On Tue, 2004-02-24 at 15:52 -0600, David Gilden wrote: > Sx- Jones. > > Yes, this script can be hijacked =/ Sorry. > > > > > > > > print MAIL "TO: [EMAIL PROTECTED]"; > > > print MAIL "From: $name <$email>\n"; > > > print MAIL "Subject: $subject\n\n"; > > The From is Hard wired so I donʼt understand you mention below. > > print MAIL "From: $name <$email>\n"; > > This is going to '[EMAIL PROTECTED]' > in box. so you are saying that someone could interject a CC, > and use the script as it currently is as a Spam Relay? > I really donʼt follow.
imagine if $email is: "[EMAIL PROTECTED]> CC: spam recipient <[EMAIL PROTECTED]" since $email isn't validated, the email is sent to both places. -- uv -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
