Sign in to follow this  
yanuart

[web] Virus hazard on your website

Recommended Posts

Having a website apparently has its own hazard, lately i've found my webmaster mailbox is full of mails which are also full of virus (trojan, etc). How do you guys protect yourself from this.. this.. i dunno what's the correct word to say it.. it's disaster at its own rate !!! Is it true that those mails won't be dangerous unless you open them ? I'm so worry because I don't know wether my hosting service had provided enough security/antivirus allready and I'm a bit paranoia since I once had a very very bad experience with deadly virus

Share this post


Link to post
Share on other sites
Yes, just delete them as they come in. I get several at my domain, containing all sorts of nasty stuff. I often just let it accumulate for a while and then delete it in one swoop. If you can, get a Virus scanner or Spam filter on your hosting plan which should hopefully take things out before they get to you. There will always be a few rogues through, just make sure you don't run any attachments and if possible, open them without viewing their images and crank up your security for that box (so any objects/scripts) won't be run.

Share this post


Link to post
Share on other sites
The Thunderbird mail client is quite safe regarding email and won't execute any attachments without you asking it to. Opening an email using that client won't damage your system even if it contains a virus. Generally this should be the case for any client but some people have had trouble with Outlook and Outlook Express in the past. If you do need to stick with an MS email client then see if you can increase the security zone of the email to prevent it from using ActiveX components and the like.

You might want to try 'mangling' your email address too, by using javascript or XHTML entities to make it harder to read from the page source, meaning you get less automated spam but humans can still easily contact you.

Share this post


Link to post
Share on other sites
Agreed, if you do put your email address on your site, mangling it is a good practice. It's also a good idea to keep your personal and published addresses separate so you're not being spammed to your personal account.

A quick mangling is done via this script, essentially you're splitting up your email address into stupid chunks which are then reassembled at view time. There's many ways of doing it, but this is a simple one, it encodes the address your_name@yourhost.com


<script language=javascript>
name="com";
name="st."+name;
name="urho"+name;
name="@yo"+name;
name="_name"+name;
name="your"+name;
document.write("<a href=ma"+"il"+"to:"+name+">"+name+"</a>");
</script>


Share this post


Link to post
Share on other sites
I get a ton of spam on my default (domain) e-mail account, and I haven't even used it yet! It's not linked on any of my pages.. I wonder how they got a hold of it. At any rate I hope other accounts I create don't get instantly spammed with e-mail :P

Share this post


Link to post
Share on other sites
I think a lot of spammer use WHOIS searches or lists of registered domains to spam. Chances are that most domain mail will go somewhere, so it makes sense to add a common mail address such as webmaster@yourhost.com to their lists. It's VERY annoying and server-side spam filters are one of the ways you can reduce it.

Share this post


Link to post
Share on other sites
i personally use this as my script


<script language="vbscript" src="Email.vbs />


and in Email.vbs i have

at = "@"
domain = "Hotmail.com"
adress = "Nosuchadress"
pfix = "11"
m = "Mail"
t = "To"
mto = m & t & ":"
eadd = mto & adress & pfix
document.print "<a href=" &eadd & ">Email me here</a>"



And because i just get a new postfix (the 11 in my email adress) whenever i get spam... (which manages to get through the filter [lol])

Needless to say i do not get that much spam... (i started at nosuchadress10 years ago).

From,
Nice coder

Share this post


Link to post
Share on other sites
something just happened.. apparently my email add is sending lots of mail with attachment in it(I can see from the bounce mail that i get). Does this mean that my mail is damaged with virus ?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this