Formmail nobody@

**latpanel** · 07-07-2005 11:13 AM

I use forms to mail in several pages hosted in my server, the forms use formmail.cgi
Some days ago I've began to receive emails from those forms sent by nobody@host.myserver.com

The body begins with the word POSTDATA, and all the fields are filled with readable text and %xx codes.

I have enabled suexec and I configured WHM to avoid nobody sending emails, but these solutions doesn`t function.

The next solution I aplied was config a blacklist in SpamAsassin and an email filter to discard this messages.
But I wonder if this spammer could use my formmail to send spam, and I would like to know if this is a hole in formmail, and how to fix it.

Any help?

**AndyReed** · 07-07-2005 11:46 AM

I am not sure what version are you using, but in general, Formmail is one of the most insecure scripts. You'll have to get a different, more secure, formmail script. Better yet, use a completely different script.

**latpanel** · 07-10-2005 12:39 PM

I use formmail that is in CPanel, the FormMail Version 3.12c1. I thought it was secure, but perhaps I need to change my mind about it

Thanks

LinkBack

Thread Tools

Formmail nobody@

FormMail-clone.cgi [was: Security spam hole in cgi-sys/formmail.pl re-write]

FormMail

formmail

mod_security blocking formmail... and formmail SPAM

FormMail