[ic] spamming with IC contact form?

Mike Heins mike at perusion.com
Fri Apr 1 14:49:09 EST 2005


Quoting Dan Bergan (danb at championshipproductions.com):
> Mike Heins wrote:
> 
> >Quoting Dan Bergan (danb at championshipproductions.com):
> > 
> >
> >>I received a suspicious "bounce" message today and it looks like someone 
> >>used my IC contact form to send spam.
> >>
> >>I use the contact form from the Foundation catalog.  The form allows 
> >>input fields for a customer's name, email address, phone number and a 
> >>message.  It looks like the form submission was crafted so that email 
> >>address field contained much more information.
> >>
> >>I found the session and the "email address" field contained the following:
> >>From: (email address deleted)
> >>To: (email address deleted)
> >>BCC: (email address deleted)
> >>Content-Type: multipart/mixed; boundary=cckdvsl
> >>X-GUID: 959f8348-c59f-bd69-965d-e19cf43bab12
> >>   
> >>
> >
> >I am not aware that we have had such a form in the distributed foundation
> >since 4.6. Do you have a page name or URL that says where this is?
> >
> > 
> >
> The form is in the "pages" directory and it is called contact_form.html
> 
> My version of IC is 5.2, but I originally installed 5.0.  I have a 
> catalog that has been pretty much left "as-is" that I use for some 
> testing, and the "contact_form.html" is in there.

I don't think that page has been linked to anything for
years, but it would certainly be available to anyone asking
for it in a URL. 

This should go at the top of special_pages/send_contact_form.html to
combat any problem:

[calc]
    $Values->{email} =~ s/^\s+//;
    $Values->{email} =~ s/\s+$//;
    $Values->{email} =~ s/[\r\n].*//s;
    $Values->{name}  =~ s/[\r\n].*//s;
    return;
[/calc]

-- 
Mike Heins
Perusion -- Expert Interchange Consulting    http://www.perusion.com/
phone +1.765.647.1295  tollfree 800-949-1889 <mike at perusion.com>

Prove you aren't stupid.  Say NO to Passport.


More information about the interchange-users mailing list