The quick brown fox jumps over the lazy dog.
Now is the time for all good men to come to the aid of their country.
HTML; $mail = Solar::factory('Solar_Mail_Message'); $mail->setCharset('utf-8') ->setFrom('pmjones@example.com', 'Paul M. Jones') ->addTo('boshag@example.com', 'Bolivar Shagnasty') ->addCc('nobody@example.net') ->setSubject('A Short Test Message') ->setText($text) ->setHtml($html); }} That's pretty easy ... but is it safe? ---------------------------- Headers and Header Injection ---------------------------- Anything that ends up getting sent as a mail header, including addresses and the subject line, is sanitized against header-injection attacks by removing newlines from the header label and value. Let's say you want to add a new custom header: $mail = Solar::factory('Solar_Mail_Message'); $mail->setHeader('X-Custom-Header', "Foo\r\n\r\nAn evil message"); Under a less-secure system this would cause the header to be sent as: X-Custom-Header: Foo An evil message. That's no good -- somebody just injected their own message into our email. With `Solar_Mail_Message`, when the mail gets sent, that header will go out as: X-Custom-Header: FooAn evil message We strip the newlines in header labels and values automatically, so you should be safe against header injections. (If there are other aspects to securing against header injections I would be happy to hear them.)