##############################################################################
# FormMail                        Version 1.9s                               #
# Copyright 1996-2001 Matt Wright mattw@worldwidemart.com                    #
# Created 06/09/95                Last Modified 01/15/02                     #
# Matt's Script Archive, Inc.:    http://www.worldwidemart.com/scripts/      #
# Enhanced Security Version:      ftp://ftp.monkeys.com/pub/formmail/        #
##############################################################################
# If you run into any problems while trying to configure this scripts, help  #
# is available.  The steps you should take to get the fastest results, are:  #
#       1) Read this file thoroughly.                                        #
#       2) Consult the Matt's Script Archive Frequently Asked Questions:     #
#               http://www.worldwidemart.com/scripts/faq/                    #
#       3) If you are still having difficulty installing this script, send   #
#          e-mail to: formmail@monkeys.com                                   #
#          Include any error messages you are receiving and as much detail   #
#          as you can so we can spot your problem.  Also include the variable#
#          configuration block that is located at the top of the script.     #
#                                                                            #
# Hopefully we will be able to help you solve your problems.  Thank you.     #
##############################################################################
# COPYRIGHT NOTICE                                                           #
# Copyright 1995 - 2001 Matthew M. Wright  All Rights Reserved.              #
#                                                                            #
# FormMail may be used and modified free of charge by anyone so long as this #
# copyright notice and the comments above remain intact.  By using this      #
# code you agree to indemnify Matthew M. Wright from any liability that      #
# might arise from its use.                                                  #
#                                                                            #
# Selling the code for this program without prior written consent is         #
# expressly forbidden.  In other words, please ask first before you try and  #
# make money off of my program.                                              #
#                                                                            #
# Obtain permission before redistributing this software over the Internet or #
# in any other medium.	In all cases copyright and header must remain intact #
##############################################################################

FormMail is a universal WWW form to E-mail gateway.  There is only one
required form input tag which must be specified in order for this script to
work with your existing forms.  Other hidden configuration fields can also
be used to enhance the operation of FormMail on your site.  Version 1.6 of
FormMail contains a few minor bug fixes, optimized code and more comments.
The biggest change in this version is that by default, form fields are now
sorted as they appear in the form.  Error pages were also beautified a
little and two new configuration fields were created.  Read the History for
a more complete list of changes. Versions 1.7-1.9 were issues for security
fixes, and also fixed a problem causing selected servers to end the FormMail
process before the e-mail was sent.  Although the fixes from 1.7 to 1.9 were
somewhat minor, they _attempted to fix_ major SPAM security holes and
therefore the version numbers were increased dramatically to reflect this
change.

*** NOTE ***   *** NOTE ***   *** NOTE ***

The version of the README file you are looking at now goes with the 1.9s
version of the script, which is a security-fix version designed to close
the various security loopholes that remained in the 1.9 version of the
script that might still allow spammers to abuse and misuse FormMail.pl
to send out unsolicited junk e-mail ("spam") to arbitrary destination
e-mail addresses anywhere on the Internet.  This problem is becoming
more and more frequent, and your site can end up on various anti-spam
blacklists if you are running an unsecured version of FormMail that gets
exploited by spammers.  The 1.9 version of FormMail.pl attenpted to close
all of the loopholes that would allow the script to be exploited, over
the net, by outside spammers, but it didn't close them all.  It is believed
that the 1.9s version closeses all of the holes so that "hijacking" of
_this version_ of FormMail.pl (1.9s) by outside spammers should at last
be impossible.

The script, FormMail.pl, needs to be placed in your server's cgi-bin and the 
anonymous WWW user must have the ability to read/execute the script.  If 
you do not have access to your server's cgi-bin, yet you can execute cgi 
scripts, you may want to try adding a .cgi extension to the FormMail.pl, 
so you could rename it to FormMail.cgi.

Setting Up the FormMail Script:
===============================

The FormMail.pl script does not have to be extensively configured in order 
to work.  There are only two variables in the perl file which you will 
need to define along with changing the top line of your script to match 
the location of you Perl interpreter.

