一部で配布されているフォームメールのセキュリティホール、脆弱性を突いた大量メール送信行為が多数確認されております。同行為が確認された場合は、一旦アカウントを停止させていただきます。

こちらで調査いたしましたが、問い合わせ者からの送信されてくるデータのチェックが甘いことにあります。

・送信されてくるデータの改行コード「\n」を削除、もしくは、エスケープせず、そのままsendmailに渡している
・入力データの文字列の長さのチェックをしていない
・問い合わせ者のメールアドレスの入力データの文字列に[,]が含まれることを許可し、かつ、自動返信している

等が、大抵の原因となっております。ご注意ください。

送信されているメールの一部を下記に転載させていただきました。下記の例では、改行と文字列の長さをチェックしていないため、悪意を持った者が入力した余計なヘッダをsendmailに渡す結果になり、Bcc:で指定されたメールアドレス数百個に対してメールを送るような形になっています。メールアドレス部分だけを変更し、連続してCGIにアクセスし、短時間に数万〜20万通程度のメールを送ろうとしています。

Received: (qmail 20302 invoked by uid XXXXXX); 6 Oct 2005 20:15:03 +0900
To: フォームメールで使っているメールアドレス
From: 任意のアドレス
Subject: A drastically undervalued stock, perfectly situated at the perfect time hsctsgea
Message-ID: <3A63.18377@任意のドメイン>
Date: Thu, 06-Oct-2005 11:15:05 GMT
User-Agent: Mozilla Thunderbird 0.8 (Windows/20040913)
X-Accept-Language: en-us, en
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=4QeH37BzZ

--4QeH37BzZ
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

=3CHTML=3E=3C=2FP=3E=3CP ALIGN=3DCENTER=3E=3CFONT SIZE=3D4 PTSIZE=3D12=
=3E=3CB=3EUniversal Property Development Subsidiary Reports Natural Gas=
Production Exceeds Projections =2D Revenue Expected to Be 100=25 Great=
er Than Forecast=3C=2FFONT=3E=3CFONT SIZE=3D3 PTSIZE=3D10=3E=3C=2FB=3E=
=3CBR=3E=3C=2FP=3E=3CP ALIGN=3DLEFT=3E=3CBR=3E=3C=2FP=3E=3CP ALIGN=3DCE=
NTER=3E=3A=3A=3A=3A=3AVERY HOT SECTOR TO INVEST IN=3A=3A=3A=3A=3A=3CBR=3E=
=3C=2FP=3E=3CP ALIGN=3DLEFT=3E=3CBR=3ESYMBOL=3A UPDA=3CBR=3ECurrent =
price=3A =2E445=3CBR=3EProjected Short Term Growth=3A 1=2E00=2B=3CBR=
=3ERating=3A 10 out of 10=3CBR=3E=3CBR=3E=3CBR=3EHOUSTON=2C Oct=2E 4 =2F=
PRNewswire=2DFirstCall=2F =2D=2D Canyon Creek Oil =26 Gas Inc=2E =28A J=
oint Venture of Universal Property Development and Acquisition Corporat=
ion =28OTC Bulletin Board=3A UPDA=29 has expanded its well revitalizat=
ion program on a fast pace and will soon initiate oil and natural gas p=
roduction at its Palo Pinto County Regular Field consisting of 614 acre=
s with 28 wells completed in the Strawn formation in Northern Texas=2E=3C=
BR=3ECanyon Creek has scheduled a field meeting this week with the Rail=
road Commission of Texas to perform the required testing on four of its=
permitted injector wells=2E Canyon Creek will then implement water flo=
od procedures to recover a significant amount of oil remaining in place=
=2E Once the testing is completed=2C the Company can begin oil and natu=
ral gas production from the wells=2E =22Our plans include injecting abo=
ut a thousand barrels of water per day to maximize the effects of water=
flooding=22=2C says Canyon Creek President=2E =22We are excited about =
this field because of the number of producing wells and the relatively =
low lifting cost to produce the oil at 1=2C200 feet=2E Once the water f=
looding procedures take effect=2C we could exceed 1500 barrels of oil p=
er month and 3=2C000 mcfgpm of casinghead gas=2E=22=3CBR=3EOnce these w=
ells are brought on=2Dline=2C it is projected that Canyon Creek will be=
selling nearly 5000 mcf of natural gas per month from only half of its=
current portfolio=2C=22 added Chris McCauley=2C Universal Vice Preside=
nt=2E =22This is in addition to the oil that will be sold to Sunoco at =
a dollar over their posted price=2E This revitalization program is well=
ahead of schedule and producing revenues far exceeding our original es=
timates=2E=22=3CBR=3ECanyon Creek Oil =26 Gas Inc=2E was formed in July=
2005 as a joint venture corporation for the purpose of acquiring curre=
ntly producing oil and gas properties=2C low risk drilling prospects an=
d existing wells in need of state=2Dof=2Dthe=2Dart technology to improv=
e profitability=2E Canyon Creek has in excess of 60 wells located on ov=
er 2=2C000 acres in the Fort Worth basin in its expanding portfolio=2E =
The Company is also evaluating properties for Barnett Shale prospects=2E=
=3CBR=3E=3CBR=3ESYMBOL=3A UPDA=3CBR=3ECurrent price=3A =2E445=3CB=
R=3EProjected Short Term Growth=3A 1=2E00=2B=3CBR=3ERating=3A 10 out o=
f 10=3CBR=3E=3CBR=3E=3CBR=3E=3CBR=3E=3CBR=3E=3CBR=3E=3CBR=3E=3C=2FFONT=3E=
=3CFONT SIZE=3D2 PTSIZE=3D8=3E=3CBR=3ECertain information contained in=
these materials is =22forward=2Dlooking=22 information=2C such as proj=
ections=2C estimates=2C pro formas=2C or statements of intentions=2C ex=
pectations or plans=2E All forward=2Dlooking information is subject to =
known and unknown risks and uncertainties=2C many of which are outside =
of the control of the company=2E Consequently=2C actual results may=2C =
and probably will=2C differ materially from the results contemplated in=
such forward=2Dlooking information=2E Eliptical Marketing Group=2C LLC=
was paid =245=2C000 for this advertisement=2E As with any company=2C n=
othing can ever be guaranteed=2C we simply give the facts and allow the=
investor to make a professional decision=2E =3CBR=3E=3C=2FHTML=3E
--4QeH37BzZ
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable

