Holy Cow

Oh my gosh, I just downloaded into my email over 1900 messages. Spam from my HW contact form!!

And I’m looking at this and wondering… have they used my contact form to spam other people? This is the first email I have:

—————
feedback form
—————

Name: djif@sporttovary.ru
Content-Type: multipart/mixed; boundary=”===============0859217314==”
MIME-Version: 1.0
Subject: 537fece4
To: djif@sporttovary.ru
bcc: bergkoch8@aol.com
From: djif@sporttovary.ru

This is a multi-part message in MIME format.

–===============0859217314==
Content-Type: text/plain; charset=”us-ascii”
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

zybvoyl
–===============0859217314==–

E-Mail: djif@sporttovary.ru
URL: djif@sporttovary.ru
Checked: djif@sporttovary.ru
Checked: djif@sporttovary.ru
Checked: djif@sporttovary.ru
Checked: djif@sporttovary.ru
Comments: djif@sporttovary.ru
Sender IP Address: 69.118.168.253
—————

Now you see those “checked” fields? Those are those checkboxes. They’re supposed to either be blank or say “yes” or something… certainly not have an email address in them.

And you know – I haven’t gotten any spam at that contact form until now. Then suddenly I download 1900 messages?!?!?!?

Other messages looked like this:

—————
feedback form
—————

Name: sldevass@sozialservice.de
E-Mail: sldevass@sozialservice.de
URL: sldevass@sozialservice.de
Checked: sldevass@sozialservice.de
Checked: sldevass@sozialservice.de
Checked: sldevass@sozialservice.de
Checked: sldevass@sozialservice.de
Comments: sldevass@sozialservice.de
Sender IP Address: 69.118.168.253
——————

It appears that all emails are from 69.118.168.253. I blocked that from my site and renamed the email form files…

Owen says I shouldn’t have sent out any spam but that I should add a feature that only allows so many emails in so many minutes. So I need to figure that out…

Dang spammers.