Just a warning that there are lot's of spammers (?) out there at the moment looking for:

yourdomain.com/cgi-bin/formmail.cgi
or
yourdomain.com/cgi-bin/formmail.pl

And, presumably, if they find it, use it to send out spam.

It started about 8 or 9 days ago, useragents being
either 'Microsoft URL control' (confirmation email going
back to aol.com)

and useragent "Gozilla/4.0"

I'm already banning all MS URL controls from all sites I look after,
I'll add 'Gozilla' as well, unless anyone can give me a reason not
to ban it.

For thos of you who have formmail in cgi-bin, make sure you
only allow local access.

My two cents worth

Cheers, Claude.
http://calmer.com

Also Reference:
http://www.aota.net/forums/showthread.php?s=&threadid=9005

Deb
- Yeppers, it's a problem alright

Thanks Deb,

how I WISH I had time to read all the forums. I just pop up in here every now and then when I think I've got something important for our fellow-sufferers.

BTW, I've emailed one aol user after doing a reverse DNS lookup and told him/her that unless his constant attempts stopped I would have the authorities in whereever it was, (think it was something like Lafayette, I'm an Australian and don't know all your towns [sad] ) and the attempts
stopped within 10 minutes.

He/she hit about 30 sites I look after every 20 minutes or so via MS URL control, hence my reason for banning those useragents.

Cheers, Claude.

Not that I use formmail, but I got two attempts in my logs:
195.223.69.196 - - [20/Aug/2001:02:06:53 -0400] "GET /cgi-bin/formmail.pl?email=digitaldutch@digitaldutch.com&recipient=extractorguy@aol.com&subject=www.digitaldutch.com/cgi-bin/formmail.pl&=www.digitaldutch.com HTTP/1.0" 404 6853 "-" "SSM Agent 1.0"Pretty serious :(

JD