I'd like to load several email saved as txt file and send them with swiftmailer.
Txt files are like this
Received: (qmail 17484 invoked from network); 1 May 2014 03:38:08 -0000
Received: from localhost (localhost [127.0.0.1])
by myserver.example.com.dyndns.org ([192.168.1.2]); 01 May 2014 03:38:08 -0000
Received: from otherserver.example.net ([127.0.0.1])
by localhost ([127.0.0.1])
with SMTP via TCP; 01 May 2014 03:38:08 -0000
Received: (qmail 4822 invoked from network); 1 May 2014 03:38:07 -0000
Received: from blablabla.example.org ([103.123.123.11])
by otherserver.example.net ([123.123.6.152])
with ESMTP via TCP; 01 May 2014 03:38:07 -0000
To: <me#example.com>
Date: Thu, 01 May 2014 12:37:29 +0900
From: <someone#example.org>
Subject: Awesome subject of email
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Fantastic email text
I can't find a from_string method in Swift_Message class. Is parsing txt file and creating a new Swift_Message object with parsed information the only solution?
Unfortunately you might need to do the parsing/repopularing of the info yourself. You can try using: http://www.php.net/manual/en/book.mailparse.php and this (a wrapper around it) https://gist.github.com/vyatri/939427 to avoid having to read it manually. Mail headers can be tricky to get right so try to avoid manual parsing as much as possible and use some standard library to do it (like the mentioned).
Related
I have a cPanel machine hosted for my customers. One customer is being missused, sending spam via a PHP Script. If I look in to my EXIM Mail queue there is a lot of Spam getting sent.
How can I locate the Script sending those mails?
If I go into detail with one mail, the X-PHP-SCRIPT is only "domain.tld/"
Here an Example:
Date:
Tue, 12 Apr 2016 07:00:12 +0000
From:
Stacey Ruiz <stacey_ruiz#domain.tld>
To:
frogleg3354#yahoo.com
Subject:
F$ck me deeply in my m0uth
Content-Transfer-Encoding:
8bit
Content-Type:
multipart/alternative;
boundary="b1_6b6f51ba2d97b6f13cdd28de69a7fce8"
Message-ID:
<6b6f51ba2d97b6f13cdd28de69a7fce8#domain.tld>
MIME-Version:
1.0
Received:
from ctm by cpanel-1.myserver.tld with local (Exim 4.86_1)
(envelope-from <stacey_ruiz#domain.tld>)
id 1apsJ2-0000aK-Fz
for frogleg3354#yahoo.com; Tue, 12 Apr 2016 09:00:12 +0200
X-Mailer:
PHPMailer 5.2.9 (https://github.com/PHPMailer/PHPMailer/)
X-PHP-Script:
domain.tld/ for 127.0.0.1
X-Priority:
3
I obviosly replaced the domain of the customer with "domain.tld".
I changed already all the Passwords for all E-Mail Addresses, User Accounts, deleted all FTP Accounts, made a Virus Check. The customer is using the newest Update of Wordpress (Update 1 week ago). I changed the password there as well. The wordpress page was even ok! No extra user in the Database, that was not supposed to be there... How is it then possible, that a script is getting up to the server? And how can I locate it?
I tried to access the Admin Area and was missspelling the "wp-admin"... I found this:
Can anyone help me?
Cheers!
Niklas
I don't know how relevant is this question here....but i don't know where else to check for a resolution......If this is not the right forum, please guide me to the right one...
I have my website http://www.landshoppe.com in which I have mail() function used in scripts of many pages...
Of late, I have been getting bounce emails into an email account from unknown email ids who have received emails masked as from my domain.
However, using my little understanding of the technical details of permanent failure info in the bounce notices, I am not able to understand if any vulnerability in my scripts are being used or what ....?
One example :
Delivery to the following recipient failed permanently:
u0002drodenheiser#structuretone.com
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the relay mail1.structuretone.com [65.196.22.5].
The error that the other server returned was:
550 u0002drodenheiser#structuretone.com... No such user
----- Original message -----
X-Gm-Message-State: AD7BkJKrS/C4Ux1ppR0Aylgon+Py2ZjovacsV9rmVtFAoV73pgyw8Y8KXpX15Yrn1VO7LIFg36W7r+E>LnNIC8F9Pz9uAC1IdRMwL3OZKsfbINvtfUrWnJbVdbGIP/aDYRJI6VmJT0HRvjco3GGQQl+4T
X-Received: by 10.50.61.177 with SMTP id q17mr24239063igr.68.1457535639212;
Wed, 09 Mar 2016 07:00:39 -0800 (PST)
X-Received: by 10.50.61.177 with SMTP id q17mr24239029igr.68.1457535638907;
Wed, 09 Mar 2016 07:00:38 -0800 (PST)
Return-Path: <MyersFlorencio09#landshoppe.com>
Received: from [193.5.0.94] ([193.5.0.94])
by mx.google.com with ESMTP id r20si26077331igs.52.2016.03.09.07.00.38 for <u0002drodenheiser#structuretone.com>;
Wed, 09 Mar 2016 07:00:38 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning MyersFlorencio09#landshoppe.com does not designate 193.5.0.94 as permitted sender) client-ip=193.5.0.94;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning MyersFlorencio09#landshoppe.com does not designate 193.5.0.94 as permitted sender) smtp.mailfrom=MyersFlorencio09#landshoppe.com
From: Florencio Myers <MyersFlorencio09#landshoppe.com>
To: u0002drodenheiser <u0002drodenheiser#structuretone.com>
Subject: FW: Invoice 2016-M#222163
MIME-Version: 1.0
Message-Id: <140081210506239.9AF030DE33#structuretone.com>
Date: Wed, 09 Mar 2016 16:00:37 +0200
Content-Type: multipart/mixed;
boundary="----==--bound.38184.e89d32b1.structuretone.com"
X-Gm-Spam: 1
X-Gm-Phishy: 0
Dear u0002drodenheiser,
Please find attached 2 invoices for processing.
