Sendmail not sending

software development

#1

Hi,
I have a simple sendmail and it does not return an error but yet the mail does not send.
The page is:
http://grad.dazedthoughts.com/emailTEST.html
the cgi is:
#!/usr/local/bin/perl -wT

use CGI qw(:all);# imports the CGI.pm module

use HTML::Template; #imports the template module which allows for separation of Perl and HTML

#local variables all start with my

my ($email, $from, $subject);

#creates the variable from the form input with the name email

$email = param(‘email’);

generate html feedback

print “Content-type: text/html\n\n”;
print "Your email address ($email) has been successfully entered. ";
print “Thank you. You will receive a confirmation email shortly.”;

#########creates email

$subject = Confirmation Email
$from = "debbie@dazedthoughts.com";
open (MAIL, “|/usr/sbin/sendmail -t”) || &ErrorMessage;
print MAIL “To: $email \nFrom: $from\n”;
print MAIL “Subject:\n”;
print MAIL “Confirmation Email\n\n”;
print MAIL "Thank you for signing up. Your email address ($email) has been successfully ";
print MAIL “stored. Have a nice day.\n”;
close (MAIL);
sub ErrorMessage {
print “

The server has a problem. Aborting script. \n”;
exit;
}

thanks in advance for any help that you can give me.
Debbie


#2

A word of caution: Your script as-is is vulnerable to being exploited by spammers due to the fact you have chosen to include user-provided data in the message headers without checking the data.

At the very least you want to check for characters that don’t belong like control characters and spaces:

[code]$email = param(‘email’);
if ($email =~ /[\x00-\x20]/) {

control characters or a space present

most likely an exploit attempt

abort

&ErrorMessage;
exit;
}[/code]
Also you have an incorrectly formatted header. Replace the 2 lines with the following line:

Customer since 2000 :cool: openvein.org | Please don’t feed the trolls. :@