Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > HTML > is my contact email being hijacked?

Reply
Thread Tools

is my contact email being hijacked?

 
 
The Bicycling Guitarist
Guest
Posts: n/a
 
      07-18-2007
I have an .asp contact page, and for nearly a year I've been getting spam to
buy generic prescription drugs such as viagra, xanax and phentermine to name
a few.

I recently thought that perhaps OTHER people are getting spam that LOOKS
like it is coming from my name, but my i.s.p. says that the mail on my
contact page only goes to me.

Still...I wonder. Is there a way to find out if other people are receiving
spam being sent in my name?

My contact page is www.TheBicyclingGuitarist.net/contact.asp thanks


 
Reply With Quote
 
 
 
 
Beauregard T. Shagnasty
Guest
Posts: n/a
 
      07-18-2007
The Bicycling Guitarist wrote:

> I have an .asp contact page, and for nearly a year I've been getting
> spam to buy generic prescription drugs such as viagra, xanax and
> phentermine to name a few.


Sounds like typical spam to me. Apparently, your email address is
somewhere on your web site, someone else's web site, is on the computer
of someone who was infected with a mass mailing worm, is easily
guessable via dictionary attack, or you have used it at an unscrupulous
site that sold it.

Or, you have posted to USENET with it!
Chris @ TheBicyclingGuitarist.net
and it has been scraped by the spambots.

> I recently thought that perhaps OTHER people are getting spam that
> LOOKS like it is coming from my name, but my i.s.p. says that the
> mail on my contact page only goes to me.


It is a simple task to forge the FROM: field in an email, so a spammer
could send to millions using yours as the FROM:. You would get all
bounces for non-existent addresses.

> Still...I wonder. Is there a way to find out if other people are
> receiving spam being sent in my name?


Do you get bounces? Non-delivery messages?

> My contact page is www.TheBicyclingGuitarist.net/contact.asp thanks


(page needs some work to make it match your others.)

<http://www.powerasp.com/>
"Your search for contact form returned no matching documents in our
site."

So how does this script work? Is it secure? Can a spammer inject BCC:
addresses into it? What testing do you/it do before sending the mail to
you?

--
-bts
-Motorcycles defy gravity; cars just suck
 
Reply With Quote
 
 
 
 
J.O. Aho
Guest
Posts: n/a
 
      07-18-2007
he Bicycling Guitarist wrote:
> I have an .asp contact page, and for nearly a year I've been getting spam to
> buy generic prescription drugs such as viagra, xanax and phentermine to name
> a few.
>
> I recently thought that perhaps OTHER people are getting spam that LOOKS
> like it is coming from my name, but my i.s.p. says that the mail on my
> contact page only goes to me.
>
> Still...I wonder. Is there a way to find out if other people are receiving
> spam being sent in my name?


Only by checking the log of the mail server that is used to mail the data from
the basic script.

There are many contact scripts that allows header injection, that way the
spammer can decide who else will get the mail too, but without the log file
you don't know if someone else has got spam from your script. Trying to inject
headers into the script will tell you if it's possible or not to spam others too.


--

//Aho
 
Reply With Quote
 
The Bicycling Guitarist
Guest
Posts: n/a
 
      07-18-2007

"The Bicycling Guitarist" <(E-Mail Removed)> wrote in message
news:SUpni.1123$(E-Mail Removed)...
>I have an .asp contact page, and for nearly a year I've been getting spam
>to buy generic prescription drugs such as viagra, xanax thank you for the
>info, Beauregard T. Shagnasty and J.O. Aho. Yep the page needs work and
>I'll see what I can do to improve it's appearance. I didn't do any testing
>about the script except to see if it would send mail to me. I have learned
>a lot (compared to when I started) about html/css the past few years by
>posting and lurking in these newsgrouups, but I am still basically a newbie
>compared to some of you regulars. Thank you again for all you do for
>others.



 
Reply With Quote
 
The Bicycling Guitarist
Guest
Posts: n/a
 
      07-18-2007

"Beauregard T. Shagnasty" <(E-Mail Removed)> wrote in message
news:rRqni.330838$(E-Mail Removed)...
> The Bicycling Guitarist wrote:
>
>> I have an .asp contact page, and for nearly a year I've > Or, you have
>> posted to USENET with it!

> Chris @ TheBicyclingGuitarist.net
> and it has been scraped by the spambots.
>


> It is a simple task to forge the FROM: field in an email, so a spammer
> could send to millions using yours as the FROM:. You would get all
> bounces for non-existent addresses.
>
>> Still...I wonder. Is there a way to find out if other people are
>> receiving spam being sent in my name?

>
> Do you get bounces? Non-delivery messages?
>


I don't get bounces as a rule. I have received some, like maybe 1 or 2 in a
six-month period, where I was NOT the one who sent the message that bounced
even though it said it was from me. It has happened, but not a lot and not
recently.



www.TheBicyclingGuitarist.net/contact.asp thanks
>
> (page needs some work to make it match your others.)
>


> So how does this script work? Is it secure? Can a spammer inject BCC:
> addresses into it? What testing do you/it do before sending the mail to
> you?

I have NO idea how it works. That's why I used somebody else's script
instead of writing one. Ewww I just noticed <font> tags. omg, this is the
ONLY page on my web site that still uses those.

