|
|
Posted by J.O. Aho on 05/08/07 04:21
Joe wrote:
> Hello,
>
> I currently use a simple php webmail form with php's mail() function
> doing the work to send messages to the site owner.
>
> However, viruses are being sent via the form.
>
> I tried adding a basic colaboration of amavis-new, ClamAV and
> spamassasin, but that filter does not seem to catch them. I assume they
> are injected into the Postfix process too late.
>
> Any idea how I can eliminate this?
The data you get to the mail() from the "FROM" input box has to be stripped
from injected headers.
A really simple check for injection is to
$newfrom=erege_replace("[\r\n]","",$from);
if($newfrom==$from) {
mail(...);
} else {
//header had injected data, don't send it
}
--
//Aho
[Back to original message]
|