[Gllug] Formmail attempt

Simon Wilcox essuu at ourshack.com
Thu Nov 21 13:14:00 UTC 2002


On Thu, 2002-11-21 at 12:13, rich at annexia.org wrote:
> So I have this in my logs:
> 
> 2002/11/21 12:09:06 4.65.196.108:3118 "GET /cgi-bin/Formmail.pl?email=f2%40aol%2Ecom&subject=www%2Eannexia%2Eorg%2Fcgi%2Dbin%2FFormmail%2Epl&recipient=sendipxx1%40yahoo%2Ecom&msg=w00t HTTP/1.1" 404 0 "-" "Gozilla/4.0 (compatible; MSIE 5.5; windows 2000)"
> 
> What would be the consequences of sending the formulated message back to
> sendipxx1 at yahoo.com?

Darn those spammers. This is an attempt to use an insecure version of
Matt Wright's FormMail script to send an email to a recipient the
website didn't intend.

If it succeeds, then the spammers will use that script to send lots of
spam.

If you were using FormMail, you'd be strongly advised to upgrade it to
the NMS replacements at http://nms-cgi.sourceforge.net/ but as you're
not, it's just another bit of clutter in the log files.

You might want to report the address to Yahoo as a spammer though. They
might shut down the account.

Simon.



-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list