The file ‘mt-send-entry.cgi’ in a default MovableType installation can be used to relay spam. If you’re not using the script to allow your users to “Send this Entry by Email”, you can safely remove the file from your MT install or change the permissions so that the script cannot execute.

However, if you need the functionality Ben Trott has posted a fix, but IMHO, you’d be safer pushing this function client-side using a mailto with some JavaScript

Jacques Distler has some more insight and there’s an active discussion on the MovableType Support Forums

Related Posts

• MovableType Posting Client and NewsGator Plugin -- Matt Berther has released version 2.0.0.1 of his MovableType posting client/plugin MovablePoster, which integrates nicely with NewsGator in addition to being a stand-alone Windows client. (of course I’m testing MovablePoster via this post :-) ...
• Command Line Frontend to MovableType -- I must have missed this, but back in December 2003, Johann Schmidt released the latest version of MTshell, which as the subject says is a CLI for MovableType. “MTshell is a perl program which allows you to maintain your Movable...
• Movable Type Blog Migration -- Over the last week, usually in the mid-to-late evenings — after Catherine falls asleep, I have been slowly migrating my B2-based blog to Movable Type. I must say that for the most part the process has been fairly straight forward....
• Comment Spamming: Pointless Practice -- I couldn’t take it anymore! Last night I took Burningbird’s suggestion and turned-off commenting on any post older than 30 days. I may turn commenting off entirely if this weekend is any indication of the logarithmic growth in comment spamming....
• PHP Photo Gallery Script -- I tested the Coppermine Photo Gallery Script last night and it was very easy to install and best of all (IMO), it comes with a Windows XP Publishing Wizard plug-in that allows you to select a group or folder of...
• Links: 2004-08-30 --  Slashdot: GmailFS - The Google File SystemPosted: 2004-08-30T21:51:28Z (categories: Google Hacks ) Net::MovableTypePosted: 2004-08-30T14:00:50Z (categories: Blogs Hacks Service Web ) Double DriverPosted: 2004-08-30T20:51:58Z (categories: Freeware Microsoft Software ) GmailFS - Gmail FilesystemPosted: 2004-08-30T13:07:43Z (categories: Google Hacks Python ) Keep...
• Web Services: Script globally, publish locally -- Jon Udell: “A picture can be worth a thousand words. But a URL can be worth half a dozen pictures. When application behavior is expressed [as a web service], you empower your community of users to share it directly. And...

Related posts brought to you by Yet Another Related Posts Plugin.