fine whine

It would seem that I have joined some sort of elite cadre of website operators, those attacked by a certain blasterattacko@aol.com (I'll call him/her/it/them BA henceforth just because it's a silly name). This BA is very prolific, defiling forums, guestbooks and formmail contact pages all over the web, presumably searching for open mail relays that can be exploited for spamming. The fact that BA shows up on so many guestbooks and bulletin boards would seem to imply that the attacks are in fact automated, probably with some sort of malicious robot searching for common form elements.

Within two days of adding my own contact form I too was hit, but I am not a victim. I'm not using the normal, insecure and easily exploited version of the formmail script but instead a better version from the nms people, primarily because it enabled me to use a hash key for a recipient instead of my email address.

Call me paranoid, but I don't like having my email address in plaintext splashed all over the web, not in this day and age of email harvesting and five dollar CDs of addresses available on eBay. No, I've been there and done that (had my address harvested, not vice versa) and I'm not going to make the same mistake again. I had stupid virus messages (you know, the one with a password-protected zipfile) show up in several boxes, but not all of them, and I'd like to think that means I'm doing something right.

So anyway, go ahead and contact me, but don't expect to do anything else with that page. That means you, BA.