This is a resend. It appears that the mailing list software on sourceforge filters out mail that contains the formmail.cgi signature and it dropped my message which contained a quote of some formmail.cgi output :-)
On Fri, 2002-03-29 at 11:05, dman wrote: > If the spammer can send me the spam, why can't I send > the listme request? Actually, now that I have taken another look at http://dsbl.org/faq-help.html I see that you can. I thought the "specially formatted" message had something in the headers. All it is really needs is the right thing in the message within the first 6 lines. The above link mentions formmail specifically, and as you see in the sample output below the message portion begins in line 5 with the prefix "message:", with the first line that you would have complete control over being line 6. So all you have to do is is follow the example and figure out how to encode newlines in the message in the URL to send a message that looks like the LISTME example at the above link. Notice, though that the example includes space for a cookie. So far I see no mention about how to become a "trusted" submitter and get your cookie. I also see no specific example of the format an "untrusted" submitter would use to submit a LISTME without a cookie. -- sidney The rest of this, beginning with the next non-blank line is what I got back from using the example in the BugTraq security alert, on this resend edited to not really look like it does so this message doesn't get blocked :-) Bxlxw ix txe rexuxt of yoxr feexbaxk foxm. It was subxitxed bx () on Friday, March 29, 2002 at 05:47:14 x-x-----x----x---x---x--x---x----x---x---x---x---------------------------x message: Proof that FormMail.pl can be used to send anonymous spam. x------x-----------------x---------------x-------------x-----------x------x _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
