Folks,

PLEASE make sure you are not vulnerable to the mt-send-entry.cgi spam problem, especially if you are running a 2.x version of MT or earlier. I still get over 100 hits from as many IP addresses for that script every day even though I deleted it when the vulnerability was first identified.

Spammers wouldn't be pressing on it so hard if it wasn't paying off for them, so I suspect there are still many installments of MT out there happily sending spam mail out every day by the thousands.

Woody

i get spam in my article comment space. Is this what you mean?

No, I looked for my original posting on this subject last year, but the search feature was unable to find it.

This problem stems from a bug that allowed someone to inject spam email along with several hundred email addresses in to a form that called mt-send-entry. This allows your server to send out hundreds/thousands of spam emails without you knowing about it. The only way I caught it was that I run my own web/mail servers and the spam filters caught the outgoing mail before they were delivered.

The bug was fixed in (I think) version 2.666. Hopefully the bug does not exist in later versions (I deleted mt-send-entry.cgi since I do not use the feature).

Woody

i did have that happen to me but I thought it was a virus on the mail server. So, by this, someone could pose as you and send thousands of emails from your domain?? Bacause that might be my problem after all!

See Concerning Spam for a short discussion on send email abuse.