Hi forum,
yesterday i’ve got a notification from the contact form of my website, but absolutely nothing was filled out . The website is made with FW 5.6 pro and the php feedback form (2.3.7), spam trap is activated.
The php feedback form validates the email address by default and i wonder how somebody is able to send it without filling out the e-mail field.
Any ideas?
Tom
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
Latest version is 2.4.5
http://www.freewayactions.com/product.php?id=019
David
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
Hi Thomas,
I’m at a loss how this could happen as the PHP code checks that the data was submitted from your form before it will send the email. I’d be inclined to check the headers of the email with one that you’ve already received to make sure that the email did in fact originate on your server.
Regards,
Tim.
On 7 Aug 2013, at 16:04, Thomas wrote:
The php feedback form validates the email address by default and i wonder how somebody is able to send it without filling out the e-mail field.
Experienced Freeway designer for hire - http://www.freewayactions.com
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
ok, i’ve just updated the action and tried to compare the email headers of the blank one and another mail, send by myself to me. I have no clue how to interpret all that stuff.
Whats the point i have to look for?
Thanx, Tom
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
If you are using Mail if you select the email message and choose View>Message>Long Headers you will see something like this at the top of the email
Subject: The landscape of our dreams will never be seen in our waking life.
From: somebody <email@hidden>
Date: 11 June 2013 02:16:53 GMT+01:00
To: someoneelse <email@hidden>
Return-Path: <email@hidden>
Envelope-To: email@hidden
Delivery-Date: Mon, 10 Jun 2013 21:16:54 -0400
Received: from cdptpa-omtalb.mail.rr.com ([75.180.132.120]:53029) by universe.have-host.com with esmtp (Exim 4.80) (envelope-from <email@hidden>) id 1UmDCf-0005aS-KT for email@hidden; Mon, 10 Jun 2013 21:16:54 -0400
Received: from [67.251.1.5] ([67.251.1.5:55129] helo=[192.168.1.6]) by cdptpa-oedge03.mail.rr.com (envelope-from <email@hidden>) (ecelerity 2.2.3.46 r()) with ESMTP id 86/74-07131-58A76B15; Tue, 11 Jun 2013 01:16:53 +0000
X-Authority-Analysis: v=2.0 cv=ffsvOjsF c=1 sm=0 a=HhgEfJRdy6uHMD0Q5jPtLA==:17 a=9ZEPVqV_fvYA:10 a=N-ik7uvqZRsA:10 a=zTVDa7HKqxcA:10 a=kj9zAlcOel0A:10 a=doupyKFmAAAA:8 a=yiU_iG5FH3YA:10 a=xSMumPMDAAAA:8 a=s2M-5u2lFmF-0JteuJ8A:9 a=CjuIK1q_8ugA:10 a=YQlj6eyMoAIA:10 a=HhgEfJRdy6uHMD0Q5jPtLA==:117
Do that with a genuine one from your server and the hooky one and see what you can see.
D
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
Hi all, i think i have to ask again. My problem is not to display the long header in mail, the problem is to understand the meaning of the entries in the header. I only have noticed that
in the email send by myself the entry " Content-Type: text/plain;charset=utf-8" differs from "text/plain; charset=“ISO-8859-1” in the mentioned strange email and under “Content-Transfer-Encoding: quoted-printable” it’s a difference to “Content-Transfer-Encoding: 7bit” in the strange email. Could this be suspicious? Other entries differ even in the mails i’ve send by myself so that i can’t read more out of this. Meanwhile I’ve got another notification mail from another website i’ve made with the php feedback action. The same thing: the form was sent without filling out anything-not even the email field. What is going on here?
Thanx for all answers, Tom
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
You would be better to let someone with more experience have a look at these emails for you.
It isn’t really down to charsets - more to do with delivery routes/paths.
David
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options