=3CHTML=3E=3C=2FP=3E=3CP ALIGN=3DCENTER=3E=3CFONT SIZE=3D4 PTSIZE=3D12=
=3E=3CB=3EUniversal Property Development Subsidiary Reports Natural Gas=
Production Exceeds Projections =2D Revenue Expected to Be 100=25 Great=
er Than Forecast=3C=2FFONT=3E=3CFONT SIZE=3D3 PTSIZE=3D10=3E=3C=2FB=3E=
=3CBR=3E=3C=2FP=3E=3CP ALIGN=3DLEFT=3E=3CBR=3E=3C=2FP=3E=3CP ALIGN=3DCE=
NTER=3E=3A=3A=3A=3A=3AVERY HOT SECTOR TO INVEST IN=3A=3A=3A=3A=3A=3CBR=3E=
=3C=2FP=3E=3CP ALIGN=3DLEFT=3E=3CBR=3ESYMBOL=3A UPDA=3CBR=3ECurrent =
price=3A =2E445=3CBR=3EProjected Short Term Growth=3A 1=2E00=2B=3CBR=
=3ERating=3A 10 out of 10=3CBR=3E=3CBR=3E=3CBR=3EHOUSTON=2C Oct=2E 4 =2F=
PRNewswire=2DFirstCall=2F =2D=2D Canyon Creek Oil =26 Gas Inc=2E =28A J=
oint Venture of Universal Property Development and Acquisition Corporat=
ion =28OTC Bulletin Board=3A UPDA=29 has expanded its well revitalizat=
ion program on a fast pace and will soon initiate oil and natural gas p=
roduction at its Palo Pinto County Regular Field consisting of 614 acre=
s with 28 wells completed in the Strawn formation in Northern Texas=2E=3C=
BR=3ECanyon Creek has scheduled a field meeting this week with the Rail=
road Commission of Texas to perform the required testing on four of its=
permitted injector wells=2E Canyon Creek will then implement water flo=
od procedures to recover a significant amount of oil remaining in place=
=2E Once the testing is completed=2C the Company can begin oil and natu=
ral gas production from the wells=2E =22Our plans include injecting abo=
ut a thousand barrels of water per day to maximize the effects of water=
flooding=22=2C says Canyon Creek President=2E =22We are excited about =
this field because of the number of producing wells and the relatively =
low lifting cost to produce the oil at 1=2C200 feet=2E Once the water f=
looding procedures take effect=2C we could exceed 1500 barrels of oil p=
er month and 3=2C000 mcfgpm of casinghead gas=2E=22=3CBR=3EOnce these w=
ells are brought on=2Dline=2C it is projected that Canyon Creek will be=
selling nearly 5000 mcf of natural gas per month from only half of its=
current portfolio=2C=22 added Chris McCauley=2C Universal Vice Preside=
nt=2E =22This is in addition to the oil that will be sold to Sunoco at =
a dollar over their posted price=2E This revitalization program is well=
ahead of schedule and producing revenues far exceeding our original es=
timates=2E=22=3CBR=3ECanyon Creek Oil =26 Gas Inc=2E was formed in July=
2005 as a joint venture corporation for the purpose of acquiring curre=
ntly producing oil and gas properties=2C low risk drilling prospects an=
d existing wells in need of state=2Dof=2Dthe=2Dart technology to improv=
e profitability=2E Canyon Creek has in excess of 60 wells located on ov=
er 2=2C000 acres in the Fort Worth basin in its expanding portf
Subject: 問い合わせフォームより