Necessary Variables:
--------------------

  $mailprog = '/usr/sbin/sendmail';
    This variable must define the location to your server's sendmail 
    program.  If this is incorrect, form results will not be mailed to you.
    (The executable sendmail program may be located in some different
    directory other than /usr/sbin, and you may have to look around to
    find out where it really resides on your particular system.  For
    systems based on BSD UNIX, e.g. FreeBSD, NetBSD, OpenBSD, you will
    probably find sendmail installed as /usr/sbin/sendmail

  $mail_admin = "postmaster";
    This variable must define the (local) e-mail address of the local
    e-mail administrator.  IMPORTANT:  The default definition of this
    variable may perhaps NOT be valid or usable for your particular
    system, so you may perhaps need to set this to something other than
    the default value given in the distributed FormMail script.

    Regardless of what local e-mail address you set this to, please
    _test_ that the e-mail address you use is in fact a working local
    e-mail address.  You should test it by logging into the *web server*
    where you are installing FormMail and then trying to send a test
    e-mail message to the $mail_admin address.  Then check and make sure
    that the message was properly received by the local mail administrator.

    The value of this variable will be used as the place to direct e-mail
    notifications regarding incorrect uses (and possible attempted abuses)
    of FormMail.  It is important that the e-mail address used be one that
    is associated with some mailbox that is routinely and frequently moni-
    tored by a live and concious human being.

    NOTE! NOTE! NOTE!  If you don't have a working postmaster address on
    your local mail server, then for God's sake GET ONE!  Internet RFC
    standards absolutely REQUIRE that each mail server have a valid and
    working postmaster address that goes to a live human being.

  @recipient_addresses = ();
    This variable should be defined to an array of strings that represent
    full and complete e-mail addresses of specific users (or accounts) that
    should be allowed to receive e-mail messages generated by FormMail.
    Each such address should have one of the following two forms:

	user
	user@domain

    If the @domain part is ommited, the user part will be treated as the
    user-ID of some local user account (or some local e-mail alias) on
    the local system where FormMail is installed.

    In either case, the user portion and the domain portion (if present)
    will be syntax checked by FormMail, and users will receive errors if
    any one of the pre-configured strings in @recipient_addresses
    has invalid syntax.  Domain names may only contain letters, digits,
    hyphens (`-') and periods, as per Internet standards.  (Note that
    underscore characters are NOT valid domain name characters.) User
    names can contain almost any characters except those that are reserved
    and generally disallowed in Internet e-mail addresses, namely the
    characters:

	( ) [ ] < > { } : ; @

    Note that unlike prior versions of FormMail, comparison of the user
    portion of e-mail addresses is now perform in a CASE-SENSITIVE manner,
    and thus the e-mail address "john@example.com" is NOT considered to be
    equivalent to "JOHN@example.com" anymore.  If you want to allow people
    writing HTML forms that will interact with FormMail to use various
    capitalizations, you will have to include each differently-capitalized
    version of the address in @recipient_addresses.  (This change was needed
    in order to close a security loophole.)

    Note also that unlike prior versions of FormMail, you CANNOT and MUST
    NOT put any up-caret (^) character at the front of the e-mail address
    strings that you use to define this array.

  @recipient_domains = ();
    This variable should be defined to an array of strings that represent
    the actual domain names, or patterns for the domain names (see below)
    that you wish to allow FormMail to send e-mail to.

    If you know ahead of time all of the exact and complete e-mail addresses
    that you will want FormMail to be able to send e-mail to then DO NOT
    use this variable - leave it set to an empty array (signified by just
    an open/close pair of parentheses).  Use the @recipient_addresses array
    (described above) instead.  That will be more secure.

    There are cases however where the FormMail installer may be installing
    FormMail so that it can be used by a lot of different people within a
    given domain.  (This comes up, for example, when the person installing
    FormMail is doing so for the benefit of a web hosting company where
    there are going to be a lot of different possible FormMail users.)  In
    these cases it is OK to use the @recipient_domains variable.

    Each string used to define the @recipient_domains variable MUST have
    one of the following two general forms:

	domain
	*.domain

    where `domain' is some fully-qualified Internet domain name.

