News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHPBuilder.com:
Preventing spam when using PHP's mail function
April 12, 2006 @ 15:47:45

Spam has grown into one of the worst problems on the internet today. It effects everyone, even those that guard their email addresses with their lives. Information spreads so fluidly in the bits and bytes of everyday communication, that it's almost inevitable for your address to get out. Once it's out, you'll know, getting emails from people you don't know offering things you don't want. One tool spammers can use, unfortunately, are the unsecured forms on your own site. Thankfully, there's articles like this one from PHPBuilder.com that can help you safeguard your site against these attacks.

Insecure PHP scripts have provided great opportunities for spammers to abuse other's resources to send out their spam. In particular, it's the mail() function that can be abused. I myself was the target a few months ago when I noticed spam being sent from an old form on my server that I'd forgotten about. This month's article looks at techniques that can be used to harden your mail form, and reduce the chances of it being misused.

They set up the simple example script and show you how to exploit it to follow the wishes of potential spammers. They offer a few suggestions on hardening the form - filtering for a correct email address, checking for "bad strings" in the contents of the form, and looking for a REQUEST_METHOD value in the $_SERVER array. The methods aren't fool-proof, but they can help to dramatically reduce your chances of being the source of a lot of people's annoyance.

1 comment voice your opinion now!
mail prevent spam filtering bad strings request_method mail prevent spam filtering bad strings request_method


blog comments powered by Disqus

Similar Posts

Developer Drive Blog: How to Prevent a SQL Injection Attack

Jamroll.co.uk: Using Lighttpd to Dodge the Digg Effect

Zend Developer Zone: Mail Call!

Community News: Mambo Lead Developer Quits

Danne Lundqvist's Blog: Problem sending mail with PHP mail function


Community Events





Don't see your event here?
Let us know!


laravel bugfix voicesoftheelephpant release zendserver podcast deployment api list tips series introduction conference framework community symfony developer library language interview

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework