Perhaps this could be done by checking the referring page to make sure it is on our web site, limiting the number of e-mails sent by a single ip, or in some other way.

Sure, that's a must.

Now about formmail...

IMO, using a program like formmail is not secure, because the source code is freely available, so hackers have all opportunities to examine the code in order to find a security hole.

A few years ago I had serious problems with the formmail script and I decided to write my own mail program. Since that time I never had security problems.

Checking the referring web page header( $ENV{'HTTP_REFERER'} ) isn't very secure because it's easily spoofed.

The only secure method of protecting a formmail script is to hard-code the email address(es) it will send email to. If an email address is specified that is not allowed, then the script would just exit.

Checking the referring web page header( $ENV{'HTTP_REFERER'} ) isn't very secure because it's easily spoofed.

The only secure method of protecting a formmail script is to hard-code the email address(es) it will send email to. If an email address is specified that is not allowed, then the script would just exit.

Does this mean that there is no "secure" way of a visitor to our web site, sending a pre-written text e-mail to their friends, telling them about our web site?

Cigmail let us easily do this.

If the receiving domain is hard coded, as it is in the version of Formail they are still letting us use, mail to a third party just can't be automatically sent.

Like I said, I can live with the ugly results Formail sends us. (The script apparently replaces all attempts at formatting with a single space as another security measure.)

However, we are a small non-profit and the "Tell A Friend" page was a valuable way for people to tell others about our web site.

In fact, thousands of web sites use some form of a "Tell A Friend" page. I have been searching for weeks for a "secure" alternative, without success.

Isn't there some way to work around this?

Thank you,
Harris

If you're looking for a secure replacement for formmail, do a search for "nms formmail" (without the quotes).

It's written by some very well respected programmers in the perl community, and was designed with security in mind, unlike many of the old Matt's Script Archive programs.

If you're looking for a secure replacement for formmail, do a search for "nms formmail" (without the quotes).

It's written by some very well respected programmers in the perl community, and was designed with security in mind, unlike many of the old Matt's Script Archive programs.

The problem is that Formail achieves security by writing the one domain (our own) that we can send e-mail to, into the script. It therefore will not send mail to a third party.

I have looked at dozens of Tell A Friend scripts, and have not found any that claim to be secure.

There must be some out there!

While the referrer can be messed with, what if the script checks for the entire URL to make sure it comes from our web site?

I just inactivated my "Tell a friend" script after someone accessed the cgi script directly and blew several thousand emails through my server in about an hour. :-(

It sounds like all that's needed to improve the tell-a-friend script is a limit on the number of hits from a single IP. Maybe keep track of the last 10 or 20 IPs for any given form and only allow posts from hosts with less than 5 instances in the list.

Just in case someone needs the information, I have finally found a "secure" replacement for cgimail.

While not quite a drop in replacement, it works beautifully!

All my cigmail templates work. All I had to do was change the [ ] to { }.

All of my existing forms also work. All I had to do was change the call from cgi-bin/cigmail.cgi to Formmail/index.php

Yes it is a php script!

To use my own thank you pages, all I had to do was change "success" to "thanks" in the call.

It has multiple levels of security.

It checks the referrer and the ip.

The form page has to be called from a link on the site and ip entered into the script.

It allows the number of e-mails to be limited by number, time, and ip. For example, it can be set to allow an ip to only send 10 e-mails within 24 hours.

If I am not allowed to post the address to this program, please e-mail me for it.

This script and others are available for free at: www.stadtaus.com

Thank you all for your help!

Harris