I'm currently using the following function to check valid email provider-
function chkEmailProvider($hn, $rt = ''){
if( $rt == '' ) $rt = "MX";
exec("nslookup -type=$rt $hn", $result);
foreach ($result as $line) {
if(eregi("^$hn",$line)) {
return true;
}
}
return false;
}
But don't know how to get email sender details from email header. Could you please help me? How to do that?
Again is that possible to check the availability of an email address?
Looking forward to your valuable solutions..
Thanks in advance.
Many shared hosting environments disable exec. Consdier using checkdnsrr instead
function chkEmailProvider($hn, $rt = ''){
if( $rt == '' ) $rt = "MX";
return checkdnsrr($hn, $rt);
}
As to checking if the email itself is valid... that's difficult without actually sending an email to the server and checking for a bounce (which might earn you a spot on a spam list)
Related
I’m having problems getting the sender's email address,
$single_message = $gmail->users_messages->get('me', $msg_id);
"from" usually yields the senders name
To get the email address I have this code
if($partes->getName() == 'Authentication-Results')
{
$outh_res = $partes->getValue();
if(strpos($outh_res, 'smtp.mailfrom=') !== false)
{
$bits = explode('smtp.mailfrom=',$outh_res);
$mail = $bits[1];
if(strpos($mail, ';') !== false)
{
$bits = explode(';',$mail);
$mail = str_replace('"', '',$bits[0]);
}
}
}
That always gives me an email, but when the sender is behind mail chimp (or their own servers (postfix)) for example: bounces+2063633-785c-info=myemail.com#sg1.senderemail.com
In the best case I receive #sendermail.com (from gmail itself I know its info#sendermail.com) so it's useless
In some cases
if($partes->getName() == 'Reply-To')
{
$other_mail = str_replace('"', '',$partes->getValue());
}
Gives me a helpful email others just the senders name
as suggested in github php gmail api issue # 521 and other places
$only_header = $gmail->users_messages->get('me',$msg_id, ['format' => 'metadata', 'metadataHeaders' => ['To','X-Original-To','X-Original-From','From','Reply-To','Subject']]);
It gives exactly the same info.
Is there any way that the api gives me exactly the sender email address even if it's behind mail chimp or other 3rd party sender?
There's a similar answer Get sender email from gmail-api, I already loop the headers and tried zingzinco's answer.
Edit: Thanks to Joey Tawadrous;
Php code:
if($partes->getName() == 'From')
{
$raw_from = $partes->getValue();
if(strpos($raw_from, '<') !== false)
{
$bit = explode('<',$raw_from);
$bit2 = explode('>',$bit[1]);
$final_email = $bit2[0];
$sender_name = str_replace('"', '',$bit[0]);
}
else
{
$sender_name = limpiarm(str_replace('"', '',$raw_from));
}
}
var email = '';
var messageFrom = _.where(message.payload.headers, {name: 'From'})[0].value;
if(messageFrom.includes('<')) {
var fromObj = messageFrom.split('<');
email = fromObj[1];
fromObj = email.split('>');
email = fromObj[0];
}
return email;
I'm using a 3rd party SMTP service for sending my newsletters. Because of that, my ISP does not accept bounces because they are coming from an email not originating with them. Okay. So I set up a mailbox with my SMTP service to accept the bounces.
However, my mailing list program is refusing to send out emails whose return-path has a different domain than the from field.
I believe this is caused by phpmailer in it's mailsend routine:
The key code appears to be this, but I'm not that much of an expert with PHP to figure out how to get around whatever check it is doing, which I think has something to do with that safe_mode. The return-path value that I want to use is in the variable: $this->Sender
/**
* Sends mail using the PHP mail() function.
* #param string $header The message headers
* #param string $body The message body
* #access protected
* #return bool
*/
protected function MailSend($header, $body) {
$toArr = array();
foreach($this->to as $t) {
$toArr[] = $this->AddrFormat($t);
}
$to = implode(', ', $toArr);
$params = sprintf("-oi -f %s", $this->Sender);
if ($this->Sender != '' && strlen(ini_get('safe_mode'))< 1) {
$old_from = ini_get('sendmail_from');
ini_set('sendmail_from', $this->Sender);
if ($this->SingleTo === true && count($toArr) > 1) {
foreach ($toArr as $key => $val) {
$rt = #mail($val, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header, $params);
// implement call back function if it exists
$isSent = ($rt == 1) ? 1 : 0;
$this->doCallback($isSent,$val,$this->cc,$this->bcc,$this->Subject,$ body);
}
} else {
$rt = #mail($to, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header, $params);
// implement call back function if it exists
$isSent = ($rt == 1) ? 1 : 0;
$this->doCallback($isSent,$to,$this->cc,$this->bcc,$this->Subject,$b ody);
}
} else {
if ($this->SingleTo === true && count($toArr) > 1) {
foreach ($toArr as $key => $val) {
$rt = #mail($val, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header, $params);
// implement call back function if it exists
$isSent = ($rt == 1) ? 1 : 0;
$this->doCallback($isSent,$val,$this->cc,$this->bcc,$this->Subject,$ body);
}
} else {
$rt = #mail($to, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header);
// implement call back function if it exists
$isSent = ($rt == 1) ? 1 : 0;
$this->doCallback($isSent,$to,$this->cc,$this->bcc,$this->Subject,$b ody);
}
}
if (isset($old_from)) {
ini_set('sendmail_from', $old_from);
}
if(!$rt) {
throw new phpmailerException($this->Lang('instantiate'), self::STOP_CRITICAL);
}
return true;
}
Does anyone know what in this code is preventing me from using a different domain for my return-path, or better yet, does anyone know how I can fix (or hack) this so it will send out my mail?
