Hello,

I inherited a temp job helping get a web site moved to a new host. One of the questions I was asked is with regard to customer privacy. It seems that when a customer fills out the "contact us" mail form at their web page, the email header contains the customer's IP address. Not sure why that's a big deal, but the owner is all hot about it. It 's in the header data, like this...

X-EN-OrigIP: 168.233.1.6

Is there a way to prevent that, and if so are there any legal issues to worry about?

The script uses the mail() function to send the form data. Being a PHP novice, I am not sure where to start to remedy the "problem", but the owner wants to have the "contact us" form submission protect the customer from any potential infringement of privacy.

Suggestions and advice greatly appreciated.
Thanks!

I have not tried this, since I don't have access to the mail server, but you could try

mail($to,$subject,$message,"X-EN-OrigIP: 0.0.0.0");

This uses the additional headers parameter. I am not sure if this will just add the header to the end (which would be useless) or replace the existing one (so it doesn't send the real IP, therefore fixing your problem). If you already use additional headers, you would need to merge them. I am not sure if order matters, that is, if you have to put this header first in the list or last or what.

Hope this helps...

Thanks!!

After appending your example string to the existing optional header data, separated by a crlf, it does exactly what the boss wanted. I will have to tell him it was your idea, but he'll be happy nonetheless.
I appreciate your advice, and your time.