I have a client that has been receiving garbled feedback
from a FP form on their site. It seems to be a constant
only with AOL browser users. An example of the feedback
is below.

Anyone else having issues with this? And if so, did you
find a solution?

Many thanks!

Sample:

Name: (E-Mail Removed)

To: (E-Mail Removed)

From: (E-Mail Removed)

Subject: 62W8hpe(04ECCD8B,Name)X



Xt3NxkZddJrM



..

Is there a URL to the site where we can see this?

--
David Berry - MCP
Microsoft MVP - FrontPage
FrontPage Support: http://www.net-sites.com/sitebuilder/
-----------------------------------
To assist you in getting the best answers for FrontPage support see:
http://www.net-sites.com/sitebuilder/newsgroups.asp
-----------------------------------

"Jackie" <(E-Mail Removed)> wrote in message
news:0a1501c3d46c$4c2c3d30$(E-Mail Removed)...
> I have a client that has been receiving garbled feedback
> from a FP form on their site. It seems to be a constant
> only with AOL browser users. An example of the feedback
> is below.
>
> Anyone else having issues with this? And if so, did you
> find a solution?
>
> Many thanks!
>
> Sample:
>
> Name: (E-Mail Removed)
>
> To: (E-Mail Removed)
>
> From: (E-Mail Removed)
>
> Subject: 62W8hpe(04ECCD8B,Name)X
>
>
>
> Xt3NxkZddJrM
>
>
>
> .
>
>

Sorry about that...

http://www.teletee.com >Contact Us

Thanks.


>-----Original Message-----
>Is there a URL to the site where we can see this?
>
>--
>David Berry - MCP
>Microsoft MVP - FrontPage
>FrontPage Support: http://www.net-sites.com/sitebuilder/
>-----------------------------------
>To assist you in getting the best answers for FrontPage
support see:
> http://www.net-sites.com/sitebuilder/newsgroups.asp
>-----------------------------------
>
>"Jackie" <(E-Mail Removed)> wrote in
message
>news:0a1501c3d46c$4c2c3d30$(E-Mail Removed)...
>> I have a client that has been receiving garbled
feedback
>> from a FP form on their site. It seems to be a constant
>> only with AOL browser users. An example of the feedback
>> is below.
>>
>> Anyone else having issues with this? And if so, did you
>> find a solution?
>>
>> Many thanks!
>>
>> Sample:
>>
>> Name: (E-Mail Removed)
>>
>> To: (E-Mail Removed)
>>
>> From: (E-Mail Removed)
>>
>> Subject: 62W8hpe(04ECCD8B,Name)X
>>
>>
>>
>> Xt3NxkZddJrM
>>
>>
>>
>> .
>>
>>
>
>
>.
>

Sorry Jackie, I don't see anything obviously wrong with the form or
confirmation page. The only issue might be that you're using in-line styles
that may not be supported in AOL. I would suggest creating a blank new page
with just a form on it (no navigation, no styles etc) and seeing if the AOL
users have a problem with that.

--
David Berry - MCP
Microsoft MVP - FrontPage
FrontPage Support: http://www.net-sites.com/sitebuilder/
-----------------------------------
To assist you in getting the best answers for FrontPage support see:
http://www.net-sites.com/sitebuilder/newsgroups.asp
-----------------------------------

"Jackie" <(E-Mail Removed)> wrote in message
news:0b9301c3d471$29ad92e0$(E-Mail Removed)...
> Sorry about that...
>
> http://www.teletee.com >Contact Us
>
> Thanks.
>
>
> >-----Original Message-----
> >Is there a URL to the site where we can see this?
> >
> >--
> >David Berry - MCP
> >Microsoft MVP - FrontPage
> >FrontPage Support: http://www.net-sites.com/sitebuilder/
> >-----------------------------------
> >To assist you in getting the best answers for FrontPage
> support see:
> > http://www.net-sites.com/sitebuilder/newsgroups.asp
> >-----------------------------------
> >
> >"Jackie" <(E-Mail Removed)> wrote in
> message
> >news:0a1501c3d46c$4c2c3d30$(E-Mail Removed)...
> >> I have a client that has been receiving garbled
> feedback
> >> from a FP form on their site. It seems to be a constant
> >> only with AOL browser users. An example of the feedback
> >> is below.
> >>
> >> Anyone else having issues with this? And if so, did you
> >> find a solution?
> >>
> >> Many thanks!
> >>
> >> Sample:
> >>
> >> Name: (E-Mail Removed)
> >>
> >> To: (E-Mail Removed)
> >>
> >> From: (E-Mail Removed)
> >>
> >> Subject: 62W8hpe(04ECCD8B,Name)X
> >>
> >>
> >>
> >> Xt3NxkZddJrM
> >>
> >>
> >>
> >> .
> >>
> >>
> >
> >
> >.
> >

Thanks David. We'll give that a try.