mail : TheIssueOfTheWeek792@powerlink.com
Subject: A drastically undervalued stock, perfectly situated at the perfect time hsctsgea
Message-ID: <3A63.18377@powerlink.com>
Date: Thu, 06-Oct-2005 11:15:05 GMT
User-Agent: Mozilla Thunderbird 0.8 (Windows/20040913)
X-Accept-Language: en-us, en
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=4QeH37BzZ
bcc: 〜XXXXX@aol.comなどスパム対象のメールアドレスが数百個程度記載〜

--4QeH37BzZ
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

=3CHTML=3E=3C=2FP=3E=3CP ALIGN=3DCENTER=3E=3CFONT SIZE=3D4 PTSIZE=3D12=
=3E=3CB=3EUniversal Property Development Subsidiary Reports Natural Gas=
Production Exceeds Projections =2D Revenue Expected to Be 100=25 Great=
er Than Forecast=3C=2FFONT=3E=3CFONT SIZE=3D3 PTSIZE=3D10=3E=3C=2FB=3E=
=3CBR=3E=3C=2FP=3E=3CP ALIGN=3DLEFT=3E=3CBR=3E=3C=2FP=3E=3CP ALIGN=3DCE=
NTER=3E=3A=3A=3A=3A=3AVERY HOT SECTOR TO INVEST IN=3A=3A=3A=3A=3A=3CBR=3E=
=3C=2FP=3E=3CP ALIGN=3DLEFT=3E=3CBR=3ESYMBOL=3A UPDA=3CBR=3ECurrent =
price=3A =2E445=3CBR=3EProjected Short Term Growth=3A 1=2E00=2B=3CBR=
=3ERating=3A 10 out of 10=3CBR=3E=3CBR=3E=3CBR=3EHOUSTON=2C Oct=2E 4 =2F=
PRNewswire=2DFirstCall=2F =2D=2D Canyon Creek Oil =26 Gas Inc=2E =28A J=
oint Venture of Universal Property Development and Acquisition Corporat=
ion =28OTC Bulletin Board=3A UPDA=29 has expanded its well revitalizat=
ion program on a fast pace and will soon initiate oil and natural gas p=
roduction at its Palo Pinto County Regular Field consisting of 614 acre=
s with 28 wells completed in the Strawn formation in Northern Texas=2E=3C=
BR=3ECanyon Creek has scheduled a field meeting this week with the Rail=
road Commission of Texas to perform the required testing on four of its=
permitted injector wells=2E Canyon Creek will then implement water flo=
od procedures to recover a significant amount of oil remaining in place=
=2E Once the testing is completed=2C the Company can begin oil and natu=
ral gas production from the wells=2E =22Our plans include injecting abo=
ut a thousand barrels of water per day to maximize the effects of water=
flooding=22=2C says Canyon Creek President=2E =22We are excited about =
this field because of the number of producing wells and the relatively =
low lifting cost to produce the oil at 1=2C200 feet=2E Once the water f=
looding procedures take effect=2C we could exceed 1500 barrels of oil p=
er month and 3=2C000 mcfgpm of casinghead gas=2E=22=3CBR=3EOnce these w=
ells are brought on=2Dline=2C it is projected that Canyon Creek will be=
selling nearly 5000 mcf of natural gas per month from only half of its=
current portfolio=2C=22 added Chris McCauley=2C Universal Vice Preside=
nt=2E =22This is in addition to the oil that will be sold to Sunoco at =
a dollar over their posted price=2E This revitalization program is well=
ahead of schedule and producing revenues far exceeding our original es=
timates=2E=22=3CBR=3ECanyon Creek Oil =26 Gas Inc=2E was formed in July=
2005 as a joint venture corporation for the purpose of acquiring curre=
ntly producing oil and gas properties=2C low risk drilling prospects an=
d existing wells in need of state=2Dof=2Dthe=2Dart technology to improv=
e profitability=2E Canyon Creek has in excess of 60 wells located on ov=
er 2=2C000 acres in the Fort Worth basin in its expanding portfolio=2E =
The Company is also evaluating properties for Barnett Shale prospects=2E=
=3CBR=3E=3CBR=3ESYMBOL=3A UPDA=3CBR=3ECurrent price=3A =2E445=3CB=
R=3EProjected Short Term Growth=3A 1=2E00=2B=3CBR=3ERating=3A 10 out o=
f 10=3CBR=3E=3CBR=3E=3CBR=3E=3CBR=3E=3CBR=3E=3CBR=3E=3CBR=3E=3C=2FFONT=3E=
=3CFONT SIZE=3D2 PTSIZE=3D8=3E=3CBR=3ECertain information contained in=
these materials is =22forward=2Dlooking=22 information=2C such as proj=
ections=2C estimates=2C pro formas=2C or statements of intentions=2C ex=
pectations or plans=2E All forward=2Dlooking information is subject to =
known and unknown risks and uncertainties=2C many of which are outside =
of the control of the company=2E Consequently=2C actual results may=2C =
and probably will=2C differ materially from the results contemplated in=
such forward=2Dlooking information=2E Eliptical Marketing Group=2C LLC=
was paid =245=2C000 for this advertisement=2E As with any company=2C n=
othing can ever be guaranteed=2C we simply give the facts and allow the=
investor to make a professional decision=2E =3CBR=3E=3C=2FHTML=3E
--4QeH37BzZ
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable

