Total Posts: 38
Port Melbourne, Australia
I have switched this feature off for now, but last night I started to get bounces from various mailservers, this is the log entry;
220.127.116.11 - - [19/Jul/2008:05:48:33 +1000] “POST /sendfriend/product/sendmail/id/7/ HTTP/1.0” 302 - “http://www.alond.com.au/sendfriend/product/send/id/7/” “Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.9) Gecko/20020311”
They seem to be able to inject text and links into the email.
Is there something I can do to retain this feature, but not have it abused?