    Use the first form shown above when you know the exact domain name that
    will be used as possible recipient addresses for all Formmail-generated 
    e-mail messages.

    In some cases, you may not know ahead of time (i.e. when you are instal-
    ling FormMail) all of the possible fully-qualified domain names that you
    may want to allow FormMail to send e-mail to, but you may know that they
    will all be sub-domains of a given (base) domain.  In such cases, you may
    use the second form of string, shown above, which is an asterisk followed
    by a period, and then a domain name.  In this case, the asterisk is in-
    tended to represent a sort-of `wild card' character, and this form, when
    used, will allow FormMail to send e-mail messages to any e-mail address
    whose domain part is any sub-domain of the specified base domain.

    Note that you MUST NOT try to put multiple asterisks into any of the
    string values given as part of the @recipient_domains definition, and
    also, you are not allowed to put askterisks into random positions within
    and of these strings.  Only a single asterisk is allowed, and only at
    the very start of each string used in @recipient_domains, and it must
    be followed by a period and then a valid (base) domain name.
    
    In either case, the domain name portion of the string will be syntax
    checked by FormMail, and users will receive errors if any one of the
    pre-configured strings in @recipient_domains has invalid syntax.

    Domain names may only contain letters, digits, hyphens (`-') and periods,
    as per Internet standards.  (Note that underscore characters are NOT
    valid domain name characters.)

    SPECIAL NOTE:  In order to close some security loopholes, whenever a
    recipient address is submitted to FormMail (as part of an HTML form
    submission), FormMail will check to see if the address matches one of
    the allowed recipient specfications that you have edited into the script
    as definitions for the @recipient_addresses and @recipient_domains arrays.
    If a given recipient address matches _only_ one of the specifications
    contained in the @recipient_domains array, then the given e-mail address
    will NOT be allowed to contain any percent-sign (%) or any exclamation-
    mark (!) characters.  (Generally, this won't be a problem, because very
    few people these days have e-mail addresses that include either of these
    kinds of special characters.)

  @valid_ENV = ('REMOTE_HOST','REMOTE_ADDR','REMOTE_USER','HTTP_USER_AGENT');
    This new array allows the administrator to specify a list of environment
    variables that the user may request be added into the e-mail.  This is
    a security patch that was advised against at:
    http://www.securityfocus.com/bid/1187 and was implemented by 
    Peter D. Thompson Yezek at http://www.securityfocus.com/archive/1/62033
    Only environment variables listed in this array may be included in the
    form field env_report.  So if you wanted to also know what URL they were
    submitting from, you could change @valid_ENV to:
       @valid_ENV = ('REMOTE_HOST','REMOTE_ADDR','REMOTE_USER',
                     'HTTP_USER_AGENT','HTTP_REFERER');
    and then include HTTP_REFERER in your env_report form field.

Your FormMail program is now configured.

-----------------------------------------------------------------------------

Form Configuration:
===================

The action of your form needs to point towards this script (obviously), and 
the method must be POST or GET in capital letters.  Version 1.5 of FormMail 
offers many new ways to code your form to tailor the resulting HTML page 
and the way the script performs.  Below is a list of form fields you can 
use and how to implement them.

Necessary Form Fields:
======================

There is only one form field that you must have in your form, for 
FormMail to work correctly.  This is the recipient field.

Field:       recipient

Description: This form field allows you to specify to whom you wish for your
             form results to be mailed.  Most likely you will want to
             configure this option as a hidden form field with a value equal
             to that of your e-mail address.

Syntax:
             <input type=hidden name="recipient" value="email@your.host.com">

-----------------------------------------------------------------------------

Optional Form Fields:
=====================

Field:       subject

Description: The subject field will allow you to specify the subject that you
             wish to appear in the e-mail that is sent to you after this form
             has been filled out.  If you do not have this option turned on,
             then the script will default to a message subject: WWW Form
             Submission

Syntax:
             If you wish to choose what the subject is:
              <input type=hidden name="subject" value="Your Subject">

             To allow the user to choose a subject:
              <input type=text name="subject">

-----------------------------------------------------------------------------

Field:       email

Description: This form field will allow the user to specify their return
             e-mail address.  If you want to be able to return e-mail to your
             user, I strongly suggest that you include this form field and
             allow them to fill it in.  This will be put into the From:
             field of the message you receive.  If you want to require an
             email address with valid syntax, add this field name to the
             'required' field.

