Email Injection – SecurePHP « VT's Tech Blog

« ONLamp.com: Testing PHP Code with PHPUnit

Variables in your CSS via PHP »

Email Injection – SecurePHP
PHP
16th December 2005 -By Vinu Thomas
Another Security Tutorial for PHP, this one on Email Injection. This is how a lot of Spammers take over poorly written PHP Mailers to do their dirty work for them.
There are a lot of ways to send anonymous emails, some use it to mass mail, some use it to spoof identity, and some (a few) use it to send email anonymously. Usually a web mailform using the mail() function generates emails containing headers with the originating IP of the server it’s running on. Therefore the mailform acts as a SMTP proxy. The input fields of the form may vary, but it is common to specify a mailform that gives you control over the subject, the message, and the sender’s email address.
Link: Email Injection – SecurePHP
Leave a Reply
Click here to cancel reply.
Name (required)
Mail (will not be published) (required)
Website

Notify me of follow-up comments by email.
Notify me of new posts by email.

About the Author
Vinu Thomas
Vinu Thomas is the editor of My Portable World and VT's Tech Blog. As a Technical Architect, he works on PHP and opensource technologies by day and is a mobile enthusiast and blogger. You can follow him on Twitter @vinuthomas and Google+
Syndicate
Subscribe to this site's RSS feed.
Desktop Reader Bloglines Google Live Netvibes Newsgator Yahoo! What's This?
Subscribe by Email
If you're not into RSS feeds, and want to get the latest posts be email, fill in this form, and Google will send you an email everytime a new post is up
Enter your email address:
Sponsors