News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHPBuilder.com:
Preventing spam when using PHP's mail function
April 12, 2006 @ 15:47:45

Spam has grown into one of the worst problems on the internet today. It effects everyone, even those that guard their email addresses with their lives. Information spreads so fluidly in the bits and bytes of everyday communication, that it's almost inevitable for your address to get out. Once it's out, you'll know, getting emails from people you don't know offering things you don't want. One tool spammers can use, unfortunately, are the unsecured forms on your own site. Thankfully, there's articles like this one from PHPBuilder.com that can help you safeguard your site against these attacks.

Insecure PHP scripts have provided great opportunities for spammers to abuse other's resources to send out their spam. In particular, it's the mail() function that can be abused. I myself was the target a few months ago when I noticed spam being sent from an old form on my server that I'd forgotten about. This month's article looks at techniques that can be used to harden your mail form, and reduce the chances of it being misused.

They set up the simple example script and show you how to exploit it to follow the wishes of potential spammers. They offer a few suggestions on hardening the form - filtering for a correct email address, checking for "bad strings" in the contents of the form, and looking for a REQUEST_METHOD value in the $_SERVER array. The methods aren't fool-proof, but they can help to dramatically reduce your chances of being the source of a lot of people's annoyance.

1 comment voice your opinion now!
mail prevent spam filtering bad strings request_method mail prevent spam filtering bad strings request_method


blog comments powered by Disqus

Similar Posts

SitePoint PHP Blog: Piping Emails to a Laravel Application

SitePoint PHP Blog: UTF-8 Email in PHP with eZ Components

Ryan Malesevich's Blog: Fight Spam Comments with Bad Behavior and Akismet

Web Development Blog: E-mail links, protective solutions against SPAM

Brandon Savage's Blog: Examining Zend Server CE On The Mac


Community Events





Don't see your event here?
Let us know!


code development zendserver framework threedevsandamaybe community podcast release conference list application introduction developer laravel deployment api tips interview language series

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework