Welcome to Bucaro TecHelp!

Bucaro TecHelp
HTTPS Encryption not required because no account numbers or
personal information is ever requested or accepted by this site

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Don't Let doors.txt Take Control of Your Email Server

If you have an email contact form on your Website and you have received a message which appears to contain random text and the file name doors.txt followed by some digits, your mail server is being probed for vulnerabilities by a hacker. An example of a possible message is shown below:

from: TgItsudES

subject: AZAhxBZAFcgjgFMAHeb

body: doors.txt;3;6

This seemingly random text is actually machine code that probes your email server for backdoors (unsecured ports) which the hacker can use to take control of it to send massive amounts of spam. The digits after doors.txt are parameters for the file doors.txt which is used to send information about any backdoor vulnerabilities in your email server back to the hacker.

Hopefully your mail server is administered by on-the-ball system administers who have secured all backdoors, but if you're not confident of that, you should have code in your email form that modifies any incoming messages. The text string in the subject and body of all incoming email messages should be modified by your email form code.

Code in your email form should break the text string and stuff characters in the string that you can easily filter out later. The inserted characters will cause the hacker's machine code to fail.

More Web Design Coding Issues:
• Web Designer's Reference
• Four Must-Have Webpages That Add Website Security
• Advantages and Disadvantages of Frames
• How to Redirect a Web Page Using a 301 Redirect
• Seven Effective Ways to Build Your Own Web Site
• Web Design Blunders That Can Cost You Lost Profits
• Video - HTTP caching
• Web Design Troubleshooting Guide
• Creating a Secure Website Using Secure Socket Layer (SSL)
• How to Hide From Robots

RSS Feed RSS Feed


Follow Stephen Bucaro Follow @Stephen Bucaro


Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2019 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268