Ok I have never done any CGI stuff at all so this is totaly new to me. My boss is wondering if there is a way to have the script kill emails that contain certain key words? The case now, he would like all emails with the word "Goodsite" in the message to be killed/deleted. Is there a way to do this either directly in the CGI script or PHP or anything? Thanks for the help. Here is what the CGI script looks like. At least im sure this is whats needed.
#!/usr/bin/perl
##############################################################################
# Cliff's Form Mailer Version 1.0 #
# Copyright 1998 Shaven Ferret Productions #
# Created 6/4/98 #
# Available at http://www.shavenferret.com/scripts #
##############################################################################
# COPYRIGHT NOTICE #
# Copyright 1998 Shaven Ferret Productions All Rights Reserved. #
# #
# This script can be used\modified free of charge as long as you don't #
# change this header thing, or the part that gives me credit for writing #
# script in the e-mail. If you really need to remove this part, go to #
# http://www.shavenferret.com/scripts/register.shtml . By using this script #
# you agree to indemnifyme from any liability that might arise from its use. #
# In simple English, if this script somehow makes your computer run amuck #
# and kill the pope, it's not my fault. #
# #
# Redistributing\selling the code for this program without prior written #
# consent is expressly forbidden. #
##############################################################################

# Enter the location of sendmail.
$mailprogram = "/usr/lib/sendmail -t";

# Enter the fields that are required. They should each be in quotes and
# separated by a comma. If no fields are required, change the next line
# to @required = ();
@required = ('email','subject');

# Enter your e-mail address. Be sure to put a \ in front of the @.
# (user@domain.com becomes user\@domain.com)
$youremail = "gkmundt\@mindspring.com";

##############################################################################
# Congratulations! You've finished defining the variables. If you want to, #
# you can continue screwing with the script, but it isn't necessary. #
##############################################################################

# Put the posted data into variables

read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}

# Check for all required fields

foreach $check(@required) {
unless ($FORM{$check}) {
print "Content-type: text/html\n\n";
print "<html><head><title>Missing Information</title></head>\n";
print "<body><h1>Missing Information</h1><br>\n";
print "I'm sorry, but it would appear that you've forgotten to\n";
print "fill out the $check field. Please click\n";
print "back and try again.\n";
print "</body></html>\n";
exit;
}
}

# Check the senders email

if ($FORM{'email'}) {
unless ($FORM{'email'} =~ /\w+@\w+.\w+/) {
print "Content-type: text/html\n\n";
print "<html><head><title>Bad E-mail</title></head>\n";
print "<body><h1>Bad E-mail</h1><br>The e-mail address that you've\n";
print "entered, $FORM{'email'}, is invalid. Please click back and\n";
print "try again.\n";
exit;
}
}

open (MAIL,"|$mailprogram");
print MAIL "To: $youremail\n";
print MAIL "From: $FORM{'email'}\n";
print MAIL "Subject: $FORM{'subject'}\n";
print MAIL "Hello. The following information has been submitted:\n\n";
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
unless ($name eq "response" || $name eq "email" || $name eq "subject") {
print MAIL "$name: $value\n";
}
}
close MAIL;

if ($FORM{'response'} && $FORM{'email'}) {
open (RESPONSE, $FORM{'response'});
@response = <RESPONSE>;
close(RESPONSE);
open (MAIL,"|$mailprogram");
print MAIL "To: $FORM{'email'}\n";
print MAIL "From: $youremail\n";
print MAIL "Subject: $FORM{'subject'} -- Autoresponse\n";
foreach $line (@response) {
print MAIL "$line";
}
print MAIL "The person you are communicating with is using Cliff's\n";
print MAIL "Form Mailer Script. If you would like to add this script\n";
print MAIL "to your web site, you can find it and many more perl scripts at\n";
print MAIL "http://www.shavenferret.com/scripts\n";
close MAIL;
}

print "Content-type: text/html\n\n";
print "<html><head><title>Thank you!</title></head>\n";
print "<body><h1>Thank you!</h1><br>Thanks for your input! \n";
if ($FORM{'response'} && $FORM{'email'}) {
print "You should receive an autoresponse shortly.<p>\n";
}
print "Please close window.\n";

Thanks alot for the help

Here is another script, Im think if anything this is the script that I will need to edit to do what it is I want. Any help onhow to do this would be greatly appreciated
#!/usr/local/bin/perl

$SENDMAIL = '/usr/lib/sendmail';
# The location of your sendmail binary

## Also, make sure the first line of this script points
## to your PERL binary

########## Nothing else to change ######################################
########################################################################


$SCRIPT = $ENV{'SCRIPT_NAME'};

