Using phpmailer at the moment for tell a friend code and the hosts are not keen on me using it for any more of my websites, due to security/spamming issues on shared servers. What’s a better form of code for this, that wouldn’t get the hosts jittery please?
Hey Dez,
A colleague of mine wrote two articles about sending mail from web applications and some good things to know when you do. Both are well worth the read.
Some things that are covered in the articles include setting up SPF records for the domains that you are sending email for, and using DKIM to sign your emails.
You’re implementing “Send to friend” functionalities, which are often quite easy to hack, so make sure that you’re doing everything you can in your apps to prevent them being exploited. Things to check for include content injection and “scripability”, e.g. could someone write a script to hit your page and send emails out, double checking and encoding your content is a way to prevent the former, while captchas can help with the latter.
These are just suggestions, and based on how your app is built their might be many more (or only a few) things that could help to secure it some more.
Thanks John - it’s appreciated. If anyone else has anything to chip in with this, please do.
Is there any way of adjusting the code below, to also allow a static IP that isn’t within the allowed countries please?
$config['redirect_to']='http://www.websiteaddress.com/'; //redirection url for visitors from not allowed countries
$config['allowed_countries']='at,be,ch,de,dk,es,eu,fi,fr,gb,gg,gi,gr,ie,im,it,je,my,nl,no,pt,se,tr,tz,us'; //allowed countries codes
Any help much appreciated.
Dez
Is that config for PHPMailer? Or for some other application that is managing access to the site?
Apologies John - posted in the wrong section about a different (unanswered) subject.
ahaha no worries (I thought it seemed an odd follow up question :P)