Comments on: Contact Form and Plugin Form Spam Exploits http://www.telidesign.com/79/contact-form-and-plugin-form-spam-exploits/ Bringing the personality back to web design Sat, 12 Jun 2010 12:30:59 +0000 hourly 1 http://wordpress.org/?v=3.0 By: Lorrin Nelson http://www.telidesign.com/79/contact-form-and-plugin-form-spam-exploits/#comment-10469 Lorrin Nelson Sun, 14 Jan 2007 18:55:25 +0000 http://www.telidesign.com/79/contact-form-and-plugin-form-spam-exploits/#comment-10469 This exploit still exists today in the WordPress email notification plug-in (which hasn't been updated since 2005). I sent a message to Brian Groce alerting him to the issue. I also posted a patch at http://www.nerdylorrin.net/wiki/Wiki.jsp?page=WordPress using an email address validation function from Dave Child (ilovejackdaniels.com). This exploit still exists today in the WordPress email notification plug-in (which hasn’t been updated since 2005). I sent a message to Brian Groce alerting him to the issue.

I also posted a patch at http://www.nerdylorrin.net/wiki/Wiki.jsp?page=WordPress using an email address validation function from Dave Child (ilovejackdaniels.com).

]]> By: Teli http://www.telidesign.com/79/contact-form-and-plugin-form-spam-exploits/#comment-246 Teli Wed, 15 Mar 2006 23:14:10 +0000 http://www.telidesign.com/79/contact-form-and-plugin-form-spam-exploits/#comment-246 Oh gosh Robert, Just finished reading Scott's post and that is insane...can't believe what some people will stoop to. I hope he can get it straightened out quickly enough. Oh gosh Robert,
Just finished reading Scott’s post and that is insane…can’t believe what some people will stoop to.

I hope he can get it straightened out quickly enough.

]]> By: Robert http://www.telidesign.com/79/contact-form-and-plugin-form-spam-exploits/#comment-245 Robert Wed, 15 Mar 2006 22:29:36 +0000 http://www.telidesign.com/79/contact-form-and-plugin-form-spam-exploits/#comment-245 There is also the joe job form of comment spam. Though around since "96 it isn't used much since there isn't any economic advantage to the spammer. Usually used as revenge by a comment spammer with too much time on their hands. Basically one comments in someone else's name in a way that doesn't set off spam triggers but links back to the person your trying to get revenge on. See <a href="http://www.thevirtualhandshake.com/blog/2006/03/10/ive-been-joe-jobbed-need-your-help">Virtual Handshake</a> for an example involving Scott Allen. There is also the joe job form of comment spam. Though around since “96 it isn’t used much since there isn’t any economic advantage to the spammer. Usually used as revenge by a comment spammer with too much time on their hands.

Basically one comments in someone else’s name in a way that doesn’t set off spam triggers but links back to the person your trying to get revenge on. See Virtual Handshake for an example involving Scott Allen.

]]> By: A New Kind of Spam Exploit Using Web Forms - OptiNiche: WordPress Optimization Blog http://www.telidesign.com/79/contact-form-and-plugin-form-spam-exploits/#comment-23 A New Kind of Spam Exploit Using Web Forms - OptiNiche: WordPress Optimization Blog Thu, 15 Sep 2005 17:16:40 +0000 http://www.telidesign.com/79/contact-form-and-plugin-form-spam-exploits/#comment-23 [...] [ It seems Dreamhost didn't like the code in the example, if you want to see an example of the email message as it was delivered to me or wish to see the update, please see this blog entry ] [...] [...] [ It seems Dreamhost didn't like the code in the example, if you want to see an example of the email message as it was delivered to me or wish to see the update, please see this blog entry ] [...]

]]>