Proper prevention of mail injection in PHP

Question

Could you advise me how do I go about preventing email injection in PHP mail() without losing original message data? E.g. if I need to allow user to use \

Answer 1

Use a designated mime email library, like Mail_Mime:

setTXTBody("Message goes here");
$hdrs = $mime->headers(array(
    'From'    => 'you@yourdomain.com',
    'Subject' => 'Test mime message'
));
$body = $mime->get();

$mail = &Mail::factory('mail');
$mail->send('postmaster@localhost', $hdrs, $body);

?>