Syntax:
             <input type=text name="email">

-----------------------------------------------------------------------------

Field:       realname

Description: The realname form field will allow the user to input their real
             name.  This field is useful for identification purposes and will
             also be put into the From: line of your message header.

Syntax: 
             <input type=text name="realname">

-----------------------------------------------------------------------------

Field:       redirect

Description: If you wish to redirect the user to a different URL, rather than
             having them see the default response to the fill-out form, you
             can use this hidden variable to send them to a pre-made HTML
             page.

Syntax:
             To choose the URL they will end up at:
               <input type=hidden name="redirect" 
                                  value="http://your.host.com/to/file.html">

             To allow them to specify a URL they wish to travel to once the
             form is filled out:
               <input type=text name="redirect">

-----------------------------------------------------------------------------

Field:       required

Version:     1.3 & Up

Description: You can now require for certain fields in your form to be filled
             in before the user can successfully submit the form.  Simply
             place all field names that you want to be mandatory into this
             field.  If the required fields are not filled in, the user will
             be notified of what they need to fill in, and a link back to
             the form they just submitted will be provided.

             To use a customized error page, see 'missing_fields_redirect'

Syntax:
             If you want to require that they fill in the email and phone
             fields in your form, so that you can reach them once you have
             received the mail, use a syntax like:

               <input type=hidden name="required" value="email,phone">

-----------------------------------------------------------------------------

Field:       env_report

Version:     1.3 & Up

Description: Allows you to have Environment variables included in the
             e-mail message you receive after a user has filled out your
             form.  Useful if you wish to know what browser they were using,
             what domain they were coming from or any other attributes
             associated with environment variables.  The following is a short
             list of valid environment variables that might be useful:

             REMOTE_HOST     - Sends the hostname making a request.
             REMOTE_ADDR     - Sends the IP address of the remote host making
                               the request.
             REMOTE_USER     - If server supports authentication and script
                               is protected, this is the username they have
                               authenticated as. *This is not usually set.*
             HTTP_USER_AGENT - The browser the client is using to send the
                               request.  

             There are others, but these are a few of the most useful.  For
             more information on environment variables, see:

            http://www.cgi-resources.com/Documentation/Environment_Variables/

Syntax:
             If you wanted to find the remote host and browser sending the
             request, you would put the following into your form:

              <input type=hidden name="env_report" value="REMOTE_HOST,
                                                           HTTP_USER_AGENT">

-----------------------------------------------------------------------------

Field:       sort

Version:     1.4 & Up

Description: This field allows you to choose the order in which you wish 
             for your variables to appear in the e-mail that FormMail
             generates.  You can choose to have the field sorted
             alphabetically or specify a set order in which you want the
             fields to appear in your mail message.  By leaving this field
             out, the order will simply default to the order in which the 
             browsers sends the information to the script (which is usually
             the exact same order as they appeared in the form.)  When
             sorting by a set order of fields, you should include the phrase
             "order:" as the first part of your value for the sort field, and
             then follow that with the field names you want to be listed in
             the e-mail message, separated by commas.  Version 1.6 allows a
             little more flexibility in the listing of ordered fields, in
             that you can include spaces and line breaks in the field without
             it messing up the sort.  This is helpful when you have many form
             fields and need to insert a line wrap.

Syntax:
             To sort alphabetically:
               <input type=hidden name="sort" value="alphabetic">

             To sort by a set field order:
               <input type=hidden name="sort" value="order:name1,name2,
                                                   name3,etc...">

-----------------------------------------------------------------------------

Field:       print_config

Version:     1.5 & Up

Description: print_config allows you to specify which of the config 
             variables you would like to have printed in your e-mail message.
             By default, no config fields are printed to your e-mail.  This
             is because the important form fields, like email, subject, etc.
             are included in the header of the message.  However some users
             have asked for this option so they can have these fields printed
             in the body of the message.  The config fields that you wish to
             have printed should be in the value attribute of your input tag
             separated by commas.