Yours sincerely,
Florencio Myers
Project Manager
_____________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
I have no such email ids in my cpanel !
What is happening ? And How do I stop this ?!
Sorry guys, I think I just got the answer that this is called a 'joe job' or spoofing or something like that which cannot be stopped as somebody is pretending to send from your domain....
From this link
https://serverfault.com/questions/415533/how-to-stop-people-from-using-my-domain-to-send-spam
I try to send email from our server using php and Zend_Mail. I use smtp transport. This is confimation email of subscribing. But for some reason email that I send has strange headers and email goes to spam folder (I see them in gmail that receive letter):
Message-Id: <50ee94f7.84fc440a.62dc.ffff9685SMTPIN_ADDED_MISSING#mx.google.com>
Received: (qmail 10943 invoked from network); 10 Jan 2013 10:16:22 -0000
Received: from unknown (HELO searchboxindustries.com) (username#searchboxindustries.com#207.162.215.30)
What does it mean list header "Recieved: from unknown"? Can it make email go to spam? How to avoid this strange header and make email avoid spam folder? Is there any problem with coode or maybe I have some problems with DNS settings of this domain?
Here's code for setting headers:
$mailer->setFrom($params['list_email'], $params['list_from_name']);
$mailer->setReplyTo($params['list_email']);
$mailer->addHeader('Sender', $params['list_email'] . '.searchboxindustries.com');
$mailer->setReturnPath($params['list_email'] . '.searchboxindustries.com');
$mailer->addTo($params['email_address']);
Code to configure transport:
$emailConfig = $this->getOption('email');
$transport = new Zend_Mail_Transport_Smtp($emailConfig['server'], $emailConfig);
Zend_Mail::setDefaultTransport($transport);
Email config from application.ini:
email.name = searchboxindustries.com
email.server = searchboxindustries.com
email.username = user_name
email.password = password
email.auth = plain
email.port = 587
Here are headers of such email:
Delivered-To: gala19612009#gmail.com
Received: by 10.76.94.204 with SMTP id de12csp111150oab;
Fri, 11 Jan 2013 01:58:49 -0800 (PST)
X-Received: by 10.69.0.8 with SMTP id au8mr228881813pbd.58.1357898329423;
Fri, 11 Jan 2013 01:58:49 -0800 (PST)
Return-Path: <opp#mail15.com.searchboxindustries.com>
Received: from smtp1-1.searchboxindustries.com (mta1.searchboxindustries.com. [207.162.215.30])
by mx.google.com with SMTP id d7si4727205paw.95.2013.01.11.01.58.48;
Fri, 11 Jan 2013 01:58:48 -0800 (PST)
Received-SPF: pass (google.com: domain of opp#mail15.com.searchboxindustries.com designates 207.162.215.30 as permitted sender) client-ip=207.162.215.30;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of opp#mail15.com.searchboxindustries.com designates 207.162.215.30 as permitted sender) smtp.mail=opp#mail15.com.searchboxindustries.com
Message-Id: <50efe258.a74b420a.3351.12fcSMTPIN_ADDED_MISSING#mx.google.com>
Received: (qmail 21583 invoked from network); 11 Jan 2013 09:58:48 -0000
Received: from unknown (HELO searchboxindustries.com) (username#searchboxindustries.com#207.162.215.30)
by searchboxindustries.com with SMTP; 11 Jan 2013 09:58:48 -0000
From: Oleg <opp#mail15.com>
Reply-To: opp#mail15.com
Sender: opp#mail15.com.searchboxindustries.com
Return-Path: opp#mail15.com.searchboxindustries.com
To: gala19612009#gmail.com
Subject: List1: Confirm Subscription
Date: Fri, 11 Jan 2013 04:58:48 -0500
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
MIME-Version: 1.0
Spf seems to be ok.
The ip from which email is sent is not blacklisted.
