I have a problem with sending answer mails ans hope somebody can help me. First of all, sorry for my english ;)
I'm programming a forum. By sending an e-mail, datas (id, message, sender-mail, receiver-mails) get entered into a database. In the mail, there is also a link to a php-site. On this site one can accept/cancel (via checkboxes) and these commitments/cancellations will be sent in an answer-mail to the original sender of the mail.
Now my problem: I'm not able to send the answer-mail automatically back to the original sender, because I don't know how to get the mail-address.
Is there a possibility to include the ID in the mail, so that I'm able to filer the mail-address from the database?
Or are there any other possibilities?
Many thanks in advance :)
The question isn't very clear but I'll try anyway. If what you're trying to do is to know which recipient clicked a link in your email you can add that email plus a unique hash key to ensure authenticity of that info.
For example if email is abc#example.com then you could add the email as a parameter plus a hash parameter that it a simple hash of the email and a salt string to verify it was actually from the email sent to that person.
This is simpler than keeping it all in the database but you can also decide to store all pending confirmations for some days so that even a hacker won't be able to guess email addresses.
Related
Looking to be pointed in the right direction to create the ie. someone emails to support#domain.com, with their issue, the email via php is recognized that it's a "fresh" email that's not in the system so the email is registered in a database, the sender of the email would receive an auto response with a ticket ID saying we'll get back to them & that's their ticket and any emails back and forth with that ticket id in the subject line and/or bottom body would be registered in the database so the customer could login to the client area and see them and reply there as well.
I know DreamHost & Apple (specifically iTunes Customer Support) makes use of this "id - ticket" type system, and just want to be pointed in the correct direction.
Thanks.
This would probably be a good read for retrieving and working with emails in PHP - http://www.tuxradar.com/practicalphp/15/6/1.
Each email message should have message id in the headers, but this not something that you can really rely on so I would use some combination of a few email message attributes. Maybe the sender's email address and a checksum (http://php.net/manual/en/function.crc32.php) of the body and subject.
You could use this (http://php.net/manual/en/function.uniqid.php) to generate unique ticket ids and store them in the db or just use the primary key of the tickets/emails table.
Is there a way in PHP to update an email id in a mail server if we have the access details of the mail server. The requirement is as follows.
I am developing a community website which need a provision to upload photos to their photo gallery by sending an email. We planned to create email id for each user so that they could send emails with photo attachments to that id. A cron job will search for emails inside those id's and if it finds a mail with attachment, uploads the file to the server and subject of the email will be considered as the photo caption.
But it has a security loophole such that anyone who knows the email id can send an email and add photo to others account. We are planning to have a security code in their id which can be modified by user if required.
eg. name.XXXX#domain.com where XXXX is a four digit secret code. THe user can change that code whenever required. i.e. the email id can be name.1234#domain.com or name.3452#domain.com according to the user's wish to maintain privacy. So is there a way to edit the email id using PHP functions.
Creating email accounts and/or aliases would certainly be possible with PHP, but it would depend so much on your server setup.
Another route to consider would be to not have any real email boxes, but to instead have all email delivered to a catch-all account and have your cron script search through that one mailbox and compare all recipient addresses against a database, then you don't have to worry about actually creating real email users on the server.
Additionally, in terms of improving security, you could have each user authenticate which sender email addresses are allowed to send emails with photo attachments. It's still not bullet-proof, because sender addresses can be spoofed, but it's an extra step in the right direction.
I am writing an app to let users reply to a post or thread straight from their email similar to Facebook. Users can already add new posts via email and it is working fine.
When a new post is generated an email alert is sent to specific users and a unique reply address is created containing an encoded string with the original post/thread ID. This is working fine. The emails are sent and the system picks up the reply using the unique reply address.