=3CHTML=3E=3C=2FP=3E=3CP ALIGN=3DCENTER=3E=3CFONT SIZE=3D4 PTSIZE=3D12=
=3E=3CB=3EUniversal Property Development Subsidiary Reports Natural Gas=
Production Exceeds Projections =2D Revenue Expected to Be 100=25 Great=
er Than Forecast=3C=2FFONT=3E=3CFONT SIZE=3D3 PTSIZE=3D10=3E=3C=2FB=3E=
=3CBR=3E=3C=2FP=3E=3CP ALIGN=3DLEFT=3E=3CBR=3E=3C=2FP=3E=3CP ALIGN=3DCE=
NTER=3E=3A=3A=3A=3A=3AVERY HOT SECTOR TO INVEST IN=3A=3A=3A=3A=3A=3CBR=3E=
=3C=2FP=3E=3CP ALIGN=3DLEFT=3E=3CBR=3ESYMBOL=3A UPDA=3CBR=3ECurrent =
price=3A =2E445=3CBR=3EProjected Short Term Growth=3A 1=2E00=2B=3CBR=
=3ERating=3A 10 out of 10=3CBR=3E=3CBR=3E=3CBR=3EHOUSTON=2C Oct=2E 4 =2F=
PRNewswire=2DFirstCall=2F =2D=2D Canyon Creek Oil =26 Gas Inc=2E =28A J=
oint Venture of Universal Property Development and Acquisition Corporat=
ion =28OTC Bulletin Board=3A UPDA=29 has expanded its well revitalizat=
ion program on a fast pace and will soon initiate oil and natural gas p=
roduction at its Palo Pinto County Regular Field consisting of 614 acre=
s with 28 wells completed in the Strawn formation in Northern Texas=2E=3C=
BR=3ECanyon Creek has scheduled a field meeting this week with the Rail=
road Commission of Texas to perform the required testing on four of its=
permitted injector wells=2E Canyon Creek will then implement water flo=
od procedures to recover a significant amount of oil remaining in place=
=2E Once the testing is completed=2C the Company can begin oil and natu=
ral gas production from the wells=2E =22Our plans include injecting abo=
ut a thousand barrels of water per day to maximize the effects of water=
flooding=22=2C says Canyon Creek President=2E =22We are excited about =
this field because of the number of producing wells and the relatively =
low lifting cost to produce the oil at 1=2C200 feet=2E Once the water f=
looding procedures take effect=2C we could exceed 1500 barrels of oil p=
er month and 3=2C000 mcfgpm of casinghead gas=2E=22=3CBR=3EOnce these w=
ells are brought on=2Dline=2C it is projected that Canyon Creek will be=
selling nearly 5000 mcf of natural gas per month from only half of its=
current portfolio=2C=22 added Chris McCauley=2C Universal Vice Preside=
nt=2E =22This is in addition to the oil that will be sold to Sunoco at =
a dollar over their posted price=2E This revitalization program is well=
ahead of schedule and producing revenues far exceeding our original es=
timates=2E=22=3CBR=3ECanyon Creek Oil =26 Gas Inc=2E was formed in July=
2005 as a joint venture corporation for the purpose of acquiring curre=
ntly producing oil and gas properties=2C low risk drilling prospects an=
d existing wells in need of state=2Dof=2Dthe=2Dart technology to improv=
e profitability=2E Canyon Creek has in excess of 60 wells located on ov=
er 2=2C000 acres in the Fort Worth basin in its expanding portf

最近、メールフォームのセキュリティホールを突いた迷惑メール送信が激増しております。特に、メールフォームの自動返信機能を悪用されているようです。

迷惑メールが送信されている場合、サーバー自体がブラックリストに入る危険性があるため、メールフォームがコンテンツの一部であっても、アカウント自体を凍結させていただかざるを得ない事があります。

ご注意いただければと存じます。