Protecting email with PHP

cfoley1970 wrote:

I have an online directory of alumni from a high school that runs PHP
with a MySql backend containing contact info, email addresses, etc.
Some of the alumni have begun to complain about receiving spam to their
accounts, some of the spam saying that they "know" them from this site.
I've also had alumni that have created email accounts to specifically
use just for this site, and they've started getting spam as well.
I "thought" I thought of everything, and after reviewing some of the
messages on this forum, my "email abstraction" seems fairly solid:

1. The MySQL database has a lengthy username and password, and will
only accept connections from this web server.
2. The site requires signup, and only alumni from the school may sign
up (list provided by school).
3. The user has to click an activation email to be able to login for
the first time.
3a. No two user's can have the same email address (enforced by PHP and
MySQL).
4. No user can view another user's email address, they can only view
their own.
5. I have a web based email client that only pulls the email address
(based on the sendee's memberid) right before hitting the mail()
function.
6. Users cannot type an email address into the web client, they click a
'send me an email' link on the sendee's profile page to open the
client, and the name of the sendee is in a non-editable field.
7. I do have an admin email function for sending mass mailing to
members. All email addresses are bcc'd (of course) and none of the
offending emails have originated from the site.

So...I've been harvested. Any suggestions / research sites where I can
figure out where I went wrong, and how my database was potentially
cracked.

Any help would be appreciated.

Hi,

Just a guess, because it is very hard to be sure what went wrong.
Maybe they could GUESS the emailadresses based on a OPEN STUDENTLIST.
Suppose you domain is greatschool.com
And on the website there is a list of studentnames.

Adrian Anderson
John Anderson
Willy Berter
etc.

You could try: A.********@grea tschools.com
and
J.********@grea tschool.com
W.******@greats chool.com
etc.

and a few other variants.

Is this a possible scenario?

Regards,
Erwin Moller

Hey Erwin, thanks for the reply....

To answer your question, the alumni emails on file are their personal
emails. Anything from jsmith...@hotma il to w.ber...@somedo main.net,
etc. The site is sort of a poor man's classmates..com thing
specifically for the school.

After thinking about it, the one way to get the email address from
members is to have a member send you an email....I do include their
reply address in the email. Seems that this would still be a hard way
to compile a list of members tho.

"cfoley1970 " <fo***@feelthef low.com> wrote in
news:11******** **************@ o13g2000cwo.goo glegroups.com:

I have an online directory of alumni from a high school that runs PHP
with a MySql backend containing contact info, email addresses, etc.
Some of the alumni have begun to complain about receiving spam to their
accounts, some of the spam saying that they "know" them from this site.
I've also had alumni that have created email accounts to specifically
use just for this site, and they've started getting spam as well.
I "thought" I thought of everything, and after reviewing some of the
messages on this forum, my "email abstraction" seems fairly solid:

I agree. My guess is that worms and malware are more to blame for the
spam than your site is.

1. User creates new email address to use with your site.

2. User sends email back and forth to a few fellow alums, they wind up
with his new email address in their inboxes, and perhaps their address
books.

3. One of them gets infected with a worm, which starts sending copies of
itself all over the place, some of them with the original user's email
forged as the "From" address.

From here, it just gets messy. Some of the recipients of the worm are
also infected with other worms, which forge copies of themselves, etc. ad
nauseum, spreading the original user's innocent email address from here
to kingdom come. The worst is when one of the worms sends itself to a
mailing list, forges itself from the innocent address, then the innocent
address winds up on the web somewhere in a mailing list archive. I've had
addresses wrecked within a matter of days in this manner several times.

It's sort of like the old safe sex mantra from the 80's, "Every time you
email someone, you're also emailing everyone they've ever emailed!"

If your users are really getting pissed, consider creating a message
center of sorts, like the "Private Message" feature in many bulletin
board packages. Instead of generating an actual email, the messages get
stored in the database, and users reply back and forth within the
confines of the site.

hth
--

Bulworth : PHP/MySQL/Unix | Email : str_rot13('f@fu ng.arg');
--------------------------|---------------------------------
<http://www.phplabs.com/> | PHP scripts, webmaster resources

thanks senator....thro ugh the power of massive ego (ie I have no holes
in my software!!) and talking to a few members, I'm starting to think
it's a malware issue as well.

btw....permissi on to steal "safe email mantra"?

cmf

"cfoley1970 " <fo***@feelthef low.com> wrote in news:1108073807 .204439.260970
@g14g2000cwa.go oglegroups.com:

thanks senator....thro ugh the power of massive ego (ie I have no holes
in my software!!) and talking to a few members, I'm starting to think
it's a malware issue as well.

btw....permissi on to steal "safe email mantra"?

Go for it, not sure where I initially heard it but I stole it too. Reminds
me of another favorite, "Steal from me, and you're stealing twice!"
--
Bulworth : PHP/MySQL/Unix | Email : str_rot13('f@fu ng.arg');
--------------------------|---------------------------------
<http://www.phplabs.com/> | PHP scripts, webmaster resources