开发者

"invite friends via email" feature...what security implications should i concerned about?

开发者 https://www.devze.com 2023-03-24 16:50 出处:网络
I\'m adding a feature to my site to allow people to invite their friends.I was going to accept a commma-separated list and allow them to import their Gmail contacts.

I'm adding a feature to my site to allow people to invite their friends. I was going to accept a commma-separated list and allow them to import their Gmail contacts.

My question is, how do i prevent someone from just posting a string of emails to my script and essentially A) overwhelming my mailserver or B) spamming a bunch of people. Obviously, captcha would help with this, but just curious if there's other ways to limit our risk...

Since the contacts/etc are all on the front end, there's no way to hash it using our sites encryption key...so my initial thought of hashing the 开发者_如何学JAVAemails before sending them to our "sender" script probably wont work...

Any advice, help or direction on this is much appreciated!


First and foremost: Don't use a generic sender script! Any script that takes recipients and a message body from an external request is a security issue. Security is hard and you will make mistakes, opening you up to spammer. Better create several scripts that are only capable of sending a specific e-mail. E.g. a contact-us script that is hardcoded or preconfigured to send e-mail only to you. A tell-a-friend script that has a hardcoded or preconfigured message template in it.

Next, you need to be very careful about putting anything supplied by your users into an e-mail header (this includes message subjects, from/reply-to addresses, etcetera). Of course, it's nice to set the reply-to automatically to the user's e-mail address, but what if I type this as my e-mail address:

me@example.org\nBCC:spam-target@example.org

Now I'm spamming other people through your contact form, even though that form is only supposed to send mail to you.

You should treat anything that a user can put in a mail header (or message) as suspicious as you'd treat anything that goes in an SQL query.

0

精彩评论

暂无评论...
验证码 换一张
取 消