I can understand they grab your e-mail addy anywhere from the net
but now they're even (ab)using http://www.rennware.com/index.php?cont=email on my website...
any way to stop this?
I have the same thing going on with my site. I'm not sure that they are just spammers though. I think a lot of them are looking for sites/scripts that are vulnerable to a MySQL injection exploit.
tough situation. A simple, draconian approach would be to take down the email form on your site for a bit and hopefully they move onto the next victim. I didn't look at your site though, and this may not be appropriate depending on how critical the functionality is.
another (more complicated) approach would be to implement one of the anti spam mechanisms that require you to type in an alpha numberic code for each submitted request. But again, it all depends on the nature of the form and how much time/effort you want to put in.
just my .02
The thing I find so funny with the spam I get is all the incorrect names it comes with. Sorry, I'm not John Turner, or Arun, or Cathy or any ot the other names. I'm not sure how they get the names so mixed up. Some are other company employees and others are not. My home provider kills all but a few spam coming in. The company provider separates 80% into a spam folder for review.
QUOTE (Jeroen @ Feb 28 2006, 06:09 AM) |
any way to stop this? |
CODE |
' --------------------------------------------------------- ' check to see if HTTP_REFERER matches our own domain ' this prevents hack attacks from other sites that try ' to submit form data to us ' --------------------------------------------------------- sub CheckReferer(aPage) sRef = Request.ServerVariables("HTTP_REFERER") if (sRef = "") OR (InStr(sRef,Session("HostURL")) <> 1) AND (InStr(sRef,Session("HostURL2")) <> 1) then Call SendErrorAndExit("Off-Site Request/Post!<br><br>Your IP and other info has been tracked and our Administrator has been alerted.",aPage,"/index.cfm") end if end sub |
I believe AA is getting members email addresses from the sight. I keep getting their spam!
QUOTE (boboli914@att.net @ Feb 28 2006, 10:26 AM) |
I believe AA is getting members email addresses from the sight. I keep getting their spam! |
QUOTE (SirAndy @ Feb 28 2006, 10:51 AM) | ||
well, in your case it's *easy*, as you used it as your members name. that's like handing it to all the spammers on a golden platter ... Andy |
QUOTE (boboli914@att.net @ Feb 28 2006, 12:32 PM) |
Actually its not! |
QUOTE (SirAndy @ Feb 28 2006, 12:35 PM) | ||
well, then how is AA getting your email address off this site ??? Andy |
QUOTE (SirAndy @ Feb 28 2006, 03:35 PM) | ||
well, then how is AA getting your email address off this site ??? Andy |
Thanks Andy, I'll dig into that!
It's kind of old-school but also a lot of spammers still seem to mine Whois listings. I have switched to private listings due to this, but it's too late, I get hammered with spam on my older email accounts especially my main work one. Also never, ever, post classified ads or job listings etc. on a major site with your 'real' email address. For example we use monster.com at work from time to time and I have to set up a separate temporary mail account each time we post ads because they start to get spam within 2-3 days of a job ad going up. It's such an effin' waste of time fighting this crap! More than 15% of the incoming mail on my work server is spam these days...
Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)