Don't Let doors.txt Take Control of Your Email Server
By Stephen Bucaro
If you have an email contact form on your Website and you have received a message
which appears to contain random text and the file name doors.txt followed by some digits,
your mail server is being probed for vulnerabilities by a hacker. An example of a
possible message is shown below:
This seemingly random text is actually machine code that probes your email server for
backdoors (unsecured ports) which the hacker can use to take control of it to send
massive amounts of spam. The digits after doors.txt are parameters for the file
doors.txt which is used to send information about any backdoor vulnerabilities in your
email server back to the hacker.
Hopefully your mail server is administered by on-the-ball system administers who have
secured all backdoors, but if you're not confident of that, you should have code in your
email form that modifies any incoming messages. The text string in the subject and
body of all incoming email messages should be modified by your email form code.
Code in your email form should break the text string and stuff characters in the string
that you can easily filter out later. The inserted characters will cause the hacker's
machine code to fail.
More Web Design Coding Issues:
• Create a Simple, Effective PHP Form for Your Web Site
• Why a CSS Website Layout Will Make You Money
• Four Must-Have Webpages That Add Website Security
• Seven WordPress Security Tips
• Understanding SSL Certificate
• How to Set Up a Google Search Box on Your Website
• Update Your Entire Website Instantly Using Server Side Includes (SSI)
• What is AJAX?
• Set Up a Freefind Search Box on Your Website
• Don't Let doors.txt Take Control of Your Email Server