Showing posts with label email. Show all posts
Showing posts with label email. Show all posts

Monday, November 14, 2022

[FIXED] How can I list scheduled mails in mandrill?

      , ,      No comments   

Issue

Hi I want to list all the emails that are scheduled but not send and I can't find that option. Is it posible?

Thanks a lot.


Solution

/messages/list-scheduled.json API lists upto 1000 scheduled emails.

API Result:

[{
    "_id": "I_dtFt2ZNPW5QD9-FaDU1A",
    "created_at": "2013-01-20 12:13:01",
    "send_at": "2021-01-05 12:42:01",
    "from_email": "sender@example.com",
    "to": "test.recipient@example.com",
    "subject": "This is a scheduled email"
}]

More details



Answered By - Kiran Indukuri
Answer Checked By - Mary Flores (PHPFixing Volunteer)

[FIXED] how would I go about finding the longest mailing city name in America?

      , ,      No comments   

Issue

The longest city name I was able to find (that had a Zip code) was "La Canada Flintridge" which is in CA. I found that haphazardly via google. For testing our mailing addresses, I'd like to get a definite "this is the longest city name you could possibly mail to" out of a USPS database.

How would I go about finding this information a) for free and b) quickly?

To the "Not Programming Related" closers: This determines the field length of a City field in our database. That is programming related.


Solution

The USPS databases use a maximum of 28 characters for the place name. Currently there are 6 mailable place names that long (all truncated to fit in 28 chars): GREAT SAND DUNES NATIONAL MO, INDIAN SPRINGS AIR FORCE AUX, KINGSVILLE NAVAL AIR STATION, ROANOKE RAPIDS AIR FORCE STA, SOUTHERN UTE INDIAN RESERVAT, UNITED STATES AIR FORCE ACAD.

However, the USPS database also provides a 13-character form for any place name longer than that. Eg, YOSEMITE NTPK is the short form for YOSEMITE NATIONAL PARK. As of 8/1/09, CASS software (used to standardize addresses to USPS regulations) is required to automatically provide 13-character place names when looking up addresses.



Answered By - joe snyder
Answer Checked By - Terry (PHPFixing Volunteer)

Thursday, November 10, 2022

[FIXED] How to authenticate emails to prevent gmail mark it as spam

      , , ,      No comments   

Issue

We just open a new e-commerce website and recently noticed Gmail treat our e-mails as spam (notice the red question mark). Our website run behind CloudFlare so the email server IP address is different than the domain.

SPAM marked notice the question mark

We also did not send a bulk email at least not yet. There are some explanations in Google FAQ but not sure what it means or how I need to implement it. Can you please explain how to set these DKIM (preferred) or SPF.

Our website uses nopcommerce (3.70) and developed with ASP.Net.


Solution

Disclaimer: I'm not a "pro" at these things (more later):

  • IMHO, this is probably the simplest explanation of DKIM

  • SPF: in my own words: providing a DNS TXT record that identifies "where" all your emails (smtp/mta servers) can come from. The more complete/formal spec is here

  • You can implement both

Opinionated:

  • SPF is easier to implement

    • identify all the origins of your email, set them in your SPF record, which is a TXT record in DNS

  • DKIM: is more complex - your mail/smtp server/s must implement it.

    As a "web developer" one can see how this would be done in ASP.Net/C#/VB - e.g. sign some payload and using HttClient send some signature in an HTTP header in some outbound request.

    But this is done on an SMTP server, so unless you have one that already implements it, it's something you'll have to do...

IMHO, for DKIM, unless your SMTP/MTA implements it, I'd go for services that provide it. There are 2 types:

  • Transactional email services:

    Not for bulk email. These are the usual "order confirmation" emails, standard support/customer service, etc. emails. They will likely have APIs for you to implement (e.g. sending your MailMessage using thier servers and/or constructing something that equates to it and send that "object" to their API).

  • Bulk email services

    these providers will already have implementations because one of their core value propositions is "deliverability" of your bulk/marketing emails. They should (of course do your due diligence) have both implementations inherently. Will also have their own APIs for bulk email context.

