On Tue, Feb 07, 2006 at 02:46:30PM +0000, Terry said:
> Does any one have any ideas to help block insecure php mail forms. Lots
> of spammers some how to seem to inject a flood of address into the bcc.
> I have set a bcc limit but was wondering if there was any thing else to
> be done rather than depend on the writers of such forms.
> It would also give less over head than using mod_security on apache.
> Thanks
chmod -x /path/to/php
Failing that, fix the forms.
Failing that, you can set up an acl statement (both non-smtp and smtp,
depending on how php sends the mail) to look at the ident of the sender,
and if it matches your web server, error on more than some number of
recipients.
--
--------------------------------------------------------------------------
| Stephen Gran | "We don't have to protect the |
| steve@??? | environment -- the Second Coming is at |
| http://www.lobefin.net/~steve | hand." -- James Watt |
--------------------------------------------------------------------------