rr1024

Hello All, I am bothered by the same issue here, All my sites email functions are shut down and I was asked to use PHPMailer class instead of PHP mail() function However, I installed the class which was not a problem for one function on one script and tested it and got the same result it doesn't work and the mail get's bounced back to me. My issue is this, I don't see how total choice could possible expect each webmaster on their server to use one phpmail program or another when most of the time we purchase these scripts i.e. wowbb, Vbulliten, Linking Scripts and on and on from other sources. To say that we have edit the code to install some other php script just doesn't seem realistic to me. Since what will happen is the script you've decided to promote as secure suddenly get's HACKed by some 8 year old with nothing better todo...LOL and we are back in the same boat again. Not only that but we've spent hundreds of dollors modifing scripts and hundreds of man hours. I'm all for security, hands down but maybe something that gets the job done and would be easier to manage would be best. If your up for an idea then here is my two cents on this whole mail problem Another way of offering the protection I think you guys are going for would be to give each website an MD5 encryption or hash if you like that must appear in the body of the message. It would be some cyptic word or number that only total choice hosting knows and all we webmasters have to do is add this in the body of all out going mails from scripts using php mail classes or functions....I believe this would be very easy to control....All you guys would need to do is scan outbound mail from the scripts for this MD5 code if you find it then the mail is released if not it's bounced....very simple I think You could even do something like Total choice hosting secret string H7drriLdzmek1 you give the above code to the webmasters on a server lets say that code above is = "sever336" and of course you guys know this since you made it up. So you tell me that any script I load on your server that sends mail that this code above must appear somewhere in the body of the message, visible or invisible you don't care. We also must add our domain to your encryption of "server336" which = H7drriLdzmek1 So we do something like the following $messagebody . = "what ever our outbound message is: Hello World"; $messagebody . = base64_encode( intimateassociates.com )."_".H7drriLdzmek1; $sent = mail( $recipient, $subject, $message, $headers ); Now on where ever the mail function sends the message to after that,( I don't know ), but it's on Total Choice hostings side you guys get the mail and parse the body of the mail i.e. list( $domain, $server ) = explode("_",$messagebody); #this may actual need to be in a while loop in case someone actually uses an _ in the body of the message...LOL You guys set up a couple of arrays one for all your server names that are MD5 hashed and all the domain names on each server then do a little compare thing like this foreach ( server_array_domain_list on server as $var) { if ( base64_decode($domain) == $var AND $server336 == "H7drriLdzmek1" ) $sendmail = TRUE; else $sendmail = FALSE; } if sendmail true then send the mail else bounce it. Keep in mind how most of this scripts are used, generally speaking we have textarea boxes with a template email that we can edit quickly and easily so all we would need is a base64 encode of our domain name and your secret code and stuff something like this in to our emails that use scripts to send mails ALKJDLlksajfsyw**(a;AJKD==_H7drriLdzmek1 you guys explode on _ so now you have a decodeable domain name and a none decodeable secret code to do your comparision. The great thing is if we use HTML mails then this code i.e. ALKJDLlksajfsyw**(a;AJKD==_H7drriLdzmek1 can be hidden in the message body between html tags. Anyway just a thought, so whe do we think we'll have mails back up an running??