Bucaro TecHelp
Maintain Your Computer and Use it More Effectively
to Design a Web Site and Make Money on the Web

About BTH User Agreement Privacy Site Map Contact News Feeds

Stop the Slaughter of Innocents. Congress is bought and paid for by gun lunatics and gun promotion groups. If you want to live in a safe America, help buy Congress back for America. Send a donation to Mayors Against Illegal Guns, 909 Third Avenue, 15th Floor New York, NY 10022

Don't Let doors.txt Take Control of Your Email Server

By Stephen Bucaro

If you have an email contact form on your Website and you have received a message which appears to contain random text and the file name doors.txt followed by some digits, your mail server is being probed for vulnerabilities by a hacker. An example of a possible message is shown below:

from: TgItsudES

subject: AZAhxBZAFcgjgFMAHeb

body: doors.txt;3;6

This seemingly random text is actually machine code that probes your email server for backdoors (unsecured ports) which the hacker can use to take control of it to send massive amounts of spam. The digits after doors.txt are parameters for the file doors.txt which is used to send information about any backdoor vulnerabilities in your email server back to the hacker.

Hopefully your mail server is administered by on-the-ball system administers who have secured all backdoors, but if you're not confident of that, you should have code in your email form that modifies any incoming messages. The text string in the subject and body of all incoming email messages should be modified by your email form code.

Code in your email form should break the text string and stuff characters in the string that you can easily filter out later. The inserted characters will cause the hacker's machine code to fail.