# Postfix using MySQL



## hockey97 (Jun 17, 2015)

Hi, I am using Postfix with MySQL. I want to know if I need to use prepared statements? Or is this down automatically?

I have `query = query statement` This is what I have and was told by someone my mail server can be attacked with an SQL injection attack.

Now, I rewrote the query to use prepared statements.


----------