Hth



Answered By - EdSF
Answer Checked By - Terry (PHPFixing Volunteer)

[FIXED] How to configure SPF and DKIM to prevent mail going to spam folder

      , , , ,      No comments   

Issue

x-store-info:4r51+eLowCe79NzwdU2kR0zqpsRfiBoycNOl1Rdc4Wf7430jtHWQcYIrKJBAYArutl6yTQ5VQNWAmHikfoeKC6OfxZYs5RQXt5EONp5Fb+tgLbPo7J+jhd2D/FrCdQyzXUlVTtfPnBo=
Authentication-Results: hotmail.com; spf=softfail (sender IP is 184.168.200.138) smtp.mailfrom=no-reply@.com; dkim=none header.d=.com; x-hmca=fail header.id=no-reply@.com
X-SID-PRA: no-reply@.com
X-AUTH-Result: FAIL
X-SID-Result: FAIL
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: 3c21WZ1hAlvCXlgKMA/ssa/7uuyagef91LCbCD/6jerOOAesLoOF4khK55lv2648aOXN6IForiFWbNDXvt/F9pKgiEmQYyMILkICTpe+/i4pqZfOZymIYT4r8X/NfvkTbHXIijHuSgajahEKBV0qUiO6J/PlRheu+fHREz1zY9V0xz2tq5KTm2vBIQsSTbcG/VCzyglz1h9bRD91eSWpB+xt4cfKRwkgKlCJsJhnftc=
Received: from p3nlsmtpcp01-01.prod.phx3.secureserver.net ([184.168.200.138]) by SNT004-MC2F6.hotmail.com with Microsoft SMTPSVC(7.5.7601.22751);
     Wed, 26 Nov 2014 15:19:28 -0800
Received: from p3plcpnl0474.prod.phx3.secureserver.net ([50.62.176.1])
    by p3nlsmtpcp01-01.prod.phx3.secureserver.net with : CPANEL :
    id LPHH1p01e02B8ka01PHHME; Wed, 26 Nov 2014 16:17:17 -0700
Received: from kumani11 by p3plcpnl0474.prod.phx3.secureserver.net with local (Exim 4.84)
    (envelope-from <no-reply@.com>)
    id 1Xtlrr-0002Gt-Tx
    for *EMAIL*@live.co.uk; Wed, 26 Nov 2014 16:19:27 -0700
To: Neil <*EMAIL*@live.co.uk>
Subject: Ad Reply on
X-PHP-Script:.com//adreply.php for 5.151.130.2
Date: Wed, 26 Nov 2014 23:19:27 +0000
From: <no-reply@.com>
Reply-To: <no-reply@.com>
Message-ID: <d6832c41b94a8dcf73b6660427bfbd46@.com>
X-Priority: 1
X-Mailer: PHPMailer 5.2.4 (https://github.com/Synchro/PHPMailer/)
MIME-Version: 1.0
Content-Type: multipart/alternative;
    boundary="b1_d6832c41b94a8dcf73b6660427bfbd46"
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - p3plcpnl0474.prod.phx3.secureserver.net
X-AntiAbuse: Original Domain - live.co.uk
X-AntiAbuse: Originator/Caller UID/GID - [940112 956] / [47 12]
X-AntiAbuse: Sender Address Domain -.com
X-Get-Message-Sender-Via: p3plcpnl0474.prod.phx3.secureserver.net: authenticated_id: kumani11/from_h
X-Source: 
X-Source-Args: /usr/sbin/proxyexec -q -d -s /var/run/proxyexec/cagefs.sock/socket /bin/cagefs.server 
X-Source-Dir:.com:/public_html/
Return-Path: no-reply@.com
X-OriginalArrivalTime: 26 Nov 2014 23:19:28.0495 (UTC) FILETIME=[6CFA07F0:01D009CF]

--b1_d6832c41b94a8dcf73b6660427bfbd46
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

When creating a mail with PHPMailer my emails are getting sent to the spam folder of my recipients mailbox

I have been told I need to configure my SPF and DKIM correctly, I think I have done this already on my GoDaddy account for SPF - @ v=spf1 a mx ptr include:secureserver.net ~all

Has anyone else got any ideas why my mail might be going to spam? Have I missed out any headers that you can tell?


