Nasir wrote:
After this I added some other email addresses in my DB server but I
sent no email to them at all.This time all email addresses got those
*annoying* e-mails also.
So if I understood correctly, you think someone is reading the e-mail
addresses from your database?
There are many ways to do this:
- There is a virus that reads e-mail addresses from harddrive and sends
atleast itself to those addresses, perhaps same or similar virus could
send spam or other e-mail also. This propably affects you only if you
are a Windows user.
- Someone might have read access to your harddrive, and he/she could
read databasefiles without using the database itself.
- User that has access to database. Unless you are not the root user, it
could be the root user, or someone else that has similar privileges.
- Your database username and password could be too easy for someone to
guess.
- You have leaked the username and password of the database out. For
example password is written to some file which has been readable by
anyone. ( Common issue is that the password is in the php file, and
somewhere at that server someone is using for example php-includes that
take the includable file as a parameter, so that anyone can write the
file they want to include and see php source code and passwords. )
- You allow sql-injections. Which means that with some parameters, users
can commit their own sql queries to your database, for example to see
all e-mail addresses.
- You could have a list of all addresses listed in some page, without
you even knowing it. For example a test page or admin page that you have
forgotten that requires now authentication, or authentication is very poor.
- Something else that I don't know, or what I didn't remember.
So since we have no idea what could be the reason you have to start
eliminating threads. If you can log all queries and find the cause, that
would propably tell a lot. If it tells the username and query that was
committed, it would instantly eliminate a lot of threads. And we know
that someone did get the e-mail addresses fromt here, but there are no
queries to see, we know that someone is reading the database files
without using the database.
Another test (if possible) would be to shut down the http-server (if I
understood correctly and you are using such with your database) and then
try inserting new e-mails. That would perhaps also eliminate some threads.
Also to maximise security, you could encrypt your e-mail addresses when
writing then to database, and decrypt when you need one. Even some
simple algorithm would fool some automated programs like viruses or
search-bots, if they are behind this.