Matt Fretwell wrote:
On Fri, 03 Mar 2006 16:43:24 -0800
Alex Gottschalk <[EMAIL PROTECTED]> wrote:
This check is causing our mail server to quarentine mail sent
from PHP via postfix. It looks like it's because PHP wants
to put CRLF on the MIME headers instead of bare LFs. Is
there any way to modify or remove this behaviour? At least
according to the PHP docs
<URI:http://us3.php.net/function.mail>, it should be legal to
put \r\n characters as linefeeds in MIME headers.
Check the RFC's as to whether it is legal or not. 'Should be'
and 'must be' could be two very different things.
Not to mention it's a fragile function. The OP should google header injection to
see the kinds of mischief your web form can face if you don't harden it for this
exploit.
dp
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
