John M. Dlugosz has asked for the wisdom of the Perl Monks concerning the following question:

I just changed web hosting companies, and found that the built-in "form mail" points to http://www.scriptarchive.com/readme/formmail.html for documentation.

Based on what I've read on this site, I feel like I need to wash my hands. Is there an alternative to this specific script that I should educate my provider with a pointer to?

—John

Replies are listed 'Best First'.
Re: Ugh! Matt's Script found on my site!
by broquaint (Abbot) on Jul 07, 2003 at 16:07 UTC
    Is there an alternative to this specific script that I should educate my provider with a pointer to?
    Indeed, davorg and london.pm created NMS for the very purpose of creating a drop-in replacement of Matt's formmail script and the others in his collection.
    HTH

    _________
    broquaint

[reply]
Re: Ugh! Matt's Script found on my site!
by davorg (Chancellor) on Jul 07, 2003 at 16:15 UTC

    Looks like I've got the people round here so well trained that I don't need to answer questions like this any more :)

    Probably worth pointing out, however, that if your new hosts need any more persuading then Matt himself has something to say on the matter.

    --
    <http://www.dave.org.uk>

    "The first rule of Perl club is you do not talk about Perl club."
    -- Chip Salzenberg

[reply]

      Matt himself has something to say on the matter.
      However you might not want to download the versions of the programs themselves from that page as some of them appear to be very out of date with respect to those on sourceforge. 

      /J\
[reply]

        Oh. True. I'd forgotten about that. I need to mention that to him and see if he'll update them. Thanks for reminding me.

        --
        <http://www.dave.org.uk>

        "The first rule of Perl club is you do not talk about Perl club."
        -- Chip Salzenberg

[reply]
Re: Ugh! Matt's Script found on my site!
by adrianh (Chancellor) on Jul 07, 2003 at 16:09 UTC

    The NMS formmail is a drop in replacement. No pain. All gain.

[reply]
Re: Ugh! Matt's Script found on my site!
by bart (Canon) on Jul 08, 2003 at 12:36 UTC
    Formmail in particular is a nasty critter, as described here. The problem is that the recipient's address is just a hidden field in the form. Hence, anybody can use your mail server to send eemail just anywhere. Many spammers have abused this, and likely many still do.

    I can only hope that NMS plugs that hole... I'm virtually certain they did. Well... see the use of the variable @allow_mail_to in the script source. That's what it's for.

[reply]
Re: Ugh! Matt's Script found on my site!
by strat (Canon) on Jul 08, 2003 at 08:24 UTC
    When I find Webhoster using Matt's old scripts, I often send them a friendly email pointing them to NMS and also to http://www.scriptarchive.com/nms.html. Very often the team of the provider is very happy about it, but sometimes there is no reaction at all. Well, that's life ;-)

    Best regards,
    perl -e "s>>*F>e=>y)\*martinF)stronat)=>print,print v8.8.8.32.11.32"

[reply]

Back to Seekers of Perl Wisdom