PHP mail() and spam

This is a discussion on "PHP mail() and spam" within the PHP Forum section. This forum, and the thread "PHP mail() and spam are both part of the Program Your Website category.



Go Back   Webforumz.com > Main Forums > Program Your Website > PHP Forum
Reload this Page PHP mail() and spam

Notices
Please Register!
Webforumz.com is an education based community supporting web designers, developers and those who are new and learning. If you are a designer, developer, learning web design or are thinking about a career in web design then you have come to the right place. Register for free now to access more information and to participate in discussion and debate.


Reply
 
LinkBack Thread Tools
  #1 (permalink)  
Old Mar 21st, 2006, 16:16
Reputable Member
Join Date: Nov 2005
Posts: 127
Thanks: 0
Thanked 0 Times in 0 Posts
PHP mail() and spam
Apparently its really easy for spammers to hjack email forms using php mail() to use for spamming.

Can anyone give me a few tips on how to limit the possibility of this, thanks
Reply With Quote

  #2 (permalink)  
Old Mar 21st, 2006, 17:21
Most Reputable Member
Join Date: Aug 2005
Location: North Wales, United Kingdom
Age: 21
Posts: 1,093
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to sypher
Re: PHP mail() and spam
Dont use the get method to post ur form.
Register globals off.
Reply With Quote
  #3 (permalink)  
Old Mar 21st, 2006, 22:20
Reputable Member
Join Date: Nov 2005
Posts: 127
Thanks: 0
Thanked 0 Times in 0 Posts
Re: PHP mail() and spam
OK, when you say register global off - does that mean just setting globals to off in php.ini or do I need to do something in the code as well? thanks
Reply With Quote
  #4 (permalink)  
Old Mar 22nd, 2006, 11:48
Most Reputable Member
Join Date: Aug 2005
Location: North Wales, United Kingdom
Age: 21
Posts: 1,093
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to sypher
Re: PHP mail() and spam
in the php.ini
Reply With Quote
  #5 (permalink)  
Old Mar 24th, 2006, 11:06
Reputable Member
Join Date: Nov 2005
Posts: 127
Thanks: 0
Thanked 0 Times in 0 Posts
Re: PHP mail() and spam
Hi, the settings were already set to off and send by post. But its still getting spammed. Is there anything else I could do (I read on a website that theres a 4th parameter in the mail function to stop people adding BCC, CCC etc, is this true?) Thanks for the help
Reply With Quote
  #6 (permalink)  
Old Mar 24th, 2006, 11:45
Most Reputable Member
Join Date: Aug 2005
Location: North Wales, United Kingdom
Age: 21
Posts: 1,093
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to sypher
Re: PHP mail() and spam
PHP: Select all

 <?php
// multiple recipients
$to  'aidan@example.com' ', '// note the comma
$to .= 'wez@example.com';

// subject
$subject 'Birthday Reminders for August';

// message
$message '<b>Heres your message!</b>';

// To send HTML mail, the Content-type header must be set
$headers  'MIME-Version: 1.0' "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' "\r\n";

// Additional headers
$headers .= 'To: Mary <mary@example.com>, Kelly <kelly@example.com>' "\r\n";
$headers .= 'From: Birthday Reminder <birthday@example.com>' "\r\n";
$headers .= 'Cc: birthdayarchive@example.com' "\r\n";
$headers .= 'Bcc: birthdaycheck@example.com' "\r\n";

// Mail it
mail($to$subject$message$headers);
?>
This is how you do bcc and cc

Be sure to look at your mail form. To see how it could be exploited
Last edited by sypher; Mar 24th, 2006 at 11:49.
Reply With Quote
  #7 (permalink)  
Old Mar 24th, 2006, 12:24
Reputable Member
Join Date: Nov 2005
Posts: 127
Thanks: 0
Thanked 0 Times in 0 Posts
Re: PHP mail() and spam
OK thanks sypher, im a little unsure how someone can exploit a form (I don't understand what they do, do they enter something into the fields to create those extra headers - would adding a maxlength limit the possiblities of this?)

Or should I add some validation to the subject field to only allow letters and numbers. Thanks
Reply With Quote
  #8 (permalink)  
Old Mar 24th, 2006, 19:28
Most Reputable Member
Join Date: Aug 2005
Location: North Wales, United Kingdom
Age: 21
Posts: 1,093
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to sypher
Re: PHP mail() and spam
Your best adding php validations, making sure there isnt any commas etc and things like that.
Reply With Quote
Reply

Tags
php, mail, spam

« load script on http and not https | referring site »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Spam in your PM box karinne Webforumz Cafe 0 Jan 15th, 2008 18:09
Spam in your PM box karinne Announcements and News 0 Jan 15th, 2008 18:09
visitors name not displayed in mail after filling in mail form made on earth PHP Forum 7 Nov 16th, 2005 22:43


All times are GMT. The time now is 11:35.

Contact Us - Web Design & Development Forums - Archive - Top

Sleep Study Scoring :: Free Bet :: Online Betting :: Bookmakers :: Funny Quotes :: Internet Recruitment Software :: Microsoft CRM Experts :: Online Casino :: Decorated Christmas Trees :: Midwife Forums :: Football Betting :: Web Development India :: Ecommerce Software :: Football Stats :: Dry Cleaning Collection :: Free Bets :: xtreme wales - extreme clothing :: Apuestas :: SEO Company India :: Werbeartikel :: Sharepoint Consultants :: Search Engine Optimisation :: Office Clearance London :: Sharepoint Experts :: Sports Betting :: Casino :: Website Templates :: Online Gambling

Powered by vBulletin®
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.2.0 RC8
© 2003-2008 Webforumz.com : All Rights Reserved

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43