Anyone else getting these emails?

Is this possibly FormMail related?

It looks like it is trying to use BCC.

cPanel.net Support Ticket Number:

 

Weird emails

I've been getting these as well. Any idea what's happening?

cPanel.net Support Ticket Number:

 

me too, what is this ?

cPanel.net Support Ticket Number:

 

I'm thinking it a virus that is not formatting properly in the e-mail...I've seen virus' come in text format like that.

Secondly, if you are seeing it on servers that had the previous formmail script, is it possible that the spam that went out ended up someones addressbook..they get the virus and it sends back out?

Just a thought, but honestly not sure

cPanel.net Support Ticket Number:

 

getting the same emails as well..

cPanel.net Support Ticket Number:

cPanel.net Support Ticket Number:

 

SPammers!

I, too, have been getting these emails and I have forwarded several to the VO support email address. (I'd use the helpdesk, but once again I cannot get into it.)

I have a sneaky suspicion that these are attempts (hopefuly unsuccessful) of people who are trying to utilize the formmail program to send spam. I read a few other threads in these forums about it, and there was supposed to be a patch that fixed this back in March, but I have been getting these messages on and off for a few weeks now. If you pull up your webstats via Cpanel, and look at the section titled "last 300 visitors" (I think that's what it's called), you can actually match up the suspect individuals access of formmail.pl with the time that the emails were sent to you. Unortunately, it gives me no real info on who they are, although there were a few with IP addresses listed. (Maybe we can block their IP from the site..but that's only a bandaid, and if they're on dialup their IP will change each time they login anyways...)

Not sure what VO is doing to fix this, but I hope they do it soon.
I don't know enough about formmail to fix it myself. And as far as I know, disabling my online html form won't help because I think they are accessing the perl script directly.

-Jeff

cPanel.net Support Ticket Number:

 

I'm getting these too. I think it is because in the latest formmail fix something is screwing up the way spammers exploit the script.

The good news is that the spam isn't going out.

cPanel.net Support Ticket Number:

 

spam

Agreed.

The junkmail (albeit annoying) is better than someone sending spam via my domain and can be filtered out easy enough. Being on a virtual server, I'm not too keen on the whole weblog thing, so I wasn't sure how to tell if the spam was actually being sent or not. I just knew that I was still getting all those weird email messages.

-Jeff

cPanel.net Support Ticket Number:

 

I am getting this too.

Glad to see im not the only one.

It looks like a failed fommail exploit attempt.

Im not expert though, hoping someone can shed more light.

Thanks
Zach

cPanel.net Support Ticket Number:

 

they are sent via formmail but they are not formed correctly.

cPanel.net Support Ticket Number:

 

Helpdesk working on it...

Well, I now have a helpdesk ticket number for this (see above).
I got three more of those weird messages this morning.

I wish there was something we could do to retaliate against these spammers...
something evil...


haha

cPanel.net Support Ticket Number: 31596