How to detect if domain has catch all policy to accept email? - php

I am almost done with a tool to detect if email is valid or not. I am stuck at small point where I have to detect If mail server or domain has catch-all policy enable.
Catch all: mail server will accept all email even if email address do not exits.
Thank you.

There is no 100% reliable way to detect a catch-all of a mail server you don't control yourself.
The most promising way is to generate a random address in the target domain which is definitely not used as a real account and send a test message.
If you don't get a reject while sending and no bounce to the envelope sender address of your script within a few minutes, there could be a catch-all involved. But it could also simply mean that the target server quarantined or dropped your message or that the bounce didn't make it back to you.
If you go down that road, make sure your tool generates valid messages, with all the necessary headers, has correct dns/helo settings, doesn't use any non-rfc smtp shortcuts, etc. in order not to get filtered.
On a side note: if this tool is going to be public, make sure its properly protected. Tools that automatically send mails are popular targets for abuse.

You can identify domain is catchall or not by using Telnet.
Create invalid email address against that domain.
e.g.
domain : example.com
Email Adddress : dummyemail#example.com, invalid.email#example.com
How to Telnet:
Step 1 - Find mail exchanger or mail server of example.com
Commmand :
nslookup -q=mx example.com
Response:
Non-authoritative answer:
example.com mail exchanger = 10 aspmx.l.google.com.
example.com mail exchanger = 20 alt1.aspmx.l.google.com.
example.com mail exchanger = 30 alt2.aspmx.l.google.com.
example.com mail exchanger = 40 aspmx2.googlemail.com.
example.com mail exchanger = 50 aspmx3.googlemail.com.
Step 2 - Now we know mail server so let connect to it.
Command:
telnet aspmx.l.google.com 25
Response:
Trying 74.125.24.27...
Connected to aspmx.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP z79si2772641pfi.381 - gsmtp
Step 3 - Enter helo hi
Command:
helo hi
Response:
250 mx.google.com at your service
Step 4 - Email address from which you telnet to targeted email address
Command:
mail from: <emailaddress#gmail.com>
Response:
250 2.1.0 OK z79si2772641pfi.381 - gsmtp
Step 5 - Target email address which you want to validate
Command:
rcpt to: <targetemailid#example.com>
Response:
250 2.1.5 OK z79si2772641pfi.381 - gsmtp
If you got "ok" for invalid email address then that domain is catchall domain.
A catch-all domain in simple terms means, the server of that company will catch any email sent to that domain, even a non-existent address and store it in a section called the catch-all. When this happens, you have no clue if it’s a legitimate email address or not.

Related

php showing message sent but didn't receive it to my email

So my smtp php mailer is showing that the message was successfully sent but in reality it's not. I am now using email from the same domain that Synchro suggested because I was using gmail please have a look here and had issues with it and php mailer was showing error but after switching to mail from the same domain actually it is showing sent but I am not receiving any email.
So I went to my email logs and found this.
Event: failure error
User: eightysh
Domain: eighty6.shop
From Address: baltajiwissam#gmail.com
Sender: no-reply#eighty6.shop
Sent Time: May 21, 2022, 9:34:09 AM
Sender Host: www.eighty6.shop
Sender IP: 185.93.244.110
Authentication: dovecot_login
Spam Score:
Recipient: baltajiwissam#gmail.com
Delivery User: -system-
Delivery Domain:
Delivered To:
Router: remoteserver_route
Transport: mailchannels_smtp
Out Time: May 21, 2022, 9:34:09 AM
ID: 1nsIgk-0000C6-Im
Delivery Host: smtp.mailchannels.net
Delivery IP: 52.25.134.49
Size: 1.54 KB
Result: ECDHE-RSA-AES256-GCM-SHA384:256 CV=yes: SMTP error from remote mail server after end
of data: 550 5.7.1 [BFD] Sender prohibited by SPF
i did few research about Sender prohibited by SPF but i didn't get it :/ am i suppose to add my pc ip address to the host ?? if yes its not logical cause its gonna be a public form please help
It's not quite clear what you're doing, but at a guess it looks like you are sending from a gmail address without sending through a gmail server, and that will always fail SPF checks, because google doesn't allow that. It's nothing to do with the submitter's address, but the email server that you send the message through – if it's not smtp.gmail.com, then you can't use a gmail address as your from address.

