i have a feedback form in php on my site "thisismyindia.com" which send the forms detail to my mail box. every thing was working fine all of sudden i am getting some mail with bcc to "charleses3299@aol.com". This mail shows all my html code along with some data. I have searched this e-mail id on google and found 1000+ entries suffering the same. Is any one trying to.... or this is some thing else sample of mail ========================================= Dear sir/Madam, <BR><BR> We have received one Comment on 2006-02-08 at 09:58:14 from she9439@thisismyindia.com.<BR><b>Page</b><a href=http://www.thisismyindia.com/> http://www.thisismyindia.com/ </a><BR>All details are given below:<BR><BR> <tABLE ALIGN=CENTER CELLPADDING=2 CELLSPACING=2 WIDTH=100% style='{font-family:verdana; font-size:11px;}'> <TR><TD BGCOLOR='#F0ECD8' COLSPAN=2><B>DETAILS:</B></TD></TR> <TR><TD>Name:</TD><TD>she9439@thisismyindia.com</TD></TR> <TR><TD>Email address:</TD><TD>dishes Content-Type: text/plain; charset=\\"us-ascii\\" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: certain than bcc: c0a9baac987a29e32a6cddb6dd71f2df . </TD></TR> <TR><TD>query:</TD><TD>she9439@thisismyindia.com</TD></TR> =========================================
Could be another one of those email injection attempts? http://securephp.damonkohler.com/index.php/Email_Injection Google Email Injection for more info
That is what is sounds like - someone is using your contact form to send out spam. How do I stop spammers using header injection with my PHP Scripts? (Webmasters)