ID: 25683
User updated by: reveille187 at hotmail dot com
Reported By: reveille187 at hotmail dot com
Status: Bogus
Bug Type: Mail related
Operating System: win32 xp sp1
PHP Version: 4.3.2
New Comment:
just checking, someone can cause some nice havoc with that feature.
sorry.
Previous Comments:
------------------------------------------------------------------------
[2003-09-29 05:36:43] [EMAIL PROTECTED]
RTFM. It's feature, not bug.
------------------------------------------------------------------------
[2003-09-29 03:26:07] reveille187 at hotmail dot com
Description:
------------
I'm not sure if anyone else noticed this... I run php 4.3.2 on my
windows xp pc with apache 1.3. I don't have a domain name, and while
exploring options on how to send mail from my pc, I found out you could
send email from any address to anyone else without knowing thier
password. Eg/ I could send hate mail from [EMAIL PROTECTED] where my real
address is [EMAIL PROTECTED]
Reproduce code:
---------------
<?php
ini_set("SMTP", "smtp.example.com");
ini_set("sendmail_from", "[EMAIL PROTECTED]");
mail("[EMAIL PROTECTED]", "Hate mail subject", "Body Text");
?>
Expected result:
----------------
An email in my inbox from you.
Actual result:
--------------
Same as above.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=25683&edit=1
