[IMC-Tech] Dadaimc sites being exploited
John Milton
john at johnmilton.ca
Thu Nov 23 06:16:58 PST 2006
Hi folks:
This may be a well understood issue here, but just in case it's not...
The Indy CMS "DadaIMC" has a feature which allows users to email copies
of stories to other readers.
Spammers have produced a "bot" which exploits this feature to use the
site as a spam distribution service by adding spam content to the text
block of the email that is sent.
If I had not installed countermeasures the server I run, Illich, which
hosts 7 Dada sites would have been responsible for the distribution of
over 100,000 spam emails during the last 36 hours.
I can't find a switch in the user interface to switch this feature off,
nor am I aware of a patch to insure that the email to be sent is not
spam, so the only thing I was able to come up with was to disable the
code as follows:
In the current version of Dada, 99.3X, the email function is done by a
file called "emailto.php" which will be found in the document root
directory of the site. Replacing that file with something like this
(with same name and permissions) will disable the feature without
breaking the software or flooding the error log file:
----------File follows-----------
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
Due to abuse by spammers this feature is not available at this time.
</body>
</html>
-----------------------------------
I'd really be interested in any better solution to this issue...
--
Peace: John Milton
email: john at johnmilton.ca
Skype name (VoIP): john.e.milton
mobile phone (Canada): 905-537-8472
web: johnmilton.ca
Encrypted email welcome. PGP key on my website
Fingerprint: 40D8 5835 7230 8EE1 E968 1E7A 5CF1 68A6 C0E2 F9DC
More information about the imc-tech
mailing list