Do sites on your server have one of those “Tell A Friend” forms where visitors can instruct your server to send out email on their behalf? And do you find your server consistently on spam blacklists? Well, now you know why.
In retrospect, this functionality was probably a bad idea to begin with. As an example, here’s what you expect such an email to look like:
Hi Alice,
Your friend Bob thought you would be interested in SoTall Drywall Stilts from Internet Drywall Warehouse.Alice, you need to check out these cool Drywall Stilts! And this online store has the best prices ever!!
See? What a great way to drive traffic to your site. And it’s social too! It’s like free advertising!
But instead, very nearly 100% of the messages sent out from these forms look like this:
Hi alice113,
Your friend .. thought you would be interested in SoTall Drywall Stilts from Internet Drywall Warehouse.You want looking for SKINNY YOU?? You lose weight faster with Phenolphenodrine (Phenolslim)!! You have the envy with skinny lookings. VISA ACCEPTED!! NO RX!! http://yourpharmacy.qx/ ORDER NOW WITH SAVING!!!
Sadly, it doesn’t take long for people to realize you just handed them a way to send out their own message to their own address book while riding on your reputation to ensure that the mail gets delivered… and destroying that reputation in the process.
It always surprises me when I get a call from a client about another one of these. But in case you aren’t aware yet that this is an issue, please take note. If you want to use a “tell a friend” form, put a captcha on it at the very least. Or even simpler: just get rid of the component altogether.