I am receiving spam that puzzles me. I use formmail.php on my website. The form has the "recipient" parameter with a list of keys. The formmail has the recipient_array field that translates the keys to actual email addresses. That's all pretty straight forward.
However, I am receiving a lot of spam that "looks" like it came from my form, but doesn't (to test this I put in captcha code - a jpg image with an imbedded number and then a mandatory field for the user to fill in that number and then a javascript function to verify the number in that field). What I am getting are spams with all my form fields filled in with spam --- including the captcha field!!!
That tells me that the spammer is simply copying the form from my web page and using it as a template. That, also, seems straight forward.
What I don't get is how the spammer is getting the actual email addresses when only the keys are on the web page! The real email addresses are buried in the formmail.php code which is on the server.
Can somebody help me understand this? Even better, can somebody tell me how to stop the spammers?
Thanks.
Which version of PHP
Which version of PHP Formmail are you using?
Could you please send me the complete source (it must be the source, not just a forward) of the email containing the spam. What it sounds like is the spammers are doing some type of header injection attack.
Email me at my name, minus the M at boaddrink.com
-Andrew M Riley