MrBafner
07-11-2002, 03:10 AM
The latest technique from several mailist organisations use to spam people are taking advantage of unsecure formmails.
We have noticed on our server, the occassional 20,000 hits over a 2 day period on the formmail script.
We then had a look on the overall server and found that over 700,000 requests had been sent to various formmails on the server. I have been conferring with other webmasters and host providers and they also had been attacked several weeks later.
Make sure you update your FormMail to the current script to prevent this from happening on your server. The previous scripts do have a security risk in them, and it is now fixed in the latest of Matts FormMail script.
With most servers only offering 1 gb transfer for the month, it will cost some of you a ****load of money in data transfer fees. Best pre-warn you, as it does seem to be getting rather popular.
We encourage to log all IP address that use your FormMail and hand them to the appropriate people to prevent these people from abusing your right to host your website.
We have noticed on our server, the occassional 20,000 hits over a 2 day period on the formmail script.
We then had a look on the overall server and found that over 700,000 requests had been sent to various formmails on the server. I have been conferring with other webmasters and host providers and they also had been attacked several weeks later.
Make sure you update your FormMail to the current script to prevent this from happening on your server. The previous scripts do have a security risk in them, and it is now fixed in the latest of Matts FormMail script.
With most servers only offering 1 gb transfer for the month, it will cost some of you a ****load of money in data transfer fees. Best pre-warn you, as it does seem to be getting rather popular.
We encourage to log all IP address that use your FormMail and hand them to the appropriate people to prevent these people from abusing your right to host your website.