#### Do standard HTTP stuff ####
&cgi_receive;
&cgi_decode;
&cgi_header;

#### Output email form unless you are receiving FORM input already ####
&print_form unless keys %FORM;

#### Make sure required fields are filled out ####
if ($FORM{'nickname'}) {
#### This section is for receiving from this form ####
&error_blank_field('your name') unless ($FORM{'from-name'});
&error_blank_field('your email address in the form of <I>name@domain</I>') unless ($FORM{'from-email'} =~ /\@/);
&error_blank_field('the subject of the message') unless ($FORM{'subject'});
&error_blank_field('your message') unless ($FORM{'message'});
}
else {
#### This section is for user's forms ####
#### Such as ACTION="/cgi-bin/mail?carlos" to have results forwarded ####
$FORM{'nickname'} = $ENV{'QUERY_STRING'};
}

#### Lookup email address based on 'nickname' ####
open (MAILNAMES, "mail.lis") || die ("$SCRIPT: Can't open mail.lis: $!\n");
while (<MAILNAMES>) {
chop;
($nick, $addr) = split(/:/, $_);
$ADDRESS{$nick} = $addr;
}
close (MAILNAMES);
&error_blank_field('the nickname of the recipient') unless ($ADDRESS{$FORM{'nickname'}});

#### Make sure all necessary variables for email message are filled in
($FORM{'subject'}) || ($FORM{'subject'} = "TECHNICAL INTERIORS INFO REQUEST");
($FORM{'from-email'}) || ($FORM{'from-email'} = $ADDRESS{$FORM{'nickname'}});
($FORM{'from-name'}) || ($FORM{'from-name'} = "WebMonitor mail");

open (MAIL, "| $SENDMAIL $ADDRESS{$FORM{'nickname'}}") || die ("$SCRIPT: Can't open $mailprog: $!\n");
print MAIL "Reply-to: $FORM{'from-email'} ($FORM{'from-name'})\n";
print MAIL "From: $FORM{'from-email'} ($FORM{'from-name'})\n";
print MAIL "To: $ADDRESS{$FORM{'nickname'}}\n";
print MAIL "Subject: $FORM{'subject'}\n";
print MAIL "\n";
print MAIL "=============================================================\n";
print MAIL "\n";
print MAIL "EMAIL ADDRESS: $FORM{'ENAME'}\n";
print MAIL "COMPANY: $FORM{'COMPANY'}\n";
print MAIL "NAME: $FORM{'NAME'}\n";
print MAIL "TITLE: $FORM{'TITLE'}\n";
print MAIL "ADDRESS1: $FORM{'ADDRESS1'}\n";
print MAIL "ADDRESS2: $FORM{'ADDRESS2'}\n";
print MAIL "CITY: $FORM{'CITY'}\n";
print MAIL "STATE/PROVIDENCE: $FORM{'STATE'}\n";
print MAIL "POSTAL CODE: $FORM{'ZIP'}\n";
print MAIL "COUNTRY: $FORM{'COUNTRY'}\n";
print MAIL "PHONE: $FORM{'PHONE'}\n";
print MAIL "HOW TO CONTACT: $FORM{'CONT'}\n";
print MAIL "SOURCE: $FORM{'SOURCE'}\n";
print MAIL "COMMENTS: $FORM{'COMMENTS'}\n";

print MAIL "\n";
close (MAIL);

#### Now, redirect if "next-url" is included
if ($FORM{'next-url'}) {
print "Location: $FORM{'next-url'}\n";
print "\n";
exit;
}

#### Prevent HTML output
foreach $key (keys %FORM) {
$FORM{$key} =~ s/</\&lt;/g;
$FORM{$key} =~ s/>/\&gt;/g;
}

#### Output confirmation message ####
print qq|<HTML><HEAD><TITLE>WebMonitor-Email Sent</TITLE>\n|;
print qq|<BODY bgcolor="white" marginheight="0" topmargin="0">\n|;
print qq|<center><img name="TI_Logo" src="../graphics/tilogo2.gif">\n|;
print qq|<H1>Email Sent</H1>\n|;
print qq|<H2>Your Information Request has been sent.</H2>\n|;
print qq|<H2><a href="/index.htm">Click Here to Continue
</a></center>\n|;
print "</BODY>\n";
exit;

#####################################################################
#### SUBROUTINES ####################################################

sub error_blank_field {
local($variable) = @_;
print "\n" if ($FORM{'next-url'});
print "<HTML><HEAD><TITLE>WebMonitor-Email Error</TITLE></HEAD><BODY>\n";
print "<H1>Error!</H1>\n";
print "You did not fill in $variable.\n";
print "Please go back to the form and do so.\n";
print "</BODY>\n";
exit;
}

sub cgi_header {
print "Content-type: text/html\n";
print "\n" unless ($FORM{'next-url'});
}

sub cgi_receive {
if ($ENV{'REQUEST_METHOD'} eq "POST") {
read(STDIN, $incoming, $ENV{'CONTENT_LENGTH'});
}
else {
$incoming = $ENV{'QUERY_STRING'};
}
}

sub cgi_decode {
@pairs = split(/&/, $incoming);

foreach (@pairs) {
($name, $value) = split(/=/, $_);

$name =~ tr/+/ /;
$value =~ tr/+/ /;
$name =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/gie;
$value =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/gie;