How to programmatically look up email server information

If a user supplies an email, let's say something like hello.world#example.com, is there a public database where I can programmatically lookup the connection information for their Mail server (my service would let the user supply an email which then would allow my software to send automated emails from it.)
How can I find out if their server is pop3, Imap or smtp programatically. What about the port and security protocol (tls or ssl)?
How can I find out if the mail server is a different domain then the email's suffix. (I.e. the user is using shared hosting.)
Are there only paid options for this service?
Note: it is preferred that the solution be in PHP, or even better, a http REST service.
Yes, you can do this. At least for SMTP. And... you can send an email as a specific user easily....
Explanation of how a client sends an email
When an email client goes to send an email to does the following steps:
It extracts the domain portion portion of the email, e.g., "gmail.com" given "bob#gmail.com"
It checks to see if there is a DNS record published called an Mail Exchange or MX record. An MX record contains the following information:
Time To Live, i.e., how long the record is valid for
Weight, i.e., what order the client should attempt connections. Lowest to highest
The server A record, or IP address.
You can use the dig or nslookup command to query for MX records published for a domain.
Examples:
root#dib:~# nslookup -querytype=mx gmail.com
Server: 172.31.0.2
Address: 172.31.0.2#53
Non-authoritative answer:
gmail.com mail exchanger = 10 alt1.gmail-smtp-in.l.google.com.
gmail.com mail exchanger = 20 alt2.gmail-smtp-in.l.google.com.
gmail.com mail exchanger = 30 alt3.gmail-smtp-in.l.google.com.
gmail.com mail exchanger = 40 alt4.gmail-smtp-in.l.google.com.
gmail.com mail exchanger = 5 gmail-smtp-in.l.google.com.
Authoritative answers can be found from:
root#dib:~# dig +short MX gmail.com
40 alt4.gmail-smtp-in.l.google.com.
5 gmail-smtp-in.l.google.com.
10 alt1.gmail-smtp-in.l.google.com.
20 alt2.gmail-smtp-in.l.google.com.
30 alt3.gmail-smtp-in.l.google.com.
If there is an MX record, the client attempts to make a port 25 connection to the server listed. In this example we are going to use gmail-smtp-in.l.google.com. A quick test is to check to see if a banner is displayed when you connect.
Example using telnet:
root#dib:~# telnet gmail-smtp-in.l.google.com 25
Trying 74.125.197.27...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP m8-v6si7680016plt.29 - gsmtp
quit
221 2.0.0 closing connection m8-v6si7680016plt.29 - gsmtp
Connection closed by foreign host.
The banner is the 220 mx.google.com ESMTP b8-v6si8705269pls.261 - gsmtp part.
Most email clients use opportunistic TLS, i.e., if the server offers TLS it will use it, if not it doesn't. To determine if the server is offering TLS we need to issue an EHLO command. This is the extended SMTP Hello. What we are looking for is a STARTTLS command being offered.
Example:
root#dib:~# telnet gmail-smtp-in.l.google.com 25
Trying 74.125.197.27...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP s83-v6si8350062pfg.175 - gsmtp
ehlo stackoverflow.com
250-mx.google.com at your service, [123.123.123.123]
250-SIZE 157286400
250-8BITMIME
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250 SMTPUTF8
quit
221 2.0.0 closing connection s83-v6si8350062pfg.175 - gsmtp
Connection closed by foreign host.
We can see that the SMTP servers for the domain gmail.com are indeed offering TLS.
I am not going to explain the rest of the SMTP conversation but you can Google it... :)
Solution for answering these things with PHP
"is there a public database where I can programmatically lookup the connection information for their Mail server"
Yes, the database is the Domain Name System. There are many ways to do it; however, PHP has a nifty builtin function for this. It is getmxrr().
Example:
root#dib:~# cat mxrecord.php
<?php
$email_addr = "bob#gmail.com";
list($local, $domain) = explode('#', $email_addr);
getmxrr($domain, $mxrecords); // http://php.net/manual/en/function.getmxrr.php
var_dump($mxrecords);
?>
root#dib:~# php mxrecord.php
array(5) {
[0]=>
string(26) "gmail-smtp-in.l.google.com"
[1]=>
string(31) "alt1.gmail-smtp-in.l.google.com"
[2]=>
string(31) "alt2.gmail-smtp-in.l.google.com"
[3]=>
string(31) "alt3.gmail-smtp-in.l.google.com"
[4]=>
string(31) "alt4.gmail-smtp-in.l.google.com"
}
You can loop through the results and answer you question "How can I find out if the mail server is a different domain then the email's suffix".
"What about the port and security protocol?" The port is always 25. That is why we have protocol definitions. The security protocol is a little trickier...
Basically, if you want to know things like; protocol, cipher, Certificate Authority, etc... you need to use the OpenSSL library... or just parse the open for openssl s_client ... This would make this a really long answer if I covered the TLS bit here too... but ... run this in a shell and check out the output:
openssl s_client -connect gmail-smtp-in.l.google.com:25 -starttls smtp
This basically just handles the TLS handshake with the server and spits out all the information you want. PHP has OpenSSL libs so you can likely use those from within PHP ...
Sending an email as another user
Basically, unless an email server implements SPF of something of the like, you can "spoof" the sender, i.e., put whatever you want in the mail from command. This is an extremely common practice, however, some email servers will block spoofs. There are things you can do to make your emails more likely to be received.
This isn't possible programatically. I am not aware of any well-maintained APIs that provide this service but you could generate your own using by pre-populating a database table with the major email provider (gmail, hotmail etc.) settings. There is a list e.g. here: https://domar.com/smtp_pop3_server
If your user has a different provider you could try some educated guesses, e.g. smtp.domain.com, mail.domain.com or you could use the PHP function getmxrr and try connecting to the MX server, as some smaller providers will use the same server for MX and SMTP (this is not a guarantee though, hence trying the others first).
When I say "try" I mean using PHP sockets to connect to e.g. port 25 (for SMTP) on the domain under examination and checking if you get a valid response.
Your final fallback would be asking users to provide the details themselves.
false, those answers are for incoming smtp server, for outcoming smtp server you need to check on mail provider settings *may be is your same hosting provider or a 3th party mail provider