Solution

Your SPF record is v=spf1 a mx ptr include:secureserver.net ~all

This allows sends from:

  • a → domain.com host (23.229.191.2)
  • mx ➜ mail.domain.com. (a CNAME for domain.com, so 23.229.191.2 too)
  • ptr → Any ip matching your domain when doing a reverse lookup. As 184.168.200.138 is p3nlsmtpcp01-01.prod.phx3.secureserver.net, it doesn't match your domain.
  • include:secureserver.net → include secureserver.net email policy, which is

v=spf1 ip4:207.200.21.144/28 ip4:12.151.77.31 ip4:69.64.33.132 ip4:68.233.77.16 ip4:184.168.131.0/24 ip4:173.201.192.0/24 ip4:182.50.132.0/24 ip4:170.146.0.0/16 ip4:174.128.1.0/24 ip4:173.201.193.0/24 include:spf-ss1.domaincontrol.com -all

in turn including spf-ss1.domaincontrol.com:

v=spf1 ip4:174.128.7.0/24 ip4:206.252.132.65 ip4:24.75.14.201 ip4:144.202.243.25 ip4:68.232.128.0/19 ip4:216.55.155.13 ip4:216.55.162.41 ip4:195.246.112.0/24 include:spf-ss2.domaincontrol.com include:spf.messaging.microsoft.com -all

and spf.messaging.microsoft.com

v=spf1 ptr:protection.outlook.com ptr:messaging.microsoft.com ptr:o365filtering.com -all

The sending ip 184.168.200.138 is not on any of those ranges. Thus SPF verification fails.

It's odd that 184.168.200.138 isn't listed on the secureserver.net spf. It could be a mistake, or maybe they don't intend users to include their policy on their domains, and thus only list their own email-sending ips, and not user servers.

How to make spf pass? The simplest way is to explicitely list the sending ip:

ip4:184.168.200.138

However, given that your server ip could change unexpectedly you may also want to allow all secureserver.net hosts with

ptr:secureserver.net

In summary, I would use the following p

v=spf1 a mx ip4:184.168.200.138 ptr:secureserver.net ~all

I have removed ptr (since you don't seem to have a dedicated ip whose reverse dns you could set) and the include:secureserver.net that wasn't working.



Answered By - Ángel
Answer Checked By - Terry (PHPFixing Volunteer)

Wednesday, November 9, 2022

[FIXED] Why not use EXIM an OpenDKIM service?

      , , , ,      No comments   

Issue

I tried to configure EXIM + OpenDKIM in CentOS 7... (everything a latest version from repositories)

I used this description to configure a system: https://www.rosehosting.com/blog/how-to-install-and-configure-dkim-with-opendkim-and-exim-on-a-centos-7-vps/ , butI didnt use a default selector, i tried to use unique.

The outgoing mail haven't DKIM signature, I use this config in EXIM:

remote_smtp:
    driver = smtp
    DKIM_DOMAIN = $sender_address_domain
    DKIM_SELECTOR = 20170915exim
    DKIM_PRIVATE_KEY = ${if exists{/etc/opendkim/keys/$sender_address_domain/20170915exim}{/etc/opendkim/keys/$sender_address_domain/20170915exim}{0}}
    DKIM_CANON = relaxed
    DKIM_STRICT = 0

with this, /etc/opendkim:

.
├── keys
│ └── valami.com
│ ├── 20170915exim
│ └── 20170915exim.txt
├── KeyTable
├── SigningTable
└── TrustedHosts

But when I send a mail (with mail, or by telnet, or any others), the EXIM dont use an OpenDKIM. Of course the opendkim listening on port:

tcp 0 0 127.0.0.1:8891 0.0.0.0:* LISTEN 6663/opendkim

When I send a mail fromlocal host to outside:

2017-09-15 15:53:20 1dsr3M-0005fK-Ul <= root@valami.com H=localhost [127.0.0.1] P=smtp S=341
2017-09-15 15:53:21 1dsr3M-0005fK-Ul => xxx@gmail.com R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [74.125.133.26] X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=yes K C="250 2.0.0 OK o1si854413wrg.487 - gsmtp"
2017-09-15 15:53:21 1dsr3M-0005fK-Ul Completed

Why dont call an Exim daemon an OpenDKIM interface?

