Zipium uses an automated script to actively check all formmail scripts on our servers to ensure they are secure. If we find a formmail script which is vulnerable to security risks, we change the permissions on the script to 000, this stops the script from working and will not allow it to be available to malicious users.

It is your responsibility to make sure you are using the latest most secure version of your formmail script.

We recommend our customers use the latest CGI formmail script from “The nms Project” or this PHP formmail script from tectite.

When adding a formmail script to your website please make sure to give the file a random name and to avoid naming the file any variation of formail. Some examples could be “sdf43s.cgi”, “jfg43532.php” or similar. Please do not use those names, make up your own random names. This will help make it more difficult for the spammer robots to find your copy of formamail.