Solved

What is wrong

Posted on 1998-12-23
5
140 Views
Last Modified: 2010-03-05
Could any experts tell what is wrong with this script :

#!/usr/bin/perl

######################################################
#                                                    #
# This E-Mail version 1.0 is created by Tan Chen Yee #
# Copyright (c) Dec 11, 1998                         #
#                                                    #
# If you want to use or modify this program, please  #
# let me know by send me an e-mail. Also, tell me    #
# the URL that use this program. Thank you !         #
#                                                    #
# My e-mail is tanc02@stcloudstate.edu               #
#                                                    #
######################################################

$mail='/usr/sbin/sendmail';
$e_mail='http://imps.stcloudstate.edu:8002/mail.html';

  read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
  @pairs = split(/&/, $buffer);
  foreach $pair (@pairs)
  {
    ($name, $value) = split(/=/, $pair);
    $name =~ tr/+/ /;
    $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
    $value =~ tr/+/ /;
    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
    $value =~ s/<!--(.|\n)*-->//g;
    $DATA{$name} = $value;
  }

print "Content-type: text/html\n\n";
 
print "<html>";
print "<head>";
print "<title>E-Mail have sent !</title>";
print "</head>";
print "<body bgcolor=pink>";
print "<br><br><center><h2>This e-mail have already sent to</h2>";
print "<h3><i>$DATA{'email'}</i></h3></center>";
print "</body>";
print "</html>";
open (MAIL, "|$mail $DATA{'email'}");
   print MAIL "To : $DATA{'email'}\n";
   print MAIL "From : $DATA{'from'}\n";
   print MAIL "Subject : $DATA{'subject'}\n\n\n";
   print MAIL "$DATA{'content'}\n\n\n";
 print MAIL "**************************************************************\n\n";  
   print MAIL "This message is sent to you by E-Mail 1.0\n";
   print MAIL "$e_mail.\n\n";
 
close(MAIL);

I had ran this script, it was alright. But I have a problem.
When I save e-mail to these addresses :
 tanc02@stcloudstate.edu
 wlw08@stcloudstate.edu
it took only 1 second for sending the message, but if the address is tanc02@hotmail.com, it took 5 hours at most.

Why it took so long to send the message to tanc02@hotmail.com.

Do I forget to include anyting important code in the perl script ?

What can I do to improve the script ?

Do I have security hole in my script ?

How to detect the security hole ?
0
Comment
Question by:tanc02
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 1

Author Comment

by:tanc02
ID: 1207153
Edited text of question
0
 
LVL 84

Expert Comment

by:ozo
ID: 1207154
Perhaps your connection to hotmail.com is just slow?

There is a security hole in your script if someone sets $DATA{'email'} to something like 'tanc02@hotmail.com ; rm *'
To close it, I'd suggest

$mail='/usr/sbin/sendmail -t';
open (MAIL, "|$mail");
0
 
LVL 1

Author Comment

by:tanc02
ID: 1207155
I don't think the connection was slow, becuase if I used something else like
tigger, condor,= to send the message to tanc02@hotmailcom, they  just took also 1 second.

How did you know there is a secuirty hole ?
And what will happed if someone sets $DATA{'email'} to something like
'tanc02@hotmail.com ; rm *'  ? what do you mean by 'someone' - me or hacker ?
And how do they set it ?

what is '-t' ?
$mail='/usr/sbin/sendmail -t';
0
 

Expert Comment

by:tribal9
ID: 1207156
<man sendmail>

You can lookup all of the program extensions in the manpages.  Get to know them, they are useful.

-Matt
0
 
LVL 1

Accepted Solution

by:
sdjjm earned 70 total points
ID: 1207157
The problem is not on your end, it's with Hotmail.  They have millions of user accounts and their mail server can take hours to sort mail into the proper user boxes.  I have the same problem myself.  Mail that I send to my ISP POP account gets delivered within 5 minutes where the same email sent to Hotmail takes hours to hit my mailbox.
I have even given up checking my email at Hotmail during peek user times of the day.  At noon for example, when the whole country must be on lunch checking their personal Hotmail, I can't even read my messages as they download from Hotmail  at a whopping 68 BPS on the worst days.
0

Featured Post

Enroll in June's Course of the Month

June's Course of the Month is now available! Every 10 seconds, a consumer gets hit with ransomware. Refresh your knowledge of ransomware best practices by enrolling in this month's complimentary course for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Email validation in proper way is  very important validation required in any web pages. This code is self explainable except that Regular Expression which I used for pattern matching. I originally published as a thread on my website : http://www…
There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question