#Sanmai's comment got me looking at the parameters. When I started testing some of them in the phpmailer routine, I found the code wasn't executed. So at least he helped me realize the problem's somewhere else.
I still have the problem. I'll now try to better isolate it. Then maybe I can solve it, and if not, I'll modify this question and try again.
Thanks for giving me a bit of something to go on.
What error are you getting? It could be that the mailer server you are using doesn't allow different return address domains to prevent their service being used to send spam.
I know email validation is one of those things which is not the funniest thing on the block. I'm starting up a website and i want to limit my audience to only the people in my college and i also want a preferred email address for my user. So this is a two part question.
Is there a really solid php function out there for email validation?
Can I validate an email from a specific domain. I dont want to just check if the domain exists, because I know www.mycollege.edu exists already. Is there really anyway to validate that the user has a valid #mycollege.edu web address?
This is what I use:
function check_email_address($email) {
// First, we check that there's one # symbol, and that the lengths are right
if (!preg_match("/^[^#]{1,64}#[^#]{1,255}$/", $email)) {
// Email invalid because wrong number of characters in one section, or wrong number of # symbols.
return false;
}
// Split it into sections to make life easier
$email_array = explode("#", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if (!preg_match("/^(([A-Za-z0-9!#$%&'*+\/=?^_`{|}~-][A-Za-z0-9!#$%&'*+\/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$/", $local_array[$i])) {
return false;
}
}
if (!preg_match("/^\[?[0-9\.]+\]?$/", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false; // Not enough parts to domain
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
if (!preg_match("/^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$/", $domain_array[$i])) {
return false;
}
}
}
return true;
}
EDIT Replaced depreciated ereg with preg_match for PHP 5.3 compliance
If you really want to make sure its valid make your signup form send them an email with a URL link in that they have to click to validate.
This way not only do you know the address is valid (because the received the email), but you also know the owner of the account has signed up (unless someone else knows his login details).
To make sure it ends correctly you could use explode() on the '#' and check the second part.
$arr = explode('#', $email_address);
if ($arr[1] == 'mycollege.edu')
{
// Then it's from your college
}
PHP also has it's own way of validating email addresses using filter_var: http://www.w3schools.com/php/filter_validate_email.asp
This should work:
if (preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])#mycollege.edu$/', $email)) {
// Valid
}
Read here
http://ru2.php.net/manual/en/book.filter.php
Or in short
var_dump(filter_var('bob#example.com', FILTER_VALIDATE_EMAIL));
this might be a better solution. many answered already, eventhough its little different.
$email = "info#stakoverflow.com";
if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
echo $email ." is a valid email address";
} else {
echo $email ." is not a valid email address";
}
I hope this one has simple to use.
for any e-mail
([a-zA-Z0-9_-]+)(\#)([a-zA-Z0-9_-]+)(\.)([a-zA-Z0-9]{2,4})(\.[a-zA-Z0-9]{2,4})?
for php preg_match function
/([a-zA-Z0-9_-]+)(\#)([a-zA-Z0-9_-]+)(\.)([a-zA-Z0-9]{2,4})(\.[a-zA-Z0-9]{2,4})?/i
for #mycollege.edu
^([a-zA-Z0-9_-]+)(#mycollege.edu)$
for php preg_match function
/^([a-zA-Z0-9_-]+)(#mycollege.edu)$/i
PHP CODE
<?php
$email = 'tahir_aS-adov#mycollege.edu';
preg_match('/^([a-zA-Z0-9_-]+)(#mycollege.edu)$/i', $email, $matches);
if ($matches) {
echo "Matched";
} else {
echo "Not Matched";
}
var_dump($matches);
A simple function using filter_var in php
<?php
function email_validation($email) {
if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
echo("$email is a valid email address");
} else {
echo("$email is not a valid email address");
}
}
//Test
email_validation('johnson123');
?>
This is a two-part question. Help on either (or both) is appreciated!
