I've seen a lot of examples using the php mail function. Some of them use rn as line break for the header, some use n.
$headers = "From: Just Men";
$headers .= "Reply-To: Just me <$email>n";
vs
$headers = "From: Just Mern";
$headers .= "Reply-To: Just me <$email>rn";
which one is correct?
Sometimes I've had cases where rn is used and part of the header is interpreted by some email clients as mail text (losing these header information) - is this because rn is wrong?
UTF-16 is the problem. If you're just working with raw the bytes, then you can use the full sequences for replacing:
$out = str_replace("x00x5cx00x72x00x5cx00x6e", "x00x0a", $in);
This assumes big-endian UTF-16, else swap the zero bytes to come after the non zeros:
$out = str_replace("x5cx00x72x00x5cx00x6ex00", "x0ax00", $in);
If that doesn't work, please post a byte-dump of your input file so we can see what it actually contains.
In addition to Ted Percival's suggestions, you could try using PHPMailer to create the emails for you rather than manually building the headers. I've used this class extensively and not had any trouble with email being rejected as spam by Yahoo, or anyone else.
Someone would want to inject something like this:
user_address@domain.com
CC: spam_address1@domain.com, spam_address2@domain.com, spam_address3@domain.com
You do not allow rn which is needed for defining new header info. So your application is safe.
The CRLF
rn, should be used according to the php documentation. Also, to conform to the RFC 2822 spec lines must be delimited by the carriage return character, CRrimmediately followed by the line feed, LFn.Since
rnis native to Windows platforms andnto Unix, you can use thePHP_EOLDocs constant on Windows, which is the appropriate new line character for the platform the script is currently running on.