Solved

What is wrong

Posted on 1998-12-23
5
136 Views
Last Modified: 2010-03-05
Could any experts tell what is wrong with this script :

#!/usr/bin/perl

######################################################
#                                                    #
# This E-Mail version 1.0 is created by Tan Chen Yee #
# Copyright (c) Dec 11, 1998                         #
#                                                    #
# If you want to use or modify this program, please  #
# let me know by send me an e-mail. Also, tell me    #
# the URL that use this program. Thank you !         #
#                                                    #
# My e-mail is tanc02@stcloudstate.edu               #
#                                                    #
######################################################

$mail='/usr/sbin/sendmail';
$e_mail='http://imps.stcloudstate.edu:8002/mail.html';

  read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
  @pairs = split(/&/, $buffer);
  foreach $pair (@pairs)
  {
    ($name, $value) = split(/=/, $pair);
    $name =~ tr/+/ /;
    $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
    $value =~ tr/+/ /;
    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
    $value =~ s/<!--(.|\n)*-->//g;
    $DATA{$name} = $value;
  }

print "Content-type: text/html\n\n";
 
print "<html>";
print "<head>";
print "<title>E-Mail have sent !</title>";
print "</head>";
print "<body bgcolor=pink>";
print "<br><br><center><h2>This e-mail have already sent to</h2>";
print "<h3><i>$DATA{'email'}</i></h3></center>";
print "</body>";
print "</html>";
open (MAIL, "|$mail $DATA{'email'}");
   print MAIL "To : $DATA{'email'}\n";
   print MAIL "From : $DATA{'from'}\n";
   print MAIL "Subject : $DATA{'subject'}\n\n\n";
   print MAIL "$DATA{'content'}\n\n\n";
 print MAIL "**************************************************************\n\n";  
   print MAIL "This message is sent to you by E-Mail 1.0\n";
   print MAIL "$e_mail.\n\n";
 
close(MAIL);

I had ran this script, it was alright. But I have a problem.
When I save e-mail to these addresses :
 tanc02@stcloudstate.edu
 wlw08@stcloudstate.edu
it took only 1 second for sending the message, but if the address is tanc02@hotmail.com, it took 5 hours at most.

Why it took so long to send the message to tanc02@hotmail.com.

Do I forget to include anyting important code in the perl script ?

What can I do to improve the script ?

Do I have security hole in my script ?

How to detect the security hole ?
0
Comment
Question by:tanc02
5 Comments
 
LVL 1

Author Comment

by:tanc02
ID: 1207153
Edited text of question
0
 
LVL 84

Expert Comment

by:ozo
ID: 1207154
Perhaps your connection to hotmail.com is just slow?

There is a security hole in your script if someone sets $DATA{'email'} to something like 'tanc02@hotmail.com ; rm *'
To close it, I'd suggest

$mail='/usr/sbin/sendmail -t';
open (MAIL, "|$mail");
0
 
LVL 1

Author Comment

by:tanc02
ID: 1207155
I don't think the connection was slow, becuase if I used something else like
tigger, condor,= to send the message to tanc02@hotmailcom, they  just took also 1 second.

How did you know there is a secuirty hole ?
And what will happed if someone sets $DATA{'email'} to something like
'tanc02@hotmail.com ; rm *'  ? what do you mean by 'someone' - me or hacker ?
And how do they set it ?

what is '-t' ?
$mail='/usr/sbin/sendmail -t';
0
 

Expert Comment

by:tribal9
ID: 1207156
<man sendmail>

You can lookup all of the program extensions in the manpages.  Get to know them, they are useful.

-Matt
0
 
LVL 1

Accepted Solution

by:
sdjjm earned 70 total points
ID: 1207157
The problem is not on your end, it's with Hotmail.  They have millions of user accounts and their mail server can take hours to sort mail into the proper user boxes.  I have the same problem myself.  Mail that I send to my ISP POP account gets delivered within 5 minutes where the same email sent to Hotmail takes hours to hit my mailbox.
I have even given up checking my email at Hotmail during peek user times of the day.  At noon for example, when the whole country must be on lunch checking their personal Hotmail, I can't even read my messages as they download from Hotmail  at a whopping 68 BPS on the worst days.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
perl rename 2 137
perl search and replace 6 161
work on ods spreadsheet with perl in ubuntu 4 73
File Find regex problem 4 58
I've just discovered very important differences between Windows an Unix formats in Perl,at least 5.xx.. MOST IMPORTANT: Use Unix file format while saving Your script. otherwise it will have ^M s or smth likely weird in the EOL, Then DO NOT use m…
Email validation in proper way is  very important validation required in any web pages. This code is self explainable except that Regular Expression which I used for pattern matching. I originally published as a thread on my website : http://www…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now