Thanks your help!


Solution

I SOLVED!
I have to add a 'dkim_sign_headers' variable to configuration file...

remote_smtp:
  driver = smtp
  dkim_domain = $sender_address_domain
  dkim_selector = 20170915exim
  dkim_private_key = ${if exists{/etc/opendkim/keys/$dkim_domain/$dkim_selector}{/etc/opendkim/keys/$dkim_domain/$dkim_selector}{0}}
  dkim_canon = relaxed
  dkim_strict = 0
  dkim_sign_headers = subject:to:from


Answered By - P.Ferenc
Answer Checked By - Marilyn (PHPFixing Volunteer)

[FIXED] How to send direct email with DKIM enabled with nodemailer?

      , , , ,      No comments   

Issue

How can I send direct email via nodemailer with DKIM enabled?

I tried

const nodemailer = require('nodemailer')
const directTransport = require('nodemailer-direct-transport')

const transporter = nodemailer.createTransport(
  directTransport({
    dkim: {
      domainName: "mydomain.com",
      keySelector: "mail",
      privateKey: "<generated private key>"
    }
  }))

require('express')().get('/test', (req, res, next) => {
  console.log('sending mail')
  mailer.sendMail({
    from: 'support@mydomain.com',
    to: 'pmmEoRzqH5EyTO@dkimvalidator.com',
    subject: 'test email',
    html: 'Email content'
  }, (err, reply) => {
    console.log('email sent')
    console.log(err && err.stack)
    console.dir(reply)
  })
  res.send('test').end()
})

I also added the public key as TXT record to my DNS panel.

The email was sent but without DKIM as I checked at http://dkimvalidator.com/results

DKIM Information: DKIM Signature

This message does not contain a DKIM Signature

Is there anyone had succeed with this? This looks a straight forward cheap way to send email without setting up SMTP server but I did not see any post on this.


Solution

Finally, I figured out my own solution.

nodemailer is big project but it looks lack of maintainer. Non-bug-report issue is closed by default.

I switched to sendmail then everything works like a charm



Answered By - transang
Answer Checked By - Katrina (PHPFixing Volunteer)

[FIXED] How can I fix the problem with Gmail? Gmail marked email with passed SPF, DKIM and DMARC as spam

      , , , ,      No comments   

Issue

Gmail moves messages to spam folder. PTR records for ipv4 and ipv6 are available. I have the headers: SPF: PASS с IP-адресом 2a05:480:0:992f:0:0:0:2. DKIM: 'PASS', domain drom.com.ua DMARC: 'PASS'

Delivered-To: vostoknefteproduct@gmail.com
Received: by 2002:a9d:522:0:0:0:0:0 with SMTP id 31csp351612otw;
        Fri, 5 Apr 2019 05:26:18 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzWa1UxYEepV1tor3akYHi1DLXojOZnr61fkANdKlbOkDM880aGrAB9RzQdjipusdfEcAVt
X-Received: by 2002:a2e:87d2:: with SMTP id v18mr7262855ljj.4.1554467178382;
        Fri, 05 Apr 2019 05:26:18 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554467178; cv=none;
        d=google.com; s=arc-20160816;
        b=TTDI9m3Rt73dRkcImzRRAM5n98TJgwNxCnrbvKNVMAIOdrWk/iG+NU2OrR3/vDr7Gp
         fQmPmqt5QyEdZpO1G+He8uYckwETdCQFhVACDVcC5FJ8GWnWsys5p9vbFYzlYh89OZR+
         gFfJkt+lb5z607n03Sr9zMW9HiJVBGKLr+SFCsG8u/AOmZCF9wZtGwaP69E+7b916njn
         WZ+Pz9Q/+DyDKaCOQWrdUlTS5GvrfK/c86/5lA0AjoZN90/Rj+uGlbIROqKUXoLbA/z3
         G9LM9df3a6/kfAZBkzHB3PqCaiUhEKbSrcpLj1gT1fKHZKWOnkqb9