cgi security

[Walter Hofmann]

On Wed, 04 Apr 2001 06:16:53 GMT, Sheila King <sheila at spamcop.net> wrote:
>
>I'm writing a form-mail script, and I have two questions right now:

There is a script called "formmail" in wide use, which seems to do
approximately what you are trying to achive.

Unfortunately, it is currently abused by spammers to send large amounts
of unsolicited email. That's because it accepts any email address it is
given. Spammers fake forms which will mail their spam via these scripts.

Basically the only way to prevent this is to have a list of allowed
email addresses in the script (or hardcode a single email address). 
However, this means that for every new user you'd have to add their
email to the list before they can use your script.

Walter