Docker PHP / Apache Container - Sendmail 553 Error "Domain of Sender Address does not exist" when trying to send mail

I'm having trouble sending e-mail on my PHP/Apache docker container via sendmail. I'm wondering if someone has a simple, straight forward solution. I am not a systems/server expert by any far stretch and my smtp/sendmail expertise is equally underwhelming. Thanks in advance for the help.
Below is the error I'm recieiving:
sendmail: 553 5.1.8 <apache#a0aca7313106>... Domain of sender address apache#a0aca7313106 does not exist
Clearly apache is my user, and that stuff to the right is my docker container ID. There is a "From:" header value within the pHp Mail parameters being passed, so not sure why it's defaulting to this.
As requested by the comment below, I am adding the "mail" function that is being used. I can confirm there is data within this function, specifically the "$this->headers" which contains a From address.
It should be noticed that I am running the exact same code in a non-containerized environment, and the e-mail gets sent fine so I believe it's a container configuration issue. These are the areas of the php.ini that I have modified. Is there something else I should be looking for?
[mail function]
; For Win32 only.
; http://php.net/smtp
SMTP = localhost
; http://php.net/smtp-port
smtp_port = 25
I changed "localhost" to the smtp server listed on my non-containerized environment, restarted apache in the container, but still recieved the error message above.
I am able to connect to my external SMTP server via telnet using the reference listed in the comments below (thanks #mark91). This is my output/transcript. I should mention that my e-mail was never actually received, however (I listed myself as the recipient). I masked the info with *******'s
telnet smtp.service.******* 25
Trying *******...
Connected to *******.
Escape character is '^]'.
220 ******* ESMTP smtp.service Fri, 31 Oct 2014 14:29:16 -0400
HELO *******
250 ******* Hello [*******], pleased to meet you
MAIL FROM: *******
250 2.1.0 *******... Sender ok
RCPT TO: *******
250 2.1.5 *******... Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
Hello
.
250 2.0.0 s9VITGpm030795 Message accepted for delivery
How are you sending this e-mail in PHP? At least, you might configure correctly your php.ini file in order to put as smtp server the right value. Moreover, if you are using the PHP mail function, you should put as $header parameter a string containing "From: foo#bar.com\r\n"...