Syntax:
             If you want to print the email and subject fields in the body of
             your message, you would place the following form tag:

              <input type=hidden name="print_config" value="email,subject">

-----------------------------------------------------------------------------

Field:       print_blank_fields

Version:     1.6

Description: print_blank_fields allows you to request that all form fields
             are printed in the return HTML, regardless of whether or not
             they were filled in.  FormMail defaults to turning this off, so
             that unused form fields aren't e-mailed.

Syntax:

             If you want to print all blank fields:
              <input type=hidden name="print_blank_fields" value="1">

----------------------------------------------------------------------------

Field:       title

Version:     1.3 & Up

Description: This form field allows you to specify the title and header that
             will appear on the resulting page if you do not specify a
             redirect URL.

Syntax:
             If you wanted a title of 'Feedback Form Results':
              <input type=hidden name="title" value="Feedback Form Results">

-----------------------------------------------------------------------------

Field:       return_link_url

Version:     1.3 & Up

Description: This field allows you to specify a URL that will appear, as
             return_link_title, on the following report page.  This field
             will not be used if you have the redirect field set, but it is
             useful if you allow the user to receive the report on the
             following page, but want to offer them a way to get back to
             your main page.

Syntax:
             <input type=hidden name="return_link_url" 
				             value="http://your.host.com/main.html">

-----------------------------------------------------------------------------

Field:       return_link_title

Version:     1.3 & Up

Description: This is the title that will be used to link the user back to the
             page you specify with return_link_url.  The two fields will be
             shown on the resulting form page as:

             <ul>
              <li><a href="return_link_url">return_link_title</a>
             </ul>

Syntax:
             <input type=hidden name="return_link_title"
                                                  value="Back to Main Page">

-----------------------------------------------------------------------------

Field:       missing_fields_redirect

Version:     1.6

Description: This form field allows you to specify a URL that users will be
             redirected to if there are fields listed in the required form
             field that are not filled in.  This is so you can customize an
             error page instead of displaying the default.

Syntax:
             <input type=hidden name="missing_fields_redirect"
                                    value="http://your.host.com/error.html">

-----------------------------------------------------------------------------

Field:       background

Version:     1.3 & Up

Description: This form field allow you to specify a background image that
             will appear if you do not have the redirect field set.  This
             image will appear as the background to the form results page.

Syntax:
             <input type=hidden name="background"
                                     value="http://your.host.com/image.gif">

-----------------------------------------------------------------------------

Field:       bgcolor

Version:     1.3 & Up

Description: This form field allow you to specify a bgcolor for the form
             results page in much the way you specify a background image.
             This field should not be set if the redirect field is.

Syntax:
             For a background color of White:
              <input type=hidden name="bgcolor" value="#FFFFFF">

-----------------------------------------------------------------------------

Field:       text_color

Version:     1.3 & Up

Description: This field works in the same way as bgcolor, except that it
             will change the color of your text.

Syntax:
             For a text color of Black:
              <input type=hidden name="text_color" value="#000000">

-----------------------------------------------------------------------------

Field:       link_color

Version:     1.3 & Up

Description: Changes the color of links on the resulting page.  Works in the
             same way as text_color.  Should not be defined if redirect is.

Syntax:
             For a link color of Red:
              <input type=hidden name="link_color" value="#FF0000">

-----------------------------------------------------------------------------

Field:       vlink_color

Version:     1.3 & Up

Description: Changes the color of visited links on the resulting page. Works
             exactly the same as link_color.  Should not be set if redirect
             is.

Syntax:
             For a visited link color of Blue:
              <input type=hidden name="vlink_color" value="#0000FF">

-----------------------------------------------------------------------------

Field:       alink_color

Version:     1.4 & Up

Description: Changes the color of active links on the resulting page. Works
             exactly the same as link_color.  Should not be set if redirect
             is.

Syntax:
             For a visited link color of Blue:
              <input type=hidden name="alink_color" value="#0000FF">

-----------------------------------------------------------------------------

Any other form fields that appear in your script will be mailed back to 
you and displayed on the resulting page if you do not have the redirect 
field set.  There is no limit as to how many other form fields you can 
use with this form, except the limits imposed by browsers and your server.

