I received the following message from my ISP :
In an effort to proactively ensure the stability of our servers, we are regularly running a program to identify exploitable form mail scripts. Form mail scripts that are exploited will result in a deluge of spam being generated from our server, endangering our servers to blacklisting by ISPs. Also, because of the quantity of emails generated by these compromised scripts, it may cause an excessive load on the servers. This may mean services would have to be disabled or even the server rebooted if it got to a critical point.
We are asking your assistance with this to check your form codes for **poorly named scripts** or **insecure scripts**
Poorly named scripts are scripts with any extension that are named or have in their name mail, formmail or any variation thereof. In the case of poorly named scripts, please rename these to something more obscure. Scripts with these names are targeted for exploits and even scripts written well don't need the undue attention.
Insecure scripts are scripts we know to be exploitable and have already caused issues on our servers. If you have any of these, please disable them immediately.
What can i do to solve this?
Are moodle form mail scripts insecure?
Thanks for your help.