What Formmail.pl script should I use to send Forms

[bmcc81]

Hi,

I'd like to know what SendMail.pl script I should use for sending forms out?

I've tried the one from matt's script archive But it doesn't seem to work.

It says all I need to know are these 2 things and it doesn't work. Do I have the wrong information?

$mailprog = '/usr/lib/sendmail -i -t';

@referers = ('webinkgraphics.com','127.0.0.1');

Thanks,
Bmcc

[Arkadij S]

Hi bmcc81,

Using Formmail.pl is not recommended and this script is actually banned on our shared/reseller servers. Its vulnerability makes your entire account totally insecure and can be used by spammers to send spam through.

In this regard we would suggest you switching to PHPFormMail.
This script is less vulnerable and can be freely used on our servers.

[Alan B]

The Matt's Script Archive is very old, and it is well known that it is insecure. I'm surprised that you didn't read the warnings, as even Matt, the creator of Matt's Script Archive, now recommends that people not use that insecure script.

This script at nms sourceforge is secure: http://www.scriptarchive.com/nms.html. You may, of course, also use what Arkadij suggested. Here are some other tips to help keep form-to-mail actions secure:

You should not enable recipient addresses to be specified from hidden fields within the html form. Specify the recipient e-mail addresses only within the script itself. Putting them in the form is not secure.

The script should include a specification for valid referrer addresses or domains. Referrers from anywhere else should be rejected.

Do not name the script anything obvious: don't use words such as "formmail", "form" or "mail". If it has already been named something obvious, rename it immediately. Name it "macktruck" or "halibut" or something else each client coins for himself.

[genrock]

Yes, that script is very insecure and you should definitely look into other options.