My problem is trying to isolate the comment/reply in the email, from the quoted original email underneath. Here is an example of an email body received:
reply text
(Origional Email Header)On 10 March 2011 16:35, Example SIte
<pwKVb1BVUITY4Ai-fKR8ioPrR8Zki9cKBmAA0njXi8Y#example.us= > wrote:
I have thought of using identifying characters or strings but each email provider displays the original email in a reply differently.
Does anyone have any ideas how I can isolate the reply text from the original email's header and body?
Thank you,
Chris.
For a support ticket system I wrote, I focused on using the References email header concatenating previous message ids onto that. Many systems will hold onto that, but, of course, not all. Plus, my system is organic, ie, attempts to process emails with any subject and body in less of a controlled environment. A work in progress.
Since different email servers are going to format headers differently in replies, I don't think there is any way to reliably catch all of them. But if you're dealing with a relatively small number of users, you can just use regex matching to catch some of the most common header formats and strip those.
is there any way to check if an email is active without sending it an email? (meaning that it does not get returned)
if i have 20,000 emails in my email list, and i do decide to send all of them an email, how can automatically cross out the email address that got returned?
Sending an email and requesting the user click some sort of activation link is the best way to determine if the email address is valid, and being used by someone. If you just want to see if the email is valid whether or not its registerd or active, use a Regex.
As for crossing them out, where are the emails stored? If its in a database, just set an activation key and a flag saying whether the link has been visited or not.
No.
Depends on how you are sending them. (Please provide more details)
There used to be a way to query a mail server if an email address is valid. However, since spammers used that facility for ill purposes, almost no mail servers will support that method anymore.
All you can hope to do is a DNS lookup on the email domain to see if the domain is valid.
These days, you can't know if the email address is valid. The domain is about as far as you'll get and you can do a reverse lookup on that to see if that is valid. But it won't tell you about the user.
What you need is something to process the bounces from your mail out and write some sort of script to perhaps update the list. There are many tools under Linux for this type of purpose such as procmail. Theres a port of that for windows I think.
No
You need mailing list management software. Lyris Listmanager is a paid one that has automatic bounce handling and removes users from your list. There are several free ones that doe the same thing: ezmlm, mailman, majordomo and many others. You probably don't want to just send all those emails without a piece of MLM software to manage it. you will probalby get blacklisted fromservers. You need things like unsubscribe handling or you won't be sending emails for long.
Heh. if you could find out a way, the answer would be worth billions to spammers.
The best answer here is: No.
I need to build a little webapp but I'm not sure what is the best thing to do.
A person that subscribe the petition is signing an email sent to X. This will be also saved to a db in order to show online who subscribed.
The idea is to have a standard text message, the user submit his name and that name goes into the message as signature.
I could make php send the email with the address of the real sender, or let the user copy and paste the text and let him send the email on his own.
I'm not sure of what is the best way to implement it. What will be more "effective", I mean as number of subscribers the solution where the app send the email is easier, but what about the authenticity of the emails? They could be considered not valid if sent all from the same place?
Regardless of the whole thing being a "good" idea or not, you want to keep yourself safe. If you spoof the from field, chances are most of your email (especially for domains with SPF records) will not make it through the first level of spam filtering.
A SPF (Sender Policy Framework) record lists the only IPs that are allowed to send mails for a domain. If a domain has a SPF record and you poll it, you're supposed to treat anything that didn't originate from a listed server as hazardous waste.
Depending on where you're sending these emails, you'll probably end up with your mail server on one or multiple blacklists. That means any email, SPF or not just won't get accepted.
So in short:
Get people to send their own email. Provide templates.
Consider utilizing the full specs for <a href="mailto:... -- you can put the subject and body in the link, allowing templates to be a one-click affair.
You could use Javascript on your site to personalise the message (and therefore mailto: link) while still on your site.
Let me get this straight - so you want to add to the flood of armchair activism email that is already saturating the world to no good purpose, and you're asking how best to do it? I would read the following before going any further with this:
http://www.breakthechain.org/armchair.html