I need some help. I have several email links on my website that are being attacked and emails with virus' are then sent with these addresses to people/companies I don't know. What can I do?

Instead of email links...use a form on your page. The form will send the info to you in the form of an email...but the visitor won't have a choice of where to send it.

You can use Powweb's FormMail.

bigblockgt -

Are you saying that you have forms on your website (like those based on FormMail.pl) that are being used by hackers to send EMails, or do you mean you have clickable links on your site to allow people to send EMail, as in:

<a href="mailto:me@mysite.com">Click here</a> to EMail me.

and people are copying the valid EMail addresses from these links to use on their virus-laden EMails they send to others?

If the former, you need to check to see that the script your mail form uses is secure.

If the latter, there's only one thing I know of to stop it, and that's to use a script to dynamically generate the link. I use a function stored in a remote JavaScript file to do this. All the script/function does is to generate the appropriate <a href="mailto:... code for the page. I'm sure that other scripting languages - Perl, PHP, etc. - could also be used, but JavaScript is the easiest for most people. The key is to keep your EMail address from being explicitly incorporated in your webpage's HTML code. Most sniffer programs used by hackers (and SPAMmers!) don't render any output generated by JavaScript on webpages, so this makes the link essentially invisible to them while keeping it plain as day to your users.

In the <head> section of your pages, enter the following:

<script language="JavaScript" src="maillink.js"></script>

Then in the body of your page where you want to have the link, enter:

<script language="JavaScript"><!-- // hide
nameLink();
// --></script>

Save the following JavaScript code in a file named "maillink.js" on your computer (use Notepad or any text editor):

// start of JavaScript
var myAddress = "webmaster@mySite.com";

function nameLink() {
document.writeln("My EMail address is <A HREF=\"mailto:" + myAddress + "\">" +
myAddress + "</A>");
} // end nameLinke

function mailLink() {
document.writeln("<A HREF=\"mailto:" + myAddress + "\">\n");
document.writeln("Click here</a> to EMail me.\n");
} // end mailLink
// end of JavaScript

Finally, upload this maillink.js file to your site in the same directory as the webpage.

Of course, this only stops future abuses. Once they have your EMail address, its all over.

Good luck!

Richard L. Trethewey
www.rainbo.net