There is a bottom feeding spammer out there who uses web contact (email)
http forms to send out pump and dump scams. He/she/it is quite
consistent and the amount of reported stock spam from this source is
tremendous. The mailers servicing these forms are seldom if ever on
blocklists, so his delivery rate is near 100%.

The spammer inserts control characters into the "To" field and then puts
a large list of spam victims behind a "BCC:" statement.

Let's force the scammer to use other filterable spam channels: zombies,
Chinese mail systems, etc. by doing the following:

1. Make sure that your web contact email form traps or blocks control
characters (like 'return').

AND / OR :

2. Make sure the mail handler servicing you contact form doesn't
respond to BCC commands. This means sendmail is NOT a good choice here.


Please help get the message out to anyone who deploys web contact forms
and may not be aware of this issue.

Writing in news:alt.www.webmaster,alt.apache.configuration,php.general
From the safety of the Stock Touts Are Merely Scams cafeteria
I Hate Stock Spams <xxx [at] yyy.zzz> said:

> ...
> The spammer inserts control characters into the "To" field and then puts
> a large list of spam victims behind a "BCC:" statement.
>
> Let's force the scammer to use other filterable spam channels: ...

Some of us already have, [s]he seems to have alighted elsewhere. oops.

--
William Tasso

Save the drama
for your Mama.