Hello everybody!
As a webhost that offer PHP-support for hundreds of customers, I have a
concern.
The mail()-function is too easy to use for sending spam and even worse -
there is (sometimes) almost impossible to trace the sender-account.
I've been looking into the source code and one very easy but yet powerful
solution to trace spam would be to force a reference into the header.
As each vhost has its own config, a PHP-setting "mail.reference" would be
enough.
This would be of great value for all webhosts out there and since we all
want to limit spam on internet, why not include this?
You can find some (not tested) sample code below.
I hope you understand what I mean.
This is my first post here and I'm not familar with the PHP source code.
// Kristoffer Hultenius
Original code:
====================================
fprintf(sendmail, "To: %s\n", to);
fprintf(sendmail, "Subject: %s\n", subject);
if (headers != NULL) {
fprintf(sendmail, "%s\n", headers);
}
fprintf(sendmail, "\n%s\n", message);
ret = pclose(sendmail);
New code:
====================================
char *reference = INI_STR("mail.reference");
fprintf(sendmail, "To: %s\n", to);
fprintf(sendmail, "Subject: %s\n", subject);
if (reference) {
fprintf(sendmail, "X-PHP-REFERENCE: %s\n", reference);
}
if (headers != NULL) {
fprintf(sendmail, "%s\n", headers);
}
fprintf(sendmail, "\n%s\n", message);
ret = pclose(sendmail);
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