Jackie


>-----Original Message-----
>Sorry Jackie, I don't see anything obviously wrong with
the form or
>confirmation page. The only issue might be that you're
using in-line styles
>that may not be supported in AOL. I would suggest
creating a blank new page
>with just a form on it (no navigation, no styles etc)
and seeing if the AOL
>users have a problem with that.
>
>--
>David Berry - MCP
>Microsoft MVP - FrontPage
>FrontPage Support: http://www.net-sites.com/sitebuilder/
>-----------------------------------
>To assist you in getting the best answers for FrontPage
support see:
> http://www.net-sites.com/sitebuilder/newsgroups.asp
>-----------------------------------
>
>"Jackie" <(E-Mail Removed)> wrote in
message
>news:0b9301c3d471$29ad92e0$(E-Mail Removed)...
>> Sorry about that...
>>
>> http://www.teletee.com >Contact Us
>>
>> Thanks.
>>
>>
>> >-----Original Message-----
>> >Is there a URL to the site where we can see this?
>> >
>> >--
>> >David Berry - MCP
>> >Microsoft MVP - FrontPage
>> >FrontPage Support: http://www.net-
sites.com/sitebuilder/
>> >-----------------------------------
>> >To assist you in getting the best answers for
FrontPage
>> support see:
>> > http://www.net-sites.com/sitebuilder/newsgroups.asp
>> >-----------------------------------
>> >
>> >"Jackie" <(E-Mail Removed)> wrote in
>> message
>> >news:0a1501c3d46c$4c2c3d30$(E-Mail Removed)...
>> >> I have a client that has been receiving garbled
>> feedback
>> >> from a FP form on their site. It seems to be a
constant
>> >> only with AOL browser users. An example of the
feedback
>> >> is below.
>> >>
>> >> Anyone else having issues with this? And if so, did
you
>> >> find a solution?
>> >>
>> >> Many thanks!
>> >>
>> >> Sample:
>> >>
>> >> Name: (E-Mail Removed)
>> >>
>> >> To: (E-Mail Removed)
>> >>
>> >> From: (E-Mail Removed)
>> >>
>> >> Subject: 62W8hpe(04ECCD8B,Name)X
>> >>
>> >>
>> >>
>> >> Xt3NxkZddJrM
>> >>
>> >>
>> >>
>> >> .
>> >>
>> >>
>> >
>> >
>> >.
>> >
>
>
>.
>

I maintain a website with a page that requires a password. I've had to ask
people who use AOL to view that page in IE instead of AOL's built-in
browser. This group has given me suggestions on how to correct this but to
be very honest with you, it's MUCH easier to instruct AOL users to use IE.
Perhaps you need to do the same.

"Jackie" <(E-Mail Removed)> wrote in message
news:0a1501c3d46c$4c2c3d30$(E-Mail Removed)...
> I have a client that has been receiving garbled feedback
> from a FP form on their site. It seems to be a constant
> only with AOL browser users. An example of the feedback
> is below.
>
> Anyone else having issues with this? And if so, did you
> find a solution?
>
> Many thanks!
>
> Sample:
>
> Name: (E-Mail Removed)
>
> To: (E-Mail Removed)
>
> From: (E-Mail Removed)
>
> Subject: 62W8hpe(04ECCD8B,Name)X
>
>
>
> Xt3NxkZddJrM
>
>
>
> .
>
>

"Jackie" <(E-Mail Removed)> wrote ...
> I have a client that has been receiving garbled feedback
> from a FP form on their site. It seems to be a constant
> only with AOL browser users. An example of the feedback
> is below.
>
> Anyone else having issues with this? And if so, did you
> find a solution?
>
> Many thanks!
>
> Sample:
>
> Name: (E-Mail Removed)
>
> To: (E-Mail Removed)
>
> From: (E-Mail Removed)
>
> Subject: 62W8hpe(04ECCD8B,Name)X
>
>
>
> Xt3NxkZddJrM
>
>
>
> .

This is a malicious probe of a contact form. The perpetrator is a
spamer who is trying to determine whether or not the CGI script
can be used to relay spam email.

The address (E-Mail Removed) is a dropbox and the subject line is a
code which identifies the URL which is being tested.

The probe will succeed if the CGI script unwisely trusts the input
data supplied by the user, specifically the string which purports to
be the user's email address, and uses that string verbatim as part
of the headers of an email.

The "email address" string contains several lines, separated by
URL-encoded newline characters, which are valid email header lines.

Thus if the script writes "From: " followed by the string, the email
headers will actually include the lines

From: (E-Mail Removed)
To: (E-Mail Removed)
From: (E-Mail Removed)
Subject: 62W8hpe(04ECCD8B,Name)X

Note the "To:" line, which will deliver the message to the perpetrator's
dropbox in addition to any legitimate addresses specified elsewhere in the
CGI script.

This type of probe is targetted mainly at formmail-like CGI scripts on
Unix systems. I speak from personal experience, having seen this kind
of attack on my own web site. Indeed, (E-Mail Removed) probed my web
site only hours ago.

If your client is using the form as the front end to a feedback
script which sends emails, you should review the security of the script
immediately.

David Harper
Cambridge, England