On Thursday, June 14, 2007, 8:19:00 AM, Gustav wrote: > Anyone who know who spammers operate? --- I did at one time suffer injection attacks where the spammers used their own form to take advantage of inherent weaknesses of the PHP mail() function to inject messages and recipient addresses that overrode the data in one of my "dial home" forms. I've now hardened up my scripts considerably and any attempt to inject an email address into a field that isn't expecting one causes an error message. Search the Internet for "PHP mail() injection attack" for several articles that both describe the issues and suggest defences. HTH, -- Geoff -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
