Posted by jjohnston@mailwise.com on 05/09/07 14:49

On May 7, 7:57 pm, Joe <j_ev...@upfronttechnology.com> wrote:
> Hello,
>
> I currently use a simple php webmail form with php's mail() function
> doing the work to send messages to the site owner.
>
> However, viruses are being sent via the form.
>
> I tried adding a basic colaboration of amavis-new, ClamAV and
> spamassasin, but that filter does not seem to catch them. I assume they
> are injected into the Postfix process too late.
>
> Any idea how I can eliminate this?
>
> thanks
> Joe

PHP uses either the system's sendmail wrapper or SMTP depending on
your php environment, server OS, and php.ini settings. The SMTP
version of mail() is only available on Windows systems. In your case,
using mail() is the same as sending the mail message via sendmail from
a shell. This means that the mail is injected into the postfix queue
after the after-queue content filter. Your best bet for a workaround
is to use the PHPMailer or PEAR Mail packages to send your messages
via SMTP to localhost.

Good luck!

Joshua

• Next in forum: Re: php and xhtml validation
• Prev in forum: PHP Warning: Module 'readline' already loaded in Unknown on line 0
• Thread view: Re: virus sent vie webmail running on Apache

[Reply to this message]