News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHPBuilder.com:
Preventing spam when using PHP's mail function
April 12, 2006 @ 15:47:45

Spam has grown into one of the worst problems on the internet today. It effects everyone, even those that guard their email addresses with their lives. Information spreads so fluidly in the bits and bytes of everyday communication, that it's almost inevitable for your address to get out. Once it's out, you'll know, getting emails from people you don't know offering things you don't want. One tool spammers can use, unfortunately, are the unsecured forms on your own site. Thankfully, there's articles like this one from PHPBuilder.com that can help you safeguard your site against these attacks.

Insecure PHP scripts have provided great opportunities for spammers to abuse other's resources to send out their spam. In particular, it's the mail() function that can be abused. I myself was the target a few months ago when I noticed spam being sent from an old form on my server that I'd forgotten about. This month's article looks at techniques that can be used to harden your mail form, and reduce the chances of it being misused.

They set up the simple example script and show you how to exploit it to follow the wishes of potential spammers. They offer a few suggestions on hardening the form - filtering for a correct email address, checking for "bad strings" in the contents of the form, and looking for a REQUEST_METHOD value in the $_SERVER array. The methods aren't fool-proof, but they can help to dramatically reduce your chances of being the source of a lot of people's annoyance.

1 comment voice your opinion now!
mail prevent spam filtering bad strings request_method mail prevent spam filtering bad strings request_method


blog comments powered by Disqus

Similar Posts

Zend Developer Zone: PHP Built in Input filtering

Dublish.com: Captcha - Spam preventing images

PHPBuilder.com: PHP Filtering with OWASP

Pim Elshoff's Blog: Dependency management

SitePoint PHP Blog: Piping Emails to a Laravel Application


Community Events





Don't see your event here?
Let us know!


community library podcast list threedevsandamaybe deployment series language framework release laravel tips symfony zendserver opinion api interview bugfix developer introduction

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework