Contact Form Processing Products - for all your needs

FormMail • Form Encryption • Hosted Forms

ATTACK_DETECTION_MIME Setting

This page documents the ATTACK_DETECTION_MIME configuration setting in FormMail.

Type Of Setting

ATTACK_DETECTION_MIME is a LEAVE setting, which means...

LEAVE : you can change this setting if you really need to and know what you're doing, but we recommend that you leave this setting unchanged.

Précis

Enables the "MIME attack" detection.

Description

Set ATTACK_DETECTION_MIME to false if you don't want FormMail's attack detection to check for the MIME attack.

The MIME attack is where the recipient's address (or other header field) is carefully crafted to try to fool FormMail into sending an email with a virus or other malware file attached.

Note that Tectite FormMail has always been invulnerable to this type of attack - your server is safe with Tectite FormMail.

The purpose of the ATTACK_DETECTION_MIME setting is to allow you to ignore these attacks (no errors or alerts will be sent to you) and to send the user/attacker to an explanatory page.

The fields checked for this attack were:

  • recipients
  • cc
  • bcc
  • subject (from FormMail version 8.00)

Default Value

From version 9 onwards:

$ATTACK_DETECTION_MIME = true;

Before version 9:

define("ATTACK_DETECTION_MIME",true);

Examples

From version 9 onwards:

$ATTACK_DETECTION_MIME = false;

Before version 9:

define("ATTACK_DETECTION_MIME",false);

See Also

 
Close