[Dave Bateman]

Nowadays there is an explotion on php mailler scripts and spammers can add their header - cc & bcc to your mail form and can send spam mails to mail address which can be added by them. Please use following codes in your php mailler scripts that can prevent anybody to add/change of header.

It should be at top of page (php codes) - it works for POST method

CODE

<?
$badStrings = array("Content-Type:",
"MIME-Version:",
"Content-Transfer-Encoding:",
"bcc:",
"cc:");
foreach($_POST as $k => $v){
foreach($badStrings as $v2){
if(strpos($v, $v2) !== false){
header("HTTP/1.0 403 Forbidden");
exit;
}
}
}
?>