+++ Glenn Pierce [exim-users] <14/03/02 11:48 +0000>:
> Sorry if this has been answered before I couldn't see anything in the
> faq or past archives.
Known problem all over - securityfocus, vuln-dev, lots of webmaster lists.
> How can I only allow mails to be sent with certain domains in the from
> field.
Hardcode it into the script. Even then what guarantee do you have that some
enterprising spammer won't forge webmaster@??? into the from?
Solution - use something secure. No, I don't mean php, or worse (ugh, blech)
Matt Wright's lousy formmail.pl
I've had pretty good results with cgiemail
(
http://web.mit.edu/wwwdev/cgiemail/) so far.
--srs