Re: [exim] Acl to help prevent spam from insecure php mail f…

Top Page
Delete this message
Reply to this message
Author: Stephen Gran
Date:  
To: exim-users
Subject: Re: [exim] Acl to help prevent spam from insecure php mail forms
On Tue, Feb 07, 2006 at 02:46:30PM +0000, Terry said:
> Does any one have any ideas to help block insecure php mail forms. Lots
> of spammers some how to seem to inject a flood of address into the bcc.
> I have set a bcc limit but was wondering if there was any thing else to
> be done rather than depend on the writers of such forms.
> It would also give less over head than using mod_security on apache.
> Thanks


chmod -x /path/to/php

Failing that, fix the forms.

Failing that, you can set up an acl statement (both non-smtp and smtp,
depending on how php sends the mail) to look at the ident of the sender,
and if it matches your web server, error on more than some number of
recipients.
--
--------------------------------------------------------------------------
|  Stephen Gran                  | "We don't have to protect the           |
|  steve@???             | environment -- the Second Coming is at  |
|  http://www.lobefin.net/~steve | hand." -- James Watt                    |

--------------------------------------------------------------------------