I'd love to bring this up to xhtml 1.0 strict standards to match the rest of
my site. I am not intrepid regarding my abilities to do so however.

If you or anyone else knows of a better contact form that I could use, feel
free to suggest it. OR if you can tell me what to do to improve the one I
have, I'd appreciate the help.

Ewww <font> tags...


 
Reply With Quote
 
Jim Moe
Guest
Posts: n/a
 
      07-18-2007
The Bicycling Guitarist wrote:
>
> My contact page is www.TheBicyclingGuitarist.net/contact.asp thanks
>

There are some spambots that fill in such forms usually with loads of
additional strings to hijack the form.
What kind of server-side tests are you applying to the incoming data?
For instance, the Subject field could be

"Ha-ha! Gotcha!\nBCC: http://www.velocityreviews.com/forums/(E-Mail Removed), (E-Mail Removed)"

Without proper vetting the message is not only sent to you but to addr1
and addr2 as well.

--
jmm (hyphen) list (at) sohnen-moe (dot) com
(Remove .AXSPAMGN for email)
 
Reply With Quote
 
Beauregard T. Shagnasty
Guest
Posts: n/a
 
      07-18-2007
The Bicycling Guitarist wrote:

> I have NO idea how it works. That's why I used somebody else's script
> instead of writing one. Ewww I just noticed <font> tags. omg, this is
> the ONLY page on my web site that still uses those.
>
> I'd love to bring this up to xhtml 1.0 strict standards to match the
> rest of my site. I am not intrepid regarding my abilities to do so
> however.


Probably you just need to take your template page, and insert the
<form>
...
</form>
where your content normally goes.

Oh wait, I see you are working on that. It already looks a lot better.

> If you or anyone else knows of a better contact form that I could
> use, feel free to suggest it. OR if you can tell me what to do to
> improve the one I have, I'd appreciate the help.


Since your page contact.asp submits to itself, you would have to post
the VBScript source code (probably don't want to do that), or point to
the page where you found it. Then maybe someone who uses VBScript could
have a look at it. I use PHP and write my own.

> Ewww <font> tags...


Yes... <g>

--
-bts
-Motorcycles defy gravity; cars just suck
 
Reply With Quote
 
nice.guy.nige
Guest
Posts: n/a
 
      07-19-2007
While the city slept, The Bicycling Guitarist
((E-Mail Removed)) feverishly typed...

> I have an .asp contact page, and for nearly a year I've been getting
> spam to buy generic prescription drugs such as viagra, xanax and
> phentermine to name a few.


You and everybody else...

> I recently thought that perhaps OTHER people are getting spam that
> LOOKS like it is coming from my name, but my i.s.p. says that the
> mail on my contact page only goes to me.


If that is the case, then that is ok. It is quite unlikely that the spammers
are sending emails from your server.

> Still...I wonder. Is there a way to find out if other people are
> receiving spam being sent in my name?


It is perfectly possible for this to happen. It is easy as anything to
"forge" (I put that in quotes because real-world forging is quite a skilled
task) the from address in any email you send out from a script.

A couple of years back, with my PC finally on broadband, I left it on all
the time, and kept my email client running, so I could go out, go to sleep,
whatever, and it would sit there happily downloading my emails. One weekend
I was at my girlfriend's house, then got home and found I had something like
50,000 emails.... they were nearly all bouncebacks to one of the domains I
look after - someone had sent out a load of spam using "forged" accounts on
the domain. I was fairly lazy back then and set up the basic (people's
names) email accounts for the domain and then let the others go to
postmaster, and set up my email client to filter them to, eg, sales, info
etc and put them in the appropriate folder. Straight after this event, I set
up specific accounts and set any mail to unknown users to go to the
blackhole - ie, be nuked, deceased, shuffle off this mortal coil etc.

I strongly recommend you follow this example. For the sake of setting up
explicit email accounts and nuking the rest, you could spend a good part of
your weekend slowly deleting ridiculous amounts of email.

Cheers,
Nige

--
Nigel Moss http://www.nigenet.org.uk
Mail address will bounce. (E-Mail Removed) | Take the DOG. out!
"Your mother ate my dog!", "Not all of him!"


 
Reply With Quote
 
Bergamot
Guest
Posts: n/a
 
      07-20-2007
nice.guy.nige wrote:
>
> I set
> up specific accounts and set any mail to unknown users to go to the
> blackhole - ie, be nuked, deceased, shuffle off this mortal coil etc.


I do the same, but there is a risk of missing legitimate email from
someone who simply made a typo. You may never know about these, unless
said party contacts you again and mentions it. I recently had this
happen with a new client. They got all hot and bothered because I didn't
answer their email. The spouse finally noticed the typo, but I still got
the blame for their mistake. :-\

Just be aware there are drawbacks to defaulting to blackhole. I do think
the good points outweigh the bad, though.

--
Berg
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Java Libray to extract email Contact Only from Outlook file pcouas Java 8 12-18-2010 05:46 PM
Export email contact xspiritualoraclex@gmail.com Python 0 10-29-2008 10:28 AM
contact list on desktop to launch new email message car crash Computer Support 3 12-22-2006 12:36 AM
how do you contact yahoo email people? msi Computer Information 0 04-10-2004 11:15 PM
/coolpier_scripts/contact.asp -- A 'Contact Me' form -- Your thoughts. Brynn Javascript 1 01-19-2004 10:41 PM



Advertisments