UtterlyBoring.com: MT Comment Forms Used for Spam?

site links

:: home
:: mobile
:: rss feed
:: twitter
:: archive
:: donate
:: about
:: bend blogs
:: welcome to bend

advertisements

about

UtterlyBoring.com is produced by Jake Ortman (e-mail, resume), a 31-year-old dad, percussionist, freelance Web designer, IT consultant and jack-of-all-trades computer geek, living in Bend, Oregon. He created this so that his expensive journalism and technology degree isn't getting totally wasted. In addition to editing this site in his free time, he is the IT Director and Ad Designer at both Sunray and Discover Sunriver. He has LinkedIn and Facebook profiles if you're trying to stalk him. He will not be posting on Twitter.

Opinions and comments on this site are the opinions of the author, not the author's employer, family, friends or pets.

This site is powered by Movable Type and is hosted by orty.com. Since December 1st, 2002, there have been 5828 entries. Visitors to this blog have posted 19390 comments.

If you're reading this, you have too much time on your hands.

support us

Looking for the NCAA Pick 'em? Head to utterlyboring.com/pickem

« Talk about slow service | Home | Why I love the FOIA »

MT Comment Forms Used for Spam?

I glanced through the MT Support Forums and didn't see anything in regards to this, but I didn't have a whole lot of time to look.

Here's what's happening: Every couple weeks, I'll get a few comments that do this type of thing:

In the author field: "angelrrsmr@aol.comTo: angelrrsmr@aol.comFrom: angelrrsmr@aol.comSubject: kvlP(C87BA01E,author)ZOl"
In the e-mail address field: "angelrrsmr@aol.comTo: angelrrsmr@aol.comFrom: angelrrsmr@aol.comSubject:"
In the URL Field: "http:// angelrrsmr@aol.comFrom: angelrrsmr@aol.comSubject: aw(C87BA01E,url)OY4QK1FA2lmq5DIVMRq28RS0KB Ed WPJEfnH3l7M06xz9."
In the comment field: "body"

Herein lies the problem: When I get my e-mail notification for comments, I notice that the "To:" field not only has my e-mail address, but "angelrrsmr@aol.com". They come out looking like this:

A new comment has been posted on your blog UtterlyBoring.com, on entry
#1602 (Want a really long e-mail address?).
http://utterlyboring.com/[snip]#2531

IP Address: 137.164.143.111
Name: angelrrsmr@aol.com
To: angelrrsmr@aol.com
From: angelrrsmr@aol.com
Subject: kvlP(C87BA01E,author)ZOlL2KUa

bebrrG5sr6xaIp3ejB Ik

So I don't know what else they could be using this for, but I could see this getting exploited.

Anybody else run into this? I've posted this on the MT forums, but feel free to comment here as well.

Posted by Jake on 04/12/04 @ 10:03 AM
Posted in Geekdom | Permalink
Send to digg, facebook, twitter or reddit

What are you doing down here? Don't you have something better to do? Like Go Back To The Top of the page, or even see who created this site? This site is © 2001 - 2010 by the Utterly Boring folks at UtterlyBoring.com. Steal my content, as I probably did, too, just link to my site or the original site. Batteries not included. One size fits all. Not for off-road use. Not for internal use. Do not taunt Happy Fun Ball.

sponsors