Motivation
If you have a PHP script that sends mail, the recipient of the mail message will only see which server it was sent from. There will normally be no record of who originated the message, or which script on the server actually caused it to be sent. This can make it difficult to trace misuse, even if you have comprehensive mail and webserver logs."
The Solution
This patch attempts to address this weakness by inserting an informational header to messages sent from PHP via the mail() function. The header identifies both the script and the apparent IP address that called it.
The header added has the form:
X-PHP-Script:for
No comments:
Post a Comment