The remote host is running a version of PHP <= 4.2.2. The mail() function does not properly sanitize user input. This allows users to forge email to make it look like it is coming from a different source other than the server. Users can exploit this even if SAFE_MODE is enabled.

Contact your vendor for the latest PHP release.