Posted by ZeldorBlat on 05/08/07 13:27

On May 8, 12:21 am, "J.O. Aho" <u...@example.net> wrote:
> Joe wrote:
> > Hello,
>
> > I currently use a simple php webmail form with php's mail() function
> > doing the work to send messages to the site owner.
>
> > However, viruses are being sent via the form.
>
> > I tried adding a basic colaboration of amavis-new, ClamAV and
> > spamassasin, but that filter does not seem to catch them. I assume they
> > are injected into the Postfix process too late.
>
> > Any idea how I can eliminate this?
>
> The data you get to the mail() from the "FROM" input box has to be stripped
> from injected headers.
>
> A really simple check for injection is to
>
> $newfrom=erege_replace("[\r\n]","",$from);
> if($newfrom==$from) {
> mail(...);} else {
>
> //header had injected data, don't send it
>
> }
>
> --
>
> //Aho

Of course str_replace works just as well and is probably faster:

$newfrom = str_replace(array("\r", "\n"), '', $from);

• Next in forum: cakephp rendering
• Prev in forum: Re: Out of memory PHP / MySQL problem? Is memory not clearing itself after sub routing??
• Thread view: Re: virus sent vie webmail running on Apache

[Reply to this message]