Eskimo North


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

mailback.cgi




     Another thing to mention, the referrer logged in the full URL of the
domain that is being forged as the originator, ie, if it's socnw.org, the
referrer logged is www.socnw.org, no web page under that, and this is bogus
since the main index.html does not contain a post to mailback.cgi.

     I don't have any bright ideas for how to fix this yet, even if I knew
perl, which I don't.  I thought we could verify that the user is valid, but
this wouldn't work with virtual domains like socnw.org where ALL addresses are
valid; and at best it would just require the spammer pick a valid address to
forge.

     Checking the referrer for a full URL wouldn't work because it could be in
an index.html file.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
 Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting.
   Knowledgable human assistance, not telephone trees or script readers.
 See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874.