check to email is exists or no

I want to check entered email address before registering, I found some solutions in SF but these solutions says we should check MX or SMTP port, but we have some fake emails like :
111111#gmail.com
some.email.address#gmail.com
and ...
when I check the gmail.com domain this domain have MX record and there is no problem but this emails are fake !
Is there any way to ping email address with php?
The only thing you can do is send a confirmation email, and ask user to click a link or provide a code you have sent in this email.
You CAN check for the existence without sending a mail.
After you get the MX record, you can use SMTP protocol to communicate with the server directly.
For example: (the lines starting with > means input. )
> telnet gmail-smtp-in.l.google.com 25
Trying 74.125.129.26...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP pa10si7038694pbc.108 - gsmtp
> HELO
250 mx.google.com at your service
> MAIL FROM: <test#test.com>
250 2.1.0 OK rw3si4189390pab.9 - gsmtp
> RCPT TO: <notexists___#gmail.com>
550-5.1.1 The email account that you tried to reach does not exist. Please try
550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at
550 5.1.1 http://support.google.com/mail/bin/answer.py?answer=6596 rw3si4189390pab.9 - gsmtp
If you replace notexists___#gmail.com with 111111#gmail.com:
> RCPT TO: <111111#gmail.com>
250 2.1.5 OK il2si7046221pbc.91 - gsmtp
In PHP, you can use socket functions to do things above.
NOTICE: This approach may not work on some SMTP servers.
The only way i know to check email-addresses is through sending an email to them.
Why do you need to check the e-mail address beforehands? You could just send them an "activation link" what also prooves not only the existance but the person behind the address.
You can send a confirmation mail, so that you know that address works. If that is not an option, you can check of the domain actually exists. That way you disregard something#non_existing_domain.com
// or use ANY or for other see above link
if (checkdnsrr('non_existing_domain.com', 'A')){ echo 'Domain exists'; }
else { echo 'Domain does not exist'; }

How to check if a received email is legit?

I'm developing a system which gets emails from PIPE, verify if the email address which from the email was sent is in the client database, and write it into the database.
The problem is that I don't want to have security issues, and if someone sends an email with PHP to the system, it will log it too. So, how can I check if the email was sent by the properly mail server? I was thinking in getting the IP of the mail server of the domain and verify in Email Headers if it was sent from these server. So, if I got an email from test#hotmail.com, it would ping mail.hotmail.com and check if the email came from these IP address.
Anyway, if someone got a custom domain like yourdomain.com, running in a shared cPanel server, other people in these server could send emails with PHP and get the IP verify passed. So, I was thinking in checking if the email was sent with PHP or from a mail server, but I don't know how to do this.
What is your suggestion?
I was thinking in checking if the email was sent with PHP or from a mail server
You will not be able to find out the difference between these two normally. And email sent with PHP can look exactly the same like an email from a mail server and it is likely the case that an email sent with PHP is also an email from a mail server.
You can try to write a detection on your own (your own filter) based on the monitoring you do and finding out about wrong mails (or those reported back from your users if you can not monitor the emails deeply because of law regulations).
I found http://verify-email.org/ for you. They have an API so you can check the email adress by that service.
EDIT
When you check an email adres on the website you see this result:
MX record about gmail.com exists.
Connection succeeded to alt3.gmail-smtp-in.l.google.com SMTP.
220 mx.google.com ESMTP tz3si2159695bkb.62 - gsmtp
> HELO verify-email.org
250 mx.google.com at your service
> MAIL FROM: <check#verify-email.org>
=250 2.1.0 OK tz3si2159695bkb.62 - gsmtp
> RCPT TO: <test#gmail.com>
=550-5.1.1 The email account that you tried to reach does not exist. Please try
550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at
550 5.1.1 http://support.google.com/mail/bin/answer.py?answer=6596 tz3si2159695bkb.62 - gsmtp
You can build your own check by logging in to an smtp server and send the commands you see above:
> HELO verify-email.org
> MAIL FROM: <check#verify-email.org>
> RCPT TO: <test#gmail.com>
You can check for errors or success messages in the output you get. I think it's not difficult to build in php.
Eh, this is my first time answering anything so sorry if I misunderstood. Anyways, if you're doing a check for the email in PHP, I have something that might be able to help;
If($_POST['email']){
$Email = $_POST['email'];
$Allowed = array('gmail.com', 'yahoo.com', 'ymail.com', etc..);
If(filter_var($Email, FILTER_VALIDATE_EMAIL)){
$Domain = array_pop(explode('#', $Email));
If(!In_Array($Domain, $Allowed)){
Echo 'Your response here...';
}}}
or for checking the email's characters, you can call a function or check it yourself;
Function checkEmail($Email){
return preg_match("/^[\.A-z0-9_\-\+]+[#][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $Email);
}
So it'd be something like;
checkEmail('email#domain.com');
That checks the input, and if it doesn't have the email characters, you can choose what to do.
Hope this helped!
Yes, there are many Email Verification tools out there. I personally like www.verifyemailaddress.org
But there are plenty of those tools to find.

Categories