JRRZZ.net spamhost
I’m sorry. smtp.jrrzz.net, my poor little smtp server, has become a victim of evil spam syndicates. Spambots have used my contact form to send spam around the internet for a day or two. Luckaly there weren’t many victims. Maybe a few hundred mails were sent. The bots have used mail header injection. Something I didn’t know about. It’s really simple to understand and I’m afraid a lot of other sites are being used to send spam around. The basic idea behind it all is that you send along a newline byte with one of the values in the mail header like the “From:” part. A simple fix is to filter out all the newline bytes from the data you put in your mail headers.
function cleanMail ($data) { return str_replace(array(”\r”, “\n”), ”, $data); }
Just a simple fix in PHP.
Again, my apologies to all the people who have received spam from my postfix box.
Discussion Area - Leave a Comment