Is this junk input, from a bot filling up a form o

2019-08-25 12:22发布

问题:

So I use PHP and have a contact form on my website. Once users fill up the form and submit, it will shoot an email to me. I have been receiving junk input from bot, I assume, like below. This is the result of print_r($_REQUEST). I removed some parameter for simplicity.

Array
(
   [name] => rycpufrwq
   [email] => raaszg@fqhzdm.com
   [company] => naCuklaLMab
   [website] => http://ujpbfhazkpzv.com/
   [message] => cBimwx  <a href=\"http://pxlahgqmdrhs.com/\">pxlahgqmdrhs</a>, [url=http://sjmbrhkycvbz.com/]sjmbrhkycvbz[/url], [link=http://rddqwgzwvrhv.com/]rddqwgzwvrhv[/link], http://csohvhsvdisc.com/
)

On such request, I don't write to db or anything. I only send an email by calling mail(). Specifically, mail($to,$subject,$body,$headers) where $headers is:

$headers="From:$email_from\r\nBcc:$email_bcc\r\nReply-To:$name<$email>\r\n";

$name is $_REQUEST['name'] and $email is $_REQUEST['email'], but I strip out all "\r" and "\n" if any because they can put "\r\nCc:<a list of emails>" and they would be able to send spam emails using my domain.

However, for an input I mentioned above, I don't see 'newline' under 'email' field. Hence, I assume it is a different kind of attack. Is there something I should be aware of?

回答1:

Hence, I assume it is a different kind of attack.

I doubt it. This doesn't look like an E-Mail injection attack, but a simple run-off-the-mill bot trying to get its content linked in as many places (e.g. comment threads) as possible. That's why the [link] notation is there, to cause the URL to be linked in BBCode.

Except from that it's trash, I can see nothing malicious in the message.

To stop this, as others say, captcha solutions are the most popular way; there are others. See the related questions on SO, e.g. Blocking comment spam without using captcha