Hi Robert - Thanks for the reply, yes of course let me explain a bit more.
While checking our sent mail logs, logged by coldfusion, we noticed emails were being sent out that was not directly sent through our own pages. Spam emails that were sent to different outside emails. So we can see that spam emails were sent outbound, but as of yet, we have no source of where they're coming from (ie. which pages are compromised). >From what I've been researching, one way this is done by email inject - where >they use form submissions to inject their own coldfusion code to form their >own 'cfmail' sends. >http://www.asadesigner.com/13-coldfusion/07d6a249de5791e6.htm Please let me know if you need additional info > Can you explain a bit more what you mean by email injection attack? > Do you mean someone is spamming forms that generate forms email, or is > someone using some application you have to generate spam? Can you > provide a slightly better explanation of what's happening? > > > Robert Harrison > Director of Interactive Services > > Austin & Williams > Advertising I Branding I Digital I Direct > 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 > T 631.231.6600 X 119 F 631.434.7022 > http://www.austin-williams.com > > Blog: http://www.austin-williams.com/blog > Twitter: http://www.twitter. com/austin_ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:359131 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
