I have never emailed either company nor bought anything from them. Maybe some Evilbay stuff? dry.gif

Posted by: Jeroen Feb 28 2006, 09:16 PM

Thanks Andy, I'll dig into that!

Posted by: campbellcj Mar 1 2006, 12:27 AM

It's kind of old-school but also a lot of spammers still seem to mine Whois listings. I have switched to private listings due to this, but it's too late, I get hammered with spam on my older email accounts especially my main work one. Also never, ever, post classified ads or job listings etc. on a major site with your 'real' email address. For example we use monster.com at work from time to time and I have to set up a separate temporary mail account each time we post ads because they start to get spam within 2-3 days of a job ad going up. It's such an effin' waste of time fighting this crap! mad.gif More than 15% of the incoming mail on my work server is spam these days...

Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)