#### Strip out semicolons unless for special character
$value =~ s/;/$$/g;
$value =~ s/&(\S{1,6})$$/&\1;/g;
$value =~ s/$$/ /g;

$value =~ s/\|/ /g;
$value =~ s/^!/ /g; ## Allow exclamation points in sentences

#### Skip blank text entry fields
next if ($value eq "");

#### Check for "assign-dynamic" field names
#### Mainly for on-the-fly input names, especially checkboxes
if ($name =~ /^assign-dynamic/) {
$name = $value;
$value = "on";
}

#### Allow for multiple values of a single name
$FORM{$name} .= ", " if ($FORM{$name});

$FORM{$name} .= $value;
}
}

sub dump_values {
local($env, $handle) = @_;
eval "\@keys = keys \%$env";
eval "\@values = values \%$env";
($handle eq "STDOUT") && (print $handle "<PRE>\n");
while ($#keys >= 0) {
$key = pop(@keys);
$value = pop(@values);
if ($value =~ /[\cM\n]/) {
print $handle "($key)\n";
print $handle "-" x 70, "\n", $value, "-" x 70, "\n";
}
else {
print $handle "($key) $value\n";
}
}
($handle eq "STDOUT") && (print $handle "</PRE>\n");

}

sub print_form {
#### Assign path_info and query_string if necessary
#### $path_info = "";

open (MAILNAMES, "mail.lis") || die ("$SCRIPT: Can't open mail.lis: $!\n");
while (<MAILNAMES>) {
chop;
($nickname, $address) = split(/:/, $_);
$ADDRESS{$nickname} = $address;
}
close (MAILNAMES);

print qq|<HTML><HEAD><TITLE>WebMonitor-Email Form</TITLE></HEAD><BODY>\n|;
print qq|<H1>$ENV{'SERVER_NAME'} <A HREF="http://hoohoo.ncsa.uiuc.edu/webmonitor/module-mail.html">Email Form</A></H1>\n|;
print qq|<FORM METHOD="POST" ACTION="$SCRIPT$path_info$query_string">\n|;
print qq|<HR>\n|;
print qq|<INPUT TYPE="submit" VALUE="Send Email"> to |;


if ($ADDRESS{$ENV{'QUERY_STRING'}}) {
print qq|<B>$ENV{'QUERY_STRING'}</B> <I>($ADDRESS{$ENV{'QUERY_STRING'}})</I>\n|;
print qq|<INPUT TYPE="hidden" NAME="nickname" VALUE="$ENV{'QUERY_STRING'}">\n|;
}
else {
print qq|<SELECT NAME="nickname">\n|;
print qq|<OPTION>Select name...\n|;
foreach $nickname (sort keys %ADDRESS) {
print qq|<OPTION>$nickname\n|;
}
print qq|</SELECT>\n|;
}


print qq|<HR>\n|;
print qq|<PRE>|;
print qq| Your Name: <INPUT NAME="from-name" SIZE="30">\n|;
print qq|Email Address: <INPUT NAME="from-email" SIZE="30">\n|;
print qq| Subject: <INPUT NAME="subject" SIZE="40"> <INPUT TYPE="reset" VALUE="Clear Message">\n|;
print qq|</PRE>\n|;
print qq|<TEXTAREA NAME="message" ROWS="15" COLS="70"></TEXTAREA>\n|;
print qq|<INPUT TYPE="hidden" NAME="previous-url" VALUE="$ENV{'HTTP_REFERER'}">\n|;
print qq|</FORM>\n|;
print qq|</BODY>\n|;

exit;
}

You may not like this answer, but the best solution is to dump both those mail programs.

Normally checking for certain words would be easy; just a quick "if" statement. But the first program doesn't even read the message until after the e-mail is already started.

And it's even worse than that. Both programs write the user's input straight into the e-mail without checking what the user entered. This allows what's known as e-mail injection. The user can "inject" extra headers into the e-mail, setting the "To" and "From" fields, and even the message body, to whatever the user wishes them to be. Spammers thrive off these security holes. If those programs have been running on your site, then probably they've already been used to send spam mail without you even knowing.

A relatively less important issue is the e-mail validation in the first program. The programmer clearly didn't check the specs to know what is or isn't a valid e-mail. My e-mail address would be considered invalid by that program.

And other tell-tale signs (no strict, no warnings, no CGI module) are hallmarks of a badly written Perl program.

Your boss should consider switching to something else. The nms Project (http://nms-cgi.sourceforge.net/about.html) is a good place to start.

Well thank you very much for pointing all of that out. The scripts that you have seen actually belong to a sister company. Im not sure who wrote them or even what my options are. I dod come across a site to program a "filter" of sorts. Maybe that is something I can do for now and propose the idea of replacing the mail scripts with some new PHP scripts or CGI scripts. I also did stumble across that nms site, perhaps Ill go back and see what I can learn.

Any further help you (or anyone else) could lend on this do to my zero knowledge on CGI would be great.
Thanks again

here is the site that i found out how to do somefiltering. Would any of this help me at all with the existing code?