What checks need to be made to avoid Email Injection?

the mail() function

Moderators: egami, macek, gesf

Post Reply
New php-forum User
New php-forum User
Posts: 17
Joined: Sat Jun 18, 2005 9:08 pm

Sun Sep 11, 2005 11:46 pm

Hi there

I have been getting very strange Emails lately and it fits the profile of somebody trying to use my forms for spamming.

I have just added a regular expression that does a full variable check for "MIME-Version"

What is the full list of things I must look out for to prevent Email Injection?


User avatar
Alexej Kubarev
Site Admin
Site Admin
Posts: 2213
Joined: Fri Mar 05, 2004 7:15 am
Location: Täby, Stockholms län

Mon Sep 12, 2005 4:28 am

mostly you will need a function to generate a unique hard to reproduce finger print that you will be able to regenerate on the page that sends data... that way you will be able to make suire that everything is sent from your page...

for more help i will need more information..
Best Regards,
Alexej Kubarev
Zend Certified Engineer
Image Image

Post Reply