From: Brian Durham <bdurham@swbell.net>
To: Thomas Porter <txporter@mindspring.com>
Message Hash: f75ccb9631d9599fcc6e3574120c911b310c5152c01490d6837e8d2a5be0fc70
Message ID: <335BF6D3.25FE@swbell.net>
Reply To: <3.0.1.16.19970421165922.43e76ca4@pop.mindspring.com>
UTC Datetime: 1997-04-21 23:23:18 UTC
Raw Date: Mon, 21 Apr 1997 16:23:18 -0700 (PDT)
From: Brian Durham <bdurham@swbell.net>
Date: Mon, 21 Apr 1997 16:23:18 -0700 (PDT)
To: Thomas Porter <txporter@mindspring.com>
Subject: Re: How to pick up email addresses from a feedback form??
In-Reply-To: <3.0.1.16.19970421165922.43e76ca4@pop.mindspring.com>
Message-ID: <335BF6D3.25FE@swbell.net>
MIME-Version: 1.0
Content-Type: text/plain
Thomas Porter wrote:
> I have a technical question:
> Is there another way to do this? Could a third-party spammer, for example,
> capture email addresses posted to such a form?
Having written a few thousand lines of CGI source, I can see a couple of
possible of things happening. First, it could be as innocent as the CGI
program
(the program that acts on the form's data) is hosted at the bbb.com
site.
The person at aaa.com may not have permissions to execute cgi-bin
programs
(or not know how to set them up). I see this as most likely.
Unfortunately, the ultimate answer is in the CGI program at bbb.com ...
it would be nice to see its source to see if it was [horror!] hacked to
e-mail the contents of the form to aaa.com and bbb.com.
Packet-sniffing is always possible [not my area of expertise], but who
would go
to all that trouble just to get e-mail addresses to add to their SPAM
list?
Our hacker friends can probably shed some more light on this also.
Brian
Return to April 1997
Return to “Thomas Porter <txporter@mindspring.com>”