Defending against PHP email injection attacks

I have a couple of forms that use PHP’s mail command and over the weekend I had to become an expert at protecting yourself from “email injection” spam attacks that insert spam addresses and headers into PHP forms.

After a couple of different strategies I found that the best method to protect yourself was the script from anton at basehost dot net on this page. The nice thing about it is that it’s a server-wide solution – no need to scuzz up your forms with increasingly complicated checks for malformed characters.

About Chris Barrus

You are not cleared for this information.
This entry was posted in Tech. Bookmark the permalink.

Leave a Reply

Your email address will not be published.