On Wed, Sep 07, 2005 at 09:58:35AM -0400, [EMAIL PROTECTED] wrote:
> > Our largest issue with these web form mail exploits is not really
> > spam-related (in terms of scripts causing our web servers to become spam
> > relays); our clients are receiving these fake forms (obviously generated
> by
>
> Can the script be coded to look for bcc: in a field that shouldn't have it
The best protection is to look for embedded CR or LF characters in
a field that should not contain such characters, like the Subject,
To, From or any other field that would end up in a header. If there
are any, just reject with an error.
You might want to ignore newlines just before the end of string to work
around some buggy browsers.
--
#!perl -wpl # mmfppfmpmmpp mmpffm <[EMAIL PROTECTED]>
$p=3-2*/[^\W\dmpf_]/i;s.[a-z]{$p}.vec($f=join('',$p-1?chr(sub{$_[0]*9+$_[1]*3+
$_[2]}->(map{/p|f/i+/f/i}split//,$&)+97):qw(m p f)[map{((ord$&)%32-1)/$_%3}(9,
3,1)]),5,1)='`'lt$&;$f.eig; # Jan-Pieter Cornet
_______________________________________________
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