-----------------------------------------------------------------------------

Some of the possible uses of this script are:

1) You want to have a form that will be mailed to you, but aren't sure how to 
   write the CGI script for it.
2) You are the webmaster of your site and want to allow users to use forms, 
   but not to have their own cgi-bin directories, which can cause 
   security risks to your system.  You can set this script up and then 
   allow all users to run off of it.
3) Want to have one script to parse all of your html forms and mail them 
   to you.

-----------------------------------------------------------------------------

History:
Version 1.0     06/11/95  -  This script was created.
Version 1.1     08/03/95  -  A major hole in the script which allowed users 
                             to run commands under your server's uid was 
                             disabled, thanks to Paul Phillips, who noticed
                             the error.
                          -  The ability to redirect the user to a specified
                             HTML file after they filled out a form was 
                             added.
Version 1.2     09/23/95  -  If the form field is one of the required or 
                             optional 'special' fields, such as redirect, 
                             recipient, subject, email, realname, etc... the
                             script will not print these fields to either
                             your mail message or to the user's screen when
                             they are returned to a generic form response.
                             It helps you so that things do not get 
                             duplicated.
Version 1.3     01/21/96  -  Much needed update finally completed
                          -  Added form fields: env_report, bgcolor, 
                             background, link_color, vlink_color, title,
                             text_color, return_link_title, return_link_url 
                             and required.
                          -  Security hole, which allowed any user on any 
                             system to bum off of your FormMail script, has
                             been plugged up with the @referers variable.
                          -  Report style in return html and e-mail touched 
                             up a bit.
Version 1.4     01/23/96  -  Added options: sort, alink_color 
                          -  Fixed a few bugs from Version 1.3, namely the 
                             fact that the link_colors weren't working well.
                          -  FormMail now supports both the GET and POST 
                             methods.
Version 1.5     02/05/96  -  Sorting of Fields in E-Mail Response Fixed.
                          -  print_config option added.
Version 1.6     05/02/97  -  Sorting of fields by default was fixed to now
                             sort in the order the fields are passed to
                             FormMail from the web browser, which is usually
                             the same order as they appear in the HTML form.
                          -  The sort order: directive, env_report and 
                             print_config parsing routines were made to 
                             better compensate for line breaks and extra
                             spaces in input for ease of use.
                          -  Redirect error causing the redirect option to
                             incorrectly work with https (secure servers)
                             was fixed.
                          -  Input of a '0' in a regular form field now
                             recognized as input and sent back to user.
                          -  Output of non-filled in form fields suppressed.
                          -  E-mail addresses checked for correct syntax if
                             designated a required field.
                          -  Fields only printed if they contain a value or
                             if the print_blank_fields option is set to 1.
                          -  missing_fields_redirect added so you can route
                             users who don't completely fill out the form to
                             a pre-made HTML page.
                          -  Parts of code optimized, especially in respect
                             to the way config variables are handled.
Version 1.7     07/27/01  -  Added in @recipients to defeat spamming attempts
                          -  Added in @valid_ENV to allow administrators to
                             specify what environment variables can be sent.
Version 1.8     08/02/01  -  Fixed the recipients code to allow multiple
                             recipients using the 'recipients' form field and
                             commas. Under certain cases in v1.7, spam could
                             still get through by appending a legit recipient
                             to the list of intended spam victims.
                          -  Moved send_email subroutine in front of 
                             return_html as many people reported their web
                             server would kill the FormMail process after the
                             redirect command was issued and no e-mail would
                             be sent.
Version 1.9     08/03/01  -  Added in a further anti-spam check which would
                             take advantage of newline characters in the 
                             subject to send invalid e-mail.
                          -  Removed a restriction when checking e-mail 
                             addresses for validity that required a 2 - 3
                             character domain extension.  With the new TLD's
                             becoming available, it can no longer apply.
-----------------------------------------------------------------------------
Matt Wright - mattw@worldwidemart.com - http://www.worldwidemart.com/scripts/
