Robert Vreeland wrote on Friday, November 18, 2005 11:47 AM: > Hello List, > > One of my client's web site is getting spammed, or something like it. > It appears as though someone is using a script to auto-fill their > email newsletter registration form; every field is being filled in > with the same bogus email address using my client's domain name. For > example: > Email : 245she at clients_domain.com > confirm email : 245she at clients_domain.com > Name : : 245she at clients_domain.com > Address : 245she at clients_domain.com > City: : 245she at clients_domain.com > > etc.. > > Does anyone have any idea what this is meant to do? Are they phishing > for a reply address or seeing if they can get a database error? This is likely an attempt to spam others. http://www.nyphp.org/phundamentals/email_header_injection.php And some discussion: http://lists.nyphp.org/pipermail/talk/2005-September/thread.html (search for "feedback scripts") --- Hans Zaunere / President / New York PHP www.nyphp.org / www.nyphp.com