Welcome to Bucaro TecHelp!

Bucaro TecHelp
HTTPS Encryption not required because no account numbers or
personal information is ever requested or accepted by this site

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Don't Let doors.txt Take Control of Your Email Server

If you have an email contact form on your Website and you have received a message which appears to contain random text and the file name doors.txt followed by some digits, your mail server is being probed for vulnerabilities by a hacker. An example of a possible message is shown below:

from: TgItsudES

subject: AZAhxBZAFcgjgFMAHeb

body: doors.txt;3;6

This seemingly random text is actually machine code that probes your email server for backdoors (unsecured ports) which the hacker can use to take control of it to send massive amounts of spam. The digits after doors.txt are parameters for the file doors.txt which is used to send information about any backdoor vulnerabilities in your email server back to the hacker.

Hopefully your mail server is administered by on-the-ball system administers who have secured all backdoors, but if you're not confident of that, you should have code in your email form that modifies any incoming messages. The text string in the subject and body of all incoming email messages should be modified by your email form code.

Code in your email form should break the text string and stuff characters in the string that you can easily filter out later. The inserted characters will cause the hacker's machine code to fail.

More Web Design Coding Issues:
• Web Design Troubleshooting Guide
• Four Must-Have Webpages That Add Website Security
• Seven Effective Ways to Build Your Own Web Site
• Video - HTTP caching
• Web Designer's Reference
• Six Ways to Center an Element on a Webpage
• RSS Basics
• Basic Dynamic Website Security
• Video - Optimizing the Order of Scripts and Styles
• Update Your Entire Website Instantly Using Server Side Includes (SSI)

RSS Feed RSS Feed


Follow Stephen Bucaro Follow @Stephen Bucaro


Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2018 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268