Kelson,
My apologies. As I looked at my own reply, my response to your e-mail
made it look like I wrote the great background information that you did
and I just wanted to publicly give you credit for the elaborate and well
thought out response.
I was merely agreeing with you and posting a link with more info.
-=Ray
Ray Anderson wrote:
This looks like a failed header injection attack.
Some background: Lots of web form handlers, including the most basic
Perl and PHP tools, will build the headers and body of a message as
one long string, then pass it to Sendmail. If a form allows
user-supplied data for any header content -- most often a subject, a
sender's name or email address -- and the form does not properly
sanitize the input, an attacker can add a newline to the data and
build up their own headers and message body.
---------------snip--------------
Absolutely what I was trying to say earlier.
A _great_ article on the matter is here:
http://www.securephpwiki.com/index.php/Email_Injection
-=Ray