1) What is the best php method for checking if an email string is a Gmail address
2) How to strip out everything but the username?
Thanks!
list($user, $domain) = explode('#', $email);
if ($domain == 'gmail.com') {
// use gmail
}
echo $user;
// if $email is toto#gmail.com then $user is toto
Dunno about best method, but here is one method for checking a gmail address using stristr.
if (stristr($email, '#gmail.com') !== false) {
echo 'Gmail Address!';
}
As for pulling out the username there are a ton of functions as well, one could be explode:
$username = array_shift(explode('#', $email));
There are many ways to do it, the best depends on your needs.
For Multiple Emails
$expressions =
"/(gmail|googlmail|yahoo|hotmail|aol|msn|live|rediff|outlook|facebook)/";
if (preg_match($expressions, $input_email)) {
throw error
}
if (preg_match("/gmail.com/",$email_address)) {
$email_address = str_replace("#gmail.com","",$email_address);
}
I've finally got this PHP email script working (didn't work on localhost…), but my concern is that it's not safe.
So - is this safe for spamming and any other security pitfalls I'm not aware of?
<?php
$email = 'notification#domain.com';
$subject = 'Notify about stuff';
$notify = $_REQUEST['email'];
if (!preg_match("/\w+([-+.]\w+)*#\w+([-.]\w+)*\.\w+([-.]\w+)*/", $notify)) {
echo "<h4>Your email address doesn't validate, please check that you typed it correct.</h4>";
echo "<a href='javascript:history.back(1);'>Back</a>";
}
elseif(mail($email, $subject, $notify)) {
echo "<h4>Thank you, you will be notified.</h4>";
} else {
echo "<h4>Sorry, your email didn't get registered.</h4>";
}
?>
Unrelated: is there a PHP function I can use instead of javascript:history.back(1) ?
Edit: the script using filter instead of RegEx
<?php
$email = 'notification#domain.com';
$subject = 'Notify about stuff';
$notify = $_REQUEST['email'];
if (!filter_var($notify, FILTER_VALIDATE_EMAIL)) {
echo "<h4>This email address ($notify) is not considered valid, please check that you typed it correct.</h4>";
echo "<a href='javascript:history.back(1);'>Back</a>";
}
elseif(mail($email, $subject, $notify)) {
echo "<h4>Thank you, you will be notified.</h4>";
} else {
echo "<h4>Sorry, your email didn't get registered.</h4>";
}
?>
I don't know if id use $_SERVER['HTTP_REFERER'] to go back. I feel like that could leave you open to attack since it's set via the request. The way to do it would be to use sessions on the previous page. This way you're not dumping untrustworthy data onto your site.
I dont see any security risks, but id like to suggest the use of filter when checking the validity of emails. its much easier than messing with REs.
You can't just regexp match an email address against a short regexp pattern if you want to accept all validly formed email addresses and reject all non-valid one. Use a parser (1, 2) that actually implement against the relevant RFCs to check for validity.
Other things you can do is checking HTTP_REFERER to make sure the request came from within your domain as Chacha102 already mentioned. Just note that not all agent send HTTP_REFERER, and that it can be optionally turned off or faked by users.
If you want to go the extra mile to make sure they are giving you a valid email address, you can check for existing DNS record for mail servers at the domain specified (A, MX, or AAAA). And on top of that, you can do callback verification. That's where you connect to the mail server, tell it you want to send to this email address and see if they say OK.
For callback verification, you should note greylisting servers say OK to everything so even that is not a guarantee. Here's some code I used when I needed such a script. It's a patch onto the parser from (1).
#
# Email callback verification
# Based on http://uk2.php.net/manual/en/function.getmxrr.php
#
if (strlen($bits['domain-literal'])){
$records = array($bits['domain-literal']);
}elseif (!getmxrr($bits['domain'], $mx_records, $mx_weight)){
$records = array($bits['domain']);
}else{
$mxs = array();
for ($i = 0; $i < count($mx_records); $i++){
$mxs[$mx_records[$i]] = $mx_weight[$i];
}
asort($mxs);
$records = array_keys($mxs);
}
$user_okay = false;
for ($j = 0; $j < count($records) && !$user_okay; $j++){
$fp = #fsockopen($records[$j], 25, $errno, $errstr, 2);
if($fp){
$ms_resp = "";
$ms_resp .= send_command($fp, "HELO ******.com");
$ms_resp .= send_command($fp, "MAIL FROM:<>");
$rcpt_text = send_command($fp, "RCPT TO:<" . $email . ">");
$ms_resp .= $rcpt_text;
$ms_code = intval(substr($rcpt_text, 0, 3));
if ($ms_code == 250 || $ms_code == 451){ // Accept all user account on greylisting server
$user_okay = true;
}
$ms_resp .= send_command($fp, "QUIT");
fclose($fp);
}
}
return $user_okay ? 1 : 0;