Knowledgebase
PHP Mail Injection - Spam Attack
Posted by Adnan -'- Ahosting.net Support Team on 07 December 2005 04:33 PM
Hello,

Spammers can use your php mail scripts and they can add their header, c.c. & b.c.c then send mail to especially aol mail address.
Please add following codes to your php mail scripts ;

It should be at top of page (php codes) - it works for POST method
$badStrings = array("Content-Type:",
"MIME-Version:",
"Content-Transfer-Encoding:",
"bcc:",
"cc:");
foreach($_POST as $k => $v){
foreach($badStrings as $v2){
if(strpos($v, $v2) !== false){
header("HTTP/1.0 403 Forbidden");
exit;
}
}
}
?>
(2754 votes)
This article was helpful
This article was not helpful

Comments (0)
Help Desk Software by Kayako fusion