Full Version: Job Offer

From: Stunt Engraver (DGL) [#5]
 30 Jan 2007
To: Engravin' Dave (DATAKES) [#4] 30 Jan 2007

David,

Being able to contact "Vora S." is confidence inspiring.

PS - This post is from David L. :-)

EDITED: 30 Jan 2007 by DGL


From: Harvey only (HARVEY-ONLY) [#6]
 30 Jan 2007
To: Stunt Engraver (DGL) [#5] 30 Jan 2007

I love this blurb. Emphasis mine.

quote:
Monopoly FMCG CONSUMER PETROLEUM & COMPUTER business for small traders. Legally protected by Bombay Highcourt Order. Refill POUCH Bottle. (IMPORTED MATERIALS). Mini PUMP in every house. Available at shops.

From: UncleSteve [#7]
 30 Jan 2007
To: Harvey only (HARVEY-ONLY) [#6] 30 Jan 2007

I tend more to the "represent not popular companies".

:S

From: Boz (CHEDDARHEAD) [#8]
 30 Jan 2007
To: ALL

They asked for my CV. Do I include the boot off the CV joint, or do I keep that and they just get the CV? I'm confused.

But I really like the 5 hours part.

Do I write to them using the same venacular: Popular guy looking of big pay job with responsibility and sociability. Have happy appearance and utteral descrepency. I-)

I'M THEiR GUY! No one else needs to apply. I can hear it now, "Thank you for calling ACCESS. WE specialize in the sales of used laser engraving machines and unique components of not popular firms. Before we start discussing your needs, please leave your personal and credit information with the automated answering system." (devil)


From: Cody (BOBTNAILER) [#9]
 30 Jan 2007
To: Boz (CHEDDARHEAD) [#8] 30 Jan 2007

A little off the beaten path, but maybe along the same lines....

I've gotten several submissions from our "contact us" web page from this address: baufaufru@mispir.org.

Every one of his submissions has had some sort of html reference to prescription meds.

I used to just get the normal spam from these guys, but now they're actually using my fill-in-the-blanks form to get my own website to send me spam! :/


From: Harvey only (HARVEY-ONLY) [#10]
 30 Jan 2007
To: Cody (BOBTNAILER) [#9] 30 Jan 2007

And I am still amazed that people actually respond to those drug ads. They are such obvious spam.

Maybe I should offer a course in how to become an expert engraver in less than ten days.

They send me $100 and I send them a link to EE.


From: Jer (DIAMOND) [#11]
 30 Jan 2007
To: Harvey only (HARVEY-ONLY) [#10] 30 Jan 2007

I'll take a chunk of that $100.00. Oh wait a minute, I am not an expert. Never mind.

From: Jim (RETAIL74) [#12]
 30 Jan 2007
To: ALL

The 'free' yellow pages calls me everyday. I can't figure out how to get rid of them.

From: UncleSteve [#13]
 30 Jan 2007
To: Jim (RETAIL74) [#12] 30 Jan 2007

Easy! Tell them you will take the "Free" ad they are offering and then let them try to explain why they want $$$... (devil)

From: Dave Jones (DAVERJ) [#14]
 30 Jan 2007
To: Cody (BOBTNAILER) [#9] 30 Jan 2007

Cody, I don't know about the script you use for your contact form, but older copies of FormMail were vulnerable to being spoofed by spammers. They could send spam to a list of email addresses that they fed to the script through the form. The only drawback for the spammer was that the person who was supposed to get the contact mail also got a copy of the spam.

From: Stunt Engraver (DGL) [#15]
 30 Jan 2007
To: Dave Jones (DAVERJ) [#14] 30 Jan 2007

Dave,

What would be the cure for that, if indeed, that's what the spammers are doing?

Another script?

From: Dave Jones (DAVERJ) [#16]
 30 Jan 2007
To: Stunt Engraver (DGL) [#15] 30 Jan 2007

I don't know if his has the potential spam problem or not, but for ones that do, yes a different script is the answer.

The problem comes from generic scripts that pass the recipient email address from the web page. The more secure scripts have the recipient email address hard coded into them in a part of the script that can not be reached from the web. FormMail was a popular CGI script that is supplied by a lot of web hosts as a simple way to have a contact form. Similar scripts in other languages abound and work in similar ways, with similar vulnerabilities.

A custom PHP script with the address hard coded is typically the most secure. The next best thing is this PHP script that a friend of mine wrote, with a bit of advice from me, called "NateMail": http://www.mindpalette.com/formprocessing/index.php

It has a hidden list of recipient email addresses stored on the server and forms can only be sent one of the names you enter in that list. The list can not be accessed or overridden from the web.


Show messages: All  1-4  5-16

Back to thread list | Login

© 2021 Project Beehive Forum