I am a spammer

January 22nd, 2004 § 1 comment

From the series “Things that only your hosting provider can do for you.”

A few weeks ago, some strange e-mails reporting delivery errors started arriving in my inbox. At first, I thought they were a resurgence of an old spam technique of forging mail delivery errors to distribute spam and/or viruses. However, those e-mails didn’t contain any spam message or payload whatsoever. Since they didn’t look like the usual error messages my mail server provides, I didn’t bother with them, thinking they were just the result of a crazy spamming surge meant to fool filters. Of course, I was mistaken in presuming so.

The problem started to become clear when some of the e-mails I sent in the next days returned undelivered and flagged as spam. As I never engaged in such activity, I couldn’t understand how that had happened. But as I share an IP address with other sites, I presumed that one of them had done something that had been considered spam by some blacklist. Anyway, I decided to investigate the issue and soon found the cause of the problem.

As it turned out, the hosting provider I’m using today maps a special CGI path in all sites it hosts, apart from the usual cgi-bin path, which contains a bunch of scripts that can be used by any site to implement some simple functions like contact forms, hit counters, and similar things. But — that’s where the trouble beings — none of those scripts is protected. All of them can be used by anyone, whether they are customers of my hosting provider or not.

From the logs, I found that one of the scripts, a formmail clone, is being constantly used to send small amounts of spam, which resulted in my site being included in some spam blacklists. Also, I also found that some networks have completely blocked access to my IP address — permanently in some cases. To make things worse, I host eleven other domains that are probably marked as spam senders as well.

Needless to say, I’m looking for a new hosting provider — for the fourth time since I started this blog. I’m also considering a change in my primary domain name to avoid future problems, which will be a huge inconvenience.

I guess that will teach me to choose my hosting providers more carefully — and to be willing to pay more for better service.

§ One Response to I am a spammer

  • Mean Dean says:

    yeah, the old /cgi-sbin/formmail trick …

    … I’ve yelled at my own host provider regarding that one.

    Friend of mine just got a dedicated server. Know any linux/apache admin? If so, have I got a deal for you.

What's this?

You are currently reading I am a spammer at Reflective Surface.

meta