Re: Securing mailing scripts

REFERER check ...

That can be spoofed.

IP time checker...

How does that stop people from using the script?

Message substitutions ...

Ok, but don't you want to send out an e-mail to multiple people?

Perhaps what you want is to use SSL to connect to your script and insist that the script be run only via the secure port (443)?

Celebrate Intellectual Diversity

Comment on Re: Securing mailing scripts

Replies are listed 'Best First'.
Re^2: Securing mailing scripts by sulfericacid (Deacon) on Sep 15, 2005 at 15:06 UTC
The IP checker would be used to stop automated form submissions in case all it's doing is automatically resubmitting the form for each email. If the IP has a timestamp inside the "kill zone", the script will quit. This way only one message could be sent every 5 or 10 minutes. I am aware that REFERER can be spoofed,that's why it's not the only security percaution I'm trying to take. Thanks for your help! "Age is nothing more than an inaccurate number bestowed upon us at birth as just another means for others to judge and classify us" sulfericacid	[reply]

Replies are listed 'Best First'.

Re^2: Securing mailing scripts
by sulfericacid (Deacon) on Sep 15, 2005 at 15:06 UTC

If the IP has a timestamp inside the "kill zone", the script will quit. This way only one message could be sent every 5 or 10 minutes.

I am aware that REFERER can be spoofed,that's why it's not the only security percaution I'm trying to take.

Thanks for your help!

"Age is nothing more than an inaccurate number bestowed upon us at birth as just another means for others to judge and classify us"

sulfericacid