* * * * * How desperate do you have to be to spam someone? This is rich. I'm starting to get a bunch of bounce messages that look like: > From: MAILER-DAEMON@conman.org (Mail Delivery System) > To: apache@brevard.conman.org > Subject: Undelivered Mail Returned to Sender > Date: Tue, 8 May 2007 05:09:17 -0400 (EDT) > > [-- Attachment #1: Notification --] > [-- Type: text/plain, Encoding: 7bit, Size: 0.5K --] > > This is the Postfix program at host brevard.conman.org. > > I'm sorry to have to inform you that your message could not be delivered to > one or more recipients. It's attached below. > > For further assistance, please send mail to > > If you do so, please include this problem report. You can delete your own > text from the attached returned message. > > The Postfix program > > : host mx4.hotmail.com[65.54.244.104] said: 550 > Requested action not taken: mailbox unavailable (in reply to RCPT TO > command) > > [-- Attachment #2: Delivery report --] > [-- Type: message/delivery-status, Encoding: 7bit, Size: 0.4K --] > > Reporting-Mta: dns; brevard.conman.org > X-Postfix-Queue-Id: F272E170C522 > X-Postfix-Sender: rfc822; apache@brevard.conman.org > Arrival-Date: Tue, 8 May 2007 05:09:16 -0400 (EDT) > Final-Recipient: rfc822; porn_dvd_uk@hotmail.com > Action: failed > Status: 5.0.0 > Diagnostic-Code: X-Postfix; host mx4.hotmail.com[65.54.244.104] said: 550 Requested > action not taken: mailbox unavailable (in reply to RCPT TO command) > > [-- Attachment #3: Undelivered Message --] > [-- Type: message/rfc822, Encoding: 7bit, Size: 1.3K --] > > From: sean@conman.org > To: porn_dvd_uk@hotmail.com > Subject: The Boston Diaries Update Notification [1178615356-28614] > Date: Tue, 08 May 2007 05:09:16 EDT > > Thank you for your interest in The Boston Diaries. To start receiving email > notifications of new entries, you will need to reply to this email. You > don't need to do anything other than reply to this email. Once you do that, > you'll be entered into The Boston Diaries Update Database. > > If you have no idea what this email is in reference to, someone submitted > your email address for notification of new entries to my weblog/online > journal (at http://boston.conman.org). If you want to, you can still reply > and get notifications of new entries, but you can also ignore this and > there will be no futher emails from my server. That is, unless someone > submits your email address *again* without your knowledge. > > Sean Conner > Basically, some spammer is trying to spam people using my Obligatory Email Notification form [1], but the form is very basic—only one field is supported and the script generates a precanned email to send (shown above). That part is very basic and I don't see what there is to exploit. Then again, I wrote the code so I know how it works. The spammer (or spammers; it could be multiple people) may be trying to reverse engineer the script. Heck, if they're that curious, I'll send them the code. But to investigate this a bit further, I modified the code to record the request (where it came from, what the spammer is trying to send) so I can figure out what they're actually trying to accomplish. [1] https://boston.conman.org/ Email Sean Conner at sean@conman.org .