|  | | 
02-07-2009, 08:18 PM
|
#11 (permalink)
|
It's all just 1s and 0s Join Date: Jan 2004 Location: in the lab Posts: 4,425
|  Re: PHP mail() function
beware of email injection attacks. you should always validate your input server side. Sending emails in PHP & email injection attacks Quote:
Spammers can hijack your seemingly innocuous looking mail form to send out spam. They do so by posting specially formatted data to your mail script. This is known as email injection or mail form spamming.
| | 
| | |
02-07-2009, 09:29 PM
|
#12 (permalink)
|
True Techie Join Date: Dec 2008 Location: Rx Counter Posts: 147
| Re: PHP mail() function
Quote:
Originally Posted by office politics  | In short... use ReCaptcha or some other small captcha script for php to prevent this, though I know some of them are clever enough to jump over this now...
__________________
Dr. House
--------------------------------------------------
Antec 900, P5K SE, E8400 "Wolfdale" 4.06GHz, Tuniq Tower, 4Gb GSkill DDR2 891, WD Caviar SE16 250, Radeon 4670 HD, WD Raptor WD1500ADFD (for sale, ~$900)
Thinkpad T61 CTO 2.2 Ghz Core 2 Duo, 2 gig, 100 gig 7200 RPM, 15.4" wide screen (for sale ~$800)
MacBook Pro C2D 2.2GHz 4 gig, 100 gig 7200 RPM
PowerBook G4 Aluminum | |
| | |
02-07-2009, 09:41 PM
|
#13 (permalink)
|
It's all just 1s and 0s Join Date: Jan 2004 Location: in the lab Posts: 4,425
| Re: PHP mail() function
in short, you should check the strings for data that can do harm. please follow the link and read up. captcha's won't help in the senario they decribe. Your server could get blacklisted.
| |
| | |
02-07-2009, 09:54 PM
|
#14 (permalink)
|
True Techie Join Date: Dec 2008 Location: Rx Counter Posts: 147
| Re: PHP mail() function
Quote:
Originally Posted by office politics in short, you should check the strings for data that can do harm. please follow the link and read up. captcha's won't help in the senario they decribe. Your server could get blacklisted. | My mistake, I thought we were just talking about those who use your script to send voluminous amounts of emails. I need to update a few of my php forms to use that (even though I haven't had an issue yet!)
__________________
Dr. House
--------------------------------------------------
Antec 900, P5K SE, E8400 "Wolfdale" 4.06GHz, Tuniq Tower, 4Gb GSkill DDR2 891, WD Caviar SE16 250, Radeon 4670 HD, WD Raptor WD1500ADFD (for sale, ~$900)
Thinkpad T61 CTO 2.2 Ghz Core 2 Duo, 2 gig, 100 gig 7200 RPM, 15.4" wide screen (for sale ~$800)
MacBook Pro C2D 2.2GHz 4 gig, 100 gig 7200 RPM
PowerBook G4 Aluminum | |
| | |
02-07-2009, 09:59 PM
|
#15 (permalink)
|
It's all just 1s and 0s Join Date: Jan 2004 Location: in the lab Posts: 4,425
| Re: PHP mail() function
Quote:
Originally Posted by Dr.House My mistake, I thought we were just talking about those who use your script to send voluminous amounts of emails. |
you understand that that is what we are talking about? they input massive amounts of email addresses into the text box, click send, and a separate email gets sent to all the recipents. | |
| | |
02-07-2009, 10:01 PM
|
#16 (permalink)
|
True Techie Join Date: Dec 2008 Location: Rx Counter Posts: 147
| Re: PHP mail() function
Quote:
Originally Posted by office politics you understand that that is what we are talking about? they input massive amounts of email addresses into the text box, click send, and a separate email gets sent to all the recipents. | *facepalm* nevermind, forget it, dont know what I was thinking :-P
__________________
Dr. House
--------------------------------------------------
Antec 900, P5K SE, E8400 "Wolfdale" 4.06GHz, Tuniq Tower, 4Gb GSkill DDR2 891, WD Caviar SE16 250, Radeon 4670 HD, WD Raptor WD1500ADFD (for sale, ~$900)
Thinkpad T61 CTO 2.2 Ghz Core 2 Duo, 2 gig, 100 gig 7200 RPM, 15.4" wide screen (for sale ~$800)
MacBook Pro C2D 2.2GHz 4 gig, 100 gig 7200 RPM
PowerBook G4 Aluminum | |
| | | |
| Thread Tools | | | | Display Modes |  Linear Mode |
Posting Rules
| You may not post new threads You may not post replies You may not post attachments You may not edit your posts
HTML code is Off
| | |
| |