Now there are changes in DNS and I have headers:
Message-Id: <50f41c80.67e3440a.2d32.6aabSMTPIN_ADDED_MISSING#mx.google.com>
Received: (qmail 18457 invoked from network); 14 Jan 2013 14:55:59 -0000
Received: from unknown (HELO smtp1-1.searchboxindustries.com) (username#searchboxindustries.com#207.162.215.30)
by searchboxindustries.com with SMTP; 14 Jan 2013 14:55:59 -0000
We have Reverse DNS set. 207.162.215.30 is resolved to stmp1.searchboxindustries.com. What's the problem then? I wonder what is strange format in brackets in the header Received : from unknow:
username#searchboxindustries.com#207.162.215.30
The Received: from unknown simply means that one SMTP server receiveid it from another which did not provide reverse DNS. Typically each hop from one SMTP server to another adds one Received: header at the top of the message (except qmail, which adds two; this is visible in your example).
If you are concerned about the lack of reverse DNS, and if 207.162.215.30 is yours, then perhaps you can convince your ISP to provide reverse DNS for it. Many ISPs refuse (if you are on a "consumer" broadband plan), or will require a different hosting contract with you in order to offer this service. ("Reverse DNS" means that when somebody queries DNS for "what's the DNS name of 207.162.215.30" the answer would be "searchboxindustries.com" or perhaps another host name, but not "unknown".)
The reverse DNS lookup is usually performed based on the TCP headers, not on the text of the message. If the SMTP server receives a connection from 123.45.67.89 then it will perform reverse DNS for that address, and put the results in the Received: header it adds. In other words, the contents of your message headers or envelope headers do not affect this outcome at all.
Recipients can do whatever they want with these headers. It is unlikely that this header alone (the presence of this header, or the absence of reverse DNS information evident from the contents of it) would be sufficient for somebody to classify your message as spam, but there is really no way to control what the recipient does with this information.
If anything, your question is an indication that perhaps you should be looking at a professional service to send out these messages on your behalf, for a fee.
My server requires an extra (php.)ini setting, might that solve your issue?
ini_set('sendmail_from', 'enterAValidEmailAddr#yourDomainHere');
Try the following options to find where the problem is:
Does the email has body? I believe there is email body.
For isolating the problem, you can try it using another alternative SMTP (for example: gmail smtp).
Alternatively, you can use PHP mail directly without smtp.
Here is the situation.
I have both an SMTP server which accepts only authentication.
I also have a VPS with no SMTP server, so the PHP on that VPS sends emails using PEAR to the SMTP server for sending.
For some reason emails are getting classified as Spam always.
Can someone take a look at the following headers and give me a pointer to why this might be happening?
Some stuff has been *'d out for security.
I'm new to VPS stuff so I guess I might have some dodgy config somewhere, so I need some advice on this one.
Thanks guys!
Microsoft Mail Internet Headers Version 2.0
Received: from moutng.k*****.de ([212.227.17.8]) by ***** with Microsoft SMTPSVC(6.0.3790.4675);
Sat, 12 Feb 2011 11:30:09 +0000
Received: from localhost (*****.onlinehome-server.info [*****])
by mrelayeu.k*****.de (node=mreu1) with ESMTP (Nemesis)
id 0Lm8JB-1QNpTc29Yn-00a9O2; Sat, 12 Feb 2011 12:30:09 +0100
From: Logeek <log#*****.com>
To: A King <aking#*****.co.uk>
Subject: Hi!
Message-Id: <0Lm8JB-1QNpTc29Yn-00a9O2#mrelayeu.k*****.de>
Date: Sat, 12 Feb 2011 12:30:09 +0100
X-Provags-ID: *****
Return-Path: log#*****.com
X-OriginalArrivalTime: 12 Feb 2011 11:30:09.0931 (UTC) FILETIME=[34CC45B0:01CBCAA8]
Ok I'm not really good at email headers but if an Email is sent from and address in which the domain is not equal to the domain the email was sent from for example: a message sent by admin#thispage.com from the server otherpage.com will get marked as spam: When using a SMTP server smtp.thispage.com as a local user on that server for example admin#thispage.com the message will be sent from this server and the email wil not be marked as spam. But when sending it as user admin#thispage.com from a different domain using PEAR the message will normally be marked as spam.
I am using PEAR to send mails from our server. However, some email clients (most importantly Gmail) will say "Mail received from nobody#server on behalf of John Doe". What causes this? Is this PHP or the server config itself?
With the headers I set:
$headers["From"] = John Doe<johndoe#example.com>;
$headers["Return-path"] = John Doe<johndoe#example.com>;
$headers["Sender"] = John Doe<johndoe#example.com>;
However, when I look into the e-mail headers of the actual mail that is arrived, I see:
Return-path: <nobody#server>
Received: from nobody by server with local (Exim 4.69)
(envelope-from <nobody#server>)
id 1Thn0Y-0001yy; Tue, 25 Jan 2011 11:48:46 -0600
From: John Doe<johndoe#example.com>
Sender: Nobody <nobody#server>
Date: Tue, 25 Jan 2011 11:48:46 -0600
So except for the FROM field, all other header settings are ignored...! What to do?
What you are seeing is that the envelope headers are being generated by Exim. You will need to change the configuration, or send differently to get around this. With normal sendmail, there are a few simple commandline switches you specify, and I would imagine it is the same with Exim.