Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Formmail nobody@

Discussion in 'E-mail Discussion' started by latpanel, Jul 7, 2005.

  1. latpanel

    latpanel Well-Known Member

    Joined:
    Jan 23, 2004
    Messages:
    134
    Likes Received:
    0
    Trophy Points:
    166
    I use forms to mail in several pages hosted in my server, the forms use formmail.cgi
    Some days ago I've began to receive emails from those forms sent by nobody@host.myserver.com

    The body begins with the word POSTDATA, and all the fields are filled with readable text and %xx codes.

    I have enabled suexec and I configured WHM to avoid nobody sending emails, but these solutions doesn`t function.

    The next solution I aplied was config a blacklist in SpamAsassin and an email filter to discard this messages.
    But I wonder if this spammer could use my formmail to send spam, and I would like to know if this is a hole in formmail, and how to fix it.

    Any help?
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    4
    Trophy Points:
    193
    Location:
    Minneapolis, MN
    I am not sure what version are you using, but in general, Formmail is one of the most insecure scripts. You'll have to get a different, more secure, formmail script. Better yet, use a completely different script.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. latpanel

    latpanel Well-Known Member

    Joined:
    Jan 23, 2004
    Messages:
    134
    Likes Received:
    0
    Trophy Points:
    166
    I use formmail that is in CPanel, the FormMail Version 3.12c1. I thought it was secure, but perhaps I need to change my mind about it

    Thanks
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice