Thomas Porter wrote:
I have a technical question:
Is there another way to do this? Could a third-party spammer, for example, capture email addresses posted to such a form?
Having written a few thousand lines of CGI source, I can see a couple of possible of things happening. First, it could be as innocent as the CGI program (the program that acts on the form's data) is hosted at the bbb.com site. The person at aaa.com may not have permissions to execute cgi-bin programs (or not know how to set them up). I see this as most likely. Unfortunately, the ultimate answer is in the CGI program at bbb.com ... it would be nice to see its source to see if it was [horror!] hacked to e-mail the contents of the form to aaa.com and bbb.com. Packet-sniffing is always possible [not my area of expertise], but who would go to all that trouble just to get e-mail addresses to add to their SPAM list? Our hacker friends can probably shed some more light on this also. Brian