Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Perl script with sendmail

Posted on 1997-04-03
6
Medium Priority
?
405 Views
Last Modified: 2013-12-25
I need to know how to make the script that I have attached at the end of this message send email as the user who submits the form. The form is supposed to subscribe someone to a listserver, when one enters their name and email address, it should subscribe them. However, as it works now, the email is being sent as nobody@cissus.mobot.org(this is the server where the script resides). Instead I need the script to actually send the mail as if it were coming from the submitted email address. Otherwise the person cannot post to the list from their real machine.
Here is the script:

#!/opt/gnu/bin/perl
require "/usr/local/HTTPD/cgi-bin/cgi-lib.pl";
&ReadParse;

open (MAIL, "| /usr/lib/sendmail -oi -t" );
print MAIL <<NOTIFY;
To: listproc\@mobot.mobot.org
From:$in{'email'}\n

sub ical-l $in{'fullname'}

NOTIFY
close MAIL;


print "Content-type:text/html\n\n";
print <<RECEIVED;
<html>
<body text="#666600" link="#ff3300" vlink="#ff9900" alink="#ffff00" background=\
\
"http://www.mobot.org/ical/icalbg.gif">

<title>You Have Been Added!!!</title>
<center>
<font size="+2"><b>You Have Been Added!!!</b></font><P>
</center><P>
<b>The email address <b>$in{'newemail'}</b> will be used to notify you
of any ICAL-Botany submissions.
RECEIVED

print <<FOOTER;
<hr width=70% size=5>
<center><a href="http://www.mobot.org/ical/"><== Orphan
Home</a></center>

</body></html>
FOOTER



exit;
0
Comment
Question by:tucker040197
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 1

Expert Comment

by:Kallisti
ID: 1827874
Two suggestions:

1) Put a SPACE after the From: in the header.

2) Add the header Reply-To: $in{'email'}\n

Good luck
0
 

Author Comment

by:tucker040197
ID: 1827875
This still does not work, there must be some other level of information to the email message that is not normally viewed. The following is the actual text that shows up in an email message submitted by the form:

>
Date: Fri, 4 Apr 1997 09:16:42 -0600 (CST)
From: ficken@cissus.mobot.org
To: listproc@mobot.mobot.org

sub ical-l Keven Ficken
>

This is identical to what the message looks like when I actually send it from an email client, in which case the subscription will be successful, but for some reason in this instance it still does not work. When I try to send the message from the form, the list admin gets a message copied to him that is a reply to nobody@cissus.mobot.org saying that he is already a member of the list and thus can't subscribe(we do have nobody@cissus.mobot.org on the list so that non-members can submit to the list). I am stumped as to where the list gets the nobody address from the message I send and how to change the nobody to the submitted address.

0
 
LVL 1

Expert Comment

by:Kallisti
ID: 1827876
It gets it as the program was run by nobody@cissus.mbot.org.

However, as I understood it, the -oi flag should kill that.

As another suggestion, as a workaround, try:

open (MAIL, "| /usr/lib/sendmail -t To: listproc\@mobot.mobot.org " );

instead as the open?  If this also fails, I will read the
sendmail manaual page fully!
0
How To Install Bash on Windows 10

Windows’ budding partnership with Canonical has certainly led to some great improvements. One of them being the ability to use Bash on your Windows machine without third party applications! This might be one of the greatest things a cloud engineer in a Windows environment can do!

 
LVL 1

Expert Comment

by:Kallisti
ID: 1827877
Eek, typo there..  Remove the To: from the suggested line!

It is meant to replace the current open line..
0
 

Author Comment

by:tucker040197
ID: 1827878
Adjusted points to 75
0
 
LVL 1

Accepted Solution

by:
wisdom042597 earned 210 total points
ID: 1827879
You can set the "from" address in Sendmail by using the -f parameter (i.e. /.../sendmail -fmyname@mydomain ).  Your process must be running as root or another trusted user to do this, otherwise you'll receive an "X-authentication" message in the e-mail header, but this may not be that big of a problem because the e-mail will still appear to be "from" the user address you
specify.

If you don't use the -f parameter, sendmail will send the message as designated coming from whatever user process the web server is running as.  By modifying the e-mail headers, you can set the reply-to, but the only way to force the original "X-sender" is by using the -f parameter.

So you should change your original reference to sendmail to look something like this:

open (MAIL, "| /usr/lib/sendmail -f$in{'email'} ..." );

I haven't tested this, but you get the idea.  HOWEVER, note that this also represents a rather serious potential security hole.  If one of the form fields ends up on the Unix command line, you better run some serious checks on the email variable value to make sure it contains no destructive characters - if you don't user's can potentially execute unix commands as the web server user!  Be sure to remove any characters from the email value that would have special purpose under your particular version of Unix (i.e. |,+,& etc..)

Let me also just state for the record that it's debatable as to whether the convenience of allowing a push-button maillist subscription from a web page is worth the hassel you can end up with when users enter invalid e-mail addresses.  

 - wisdom

0

Featured Post

Quick Cloud Training

Looking for some quick training on the cloud in 2 hours or less? Check out these how-to guides in AWS, Linux, OpenStack, Azure, and more!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you how to make a simple HTML bar chart with the usage of WhizBase, If you want more information about WhizBase please read my previous articles at http://www.experts-exchange.com/ARTH_5123186.html (http://www.experts-ex…
This article will show, step by step, how to integrate R code into a R Sweave document
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question