Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Please Help! contact form on my site..


Tjobbe

Recommended Posts

hey evryone

 

The contact form on my site is being used maliciously. I deleted the contact form on the contact page a month ago but it is currently being used to send spam from somehow?

 

Heres what my web host just forwarded onto me, note the bold text.

 

How do i stop this from happening??

 

Thanks in advance.

 

1EkQzA-0006FZ-MU-H

nobody 99 99

<[email protected]>

1134068360 0

-ident nobody

-received_protocol local

-body_linecount 11

-auth_id nobody

-auth_sender [email protected]

-allow_unqualified_recipient

-allow_unqualified_sender

-local

NN [email protected]

2

[email protected]

[email protected]

 

130P Received: from nobody by bumblebee.equentityhost.com with local (Exim 4.52)

id 1EkQzA-0006FZ-MU; Thu, 08 Dec 2005 12:59:20 -0600

049T To: "The Bag N Box Man" <[email protected]>

040 Subject: Enquiry from The Bag N Box Man

013F From: "emvig

047 Content-Type: text/plain; charset=\"us-ascii\"

018 MIME-Version: 1.0

032 Content-Transfer-Encoding: 7bit

056 Subject: well, and give us a very imposing air and that

026* bcc: [email protected]

060I Message-Id: <[email protected]>

038 Date: Thu, 08 Dec 2005 12:59:20 -0600

 

1EkQzA-0006FZ-MU-D

e86f51d202b4eb15e27736e3e5d2f7c6

.

" <[email protected]>

MIME-Version: 1.0

X-Mailer: osCommerce Mailer

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: 7bit

 

 

[email protected]

Link to comment
Share on other sites

hey evryone

 

The contact form on my site is being used maliciously. I deleted the contact form on the contact page a month ago but it is currently being used to send spam from somehow?

 

Heres what my web host just forwarded onto me, note the bold text.

 

How do i stop this from happening??

 

Thanks in advance.

 

Search the forum threads... this has been adressed a million times before so you should find something on this with ease...

 

also check here:

http://www.oscommerce.com/community/contri...arch,contact+us

My Contribution

Music Download Store Template

http://www.oscommerce.com/community/contributions,4275

Link to comment
Share on other sites

Search the forum threads... this has been adressed a million times before so you should find something on this with ease...

 

also check here:

http://www.oscommerce.com/community/contri...arch,contact+us

 

 

I did search, but the site was going sooo sloowly and it was almost at the point where aol wanted to blacklist us so i had to find something quickly.

 

I got this from my hosts tech support:

 

OK, Done it.

 

I found general.php in includes > functions on line 955 or thereabouts.

 

THIS is the correct way:

 

ADD THE FOLLOWING CODE:

 

CODE

 

//Remove any newline and anything after it on the header fields of the mail.

//$to_email_address and $from_email_address are checked with tep_validate_email().

$to_name = preg_replace('/[n|r].*/', '', $to_name);

$email_subject = preg_replace('/[n|r].*/', '', $email_subject);

$from_name = preg_replace('/[n|r].*/', '', $from_name);

 

/CODE

 

DIRECTLY UNDERNEATH:

 

CODE

 

function tep_mail($to_name, $to_email_address, $email_subject, $email_text, $from_email_name, $from_email_address) {

if (SEND_EMAILS != 'true') return false;

 

/CODE

 

IN general.php

 

upload, save a backup copy just incase.

 

Lets hope it works!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...