Snowman
30-01-2006, 11:50 AM
Please read the message below and take action immediately
Please read carefully. This affects you or your clients if you or they are using any type of FormMail script.
In the recent weeks and especially in the recent days, we have seen an increasing amount of abuse of FormMail scripts. What is basically happening is that spammers search the internet for formmail.pl or formamail.php and variations. (they can do this easily by typing eg: http://www.yourdomain.com/cgi-bin/formmail.pl) and then exploiting it with additional code at the end of the URL to send out spam messages to hundreds or often thousands of people.
We have come to the decision that we can no longer be quiet and just let it happen, as there is no real way to protect the servers from being exploited through FormMail until we take action.
Please IMMEDIATELY check your cgi-bin or int eh case of resellers inform your clients to check their accounts cgi-bin or the location where there is a formmail script..
For Perl (.cgi and .pl)
NMS Scripts (http://nms-cgi.sourceforge.net/) has written a secure version of Matt Wright's FormMail called "NMS FormMail". Please download it from http://nms-cgi.sourceforge.net and IMMEDIATELY replace your current FormMail script with it.
Once you have downloaded and installed your new formmail script we require you to change the name of the actual scrip to something inconspicuous, for example instead of having a script called formmail.pl call it joeblogs.pl this will help prevent spammers sniffing out your script.
For PHP (.php)
Jacks Scripts (http://www.dtheatre.com/scripts/) has written a secure version of PHP FormMail. Please download it from http://www.dtheatre.com/scripts/ and IMMEDIATELY replace your current FormMail script with it.
Once you have downloaded and installed your new formmail script require you to change the name of the actual scrip tot something inconspicuous, for example instead of having a script called formmail.php call it joeblogs.php this will help prevent spammers sniffing out your script.
IMPORTANT:
We will allow 48 hours for you and/or your clients to remove these scripts and replace them with the secure versions adn make the necessary name changes. After that, we will be removing any insecure FormMail scripts we find on all servers without any prior notice.
The FormMail in CPanel has also been disabled/removed.
RESELLERS, please contact your clients IMMEDIATELY about this.
We apologize for the inconvenience this may cause you, however these insecure FormMail scripts are causing serious problems, such as high server loads (spiking to 15.00 or 36.00 whenever a spammer is sending a mass-email) as well as potentially causing servers to get blacklisted by spam lists.
If you have any further queries regarding this issue please open a support ticket at the Helpdesk or by posting here
Thank you for your assistance in keeping the servers 'clean' of spammers and at top performance.
Please read carefully. This affects you or your clients if you or they are using any type of FormMail script.
In the recent weeks and especially in the recent days, we have seen an increasing amount of abuse of FormMail scripts. What is basically happening is that spammers search the internet for formmail.pl or formamail.php and variations. (they can do this easily by typing eg: http://www.yourdomain.com/cgi-bin/formmail.pl) and then exploiting it with additional code at the end of the URL to send out spam messages to hundreds or often thousands of people.
We have come to the decision that we can no longer be quiet and just let it happen, as there is no real way to protect the servers from being exploited through FormMail until we take action.
Please IMMEDIATELY check your cgi-bin or int eh case of resellers inform your clients to check their accounts cgi-bin or the location where there is a formmail script..
For Perl (.cgi and .pl)
NMS Scripts (http://nms-cgi.sourceforge.net/) has written a secure version of Matt Wright's FormMail called "NMS FormMail". Please download it from http://nms-cgi.sourceforge.net and IMMEDIATELY replace your current FormMail script with it.
Once you have downloaded and installed your new formmail script we require you to change the name of the actual scrip to something inconspicuous, for example instead of having a script called formmail.pl call it joeblogs.pl this will help prevent spammers sniffing out your script.
For PHP (.php)
Jacks Scripts (http://www.dtheatre.com/scripts/) has written a secure version of PHP FormMail. Please download it from http://www.dtheatre.com/scripts/ and IMMEDIATELY replace your current FormMail script with it.
Once you have downloaded and installed your new formmail script require you to change the name of the actual scrip tot something inconspicuous, for example instead of having a script called formmail.php call it joeblogs.php this will help prevent spammers sniffing out your script.
IMPORTANT:
We will allow 48 hours for you and/or your clients to remove these scripts and replace them with the secure versions adn make the necessary name changes. After that, we will be removing any insecure FormMail scripts we find on all servers without any prior notice.
The FormMail in CPanel has also been disabled/removed.
RESELLERS, please contact your clients IMMEDIATELY about this.
We apologize for the inconvenience this may cause you, however these insecure FormMail scripts are causing serious problems, such as high server loads (spiking to 15.00 or 36.00 whenever a spammer is sending a mass-email) as well as potentially causing servers to get blacklisted by spam lists.
If you have any further queries regarding this issue please open a support ticket at the Helpdesk or by posting here
Thank you for your assistance in keeping the servers 'clean' of spammers and at top performance.