开发者

phpmailer headers fake address prevention

开发者 https://www.devze.com 2023-03-10 23:19 出处:网络
I want to send some confirmation emails to the users of my site. Here is how I set up the headers. $headers = \"From: \".EMAIL_FROM_NAME.\" <\".开发者_运维百科EMAIL_FROM_ADDR.\">\";

I want to send some confirmation emails to the users of my site.

Here is how I set up the headers.

$headers = "From: ".EMAIL_FROM_NAME." <".开发者_运维百科EMAIL_FROM_ADDR.">";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=utf-8\r\n";

I realized that I can set the two constants "EMAIL_FROM_NAME" and "EMAIL_FROM_ADDR" the way I want. Therefore, I can set the EMAIL_FROM_ADDR even to an address that does not belong to me. And the message will be delivered, right?

So, there is no security at all? What if someone else does the same to me? How can I prevent that?

Thank you


You probably want to look into Sender Policy Framework (SPF).

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号