Apache Regexp format, to fight SPAM through formmail < 1.9

I'm trying to setup apache, on a Cobalt Raq 4, to not allow spammers to use vanurable FormMail's. The Idea is to not allow anyone access to the site / server if they are trying to send the recipient varaible to formmail :

"..../formmail.pl?recipient=..."

-- or --

"...../formmail.pl?X=whatever&Y=whatever&recipient=..."

basicaly, if "formmail.pl" & "recipient=" are both in the Apache Request_URI, in upper or lower case, I would like apache to not allow the request.

here is what I have so far:


SetEnvIf Request_URI ".*(formmail\.pl).*(recipient=)" spammer=true

SetEnvIf spammer true keep_out

<Directory /home/sites/site*/web/cg*/>

Order Allow,Deny
Allow from all
Deny from env=keep_out

</Directory>

This works nice untill I try doing more then "formmail.pl" as the regexp. I'm a newbie to the Regular Exp. sceen, anybody know what regexp pattern would do what I need done above?

I have thought about replaceing the "SetEnvIf" line with:

SetEnvIf User-Agent "^Microsoft URL Control" spammer=true

But i don't really want to just deny everyone using the MS control from accesing the server, just because some spam tool out there uses it.text to color.

It would be nice to be able to do something like "If User-Agent == Microsoft URL Control AND Request_URI has formmail.pl in it, THEN Deny", however this is proving to be a pain to figure out.

Thanks in advance

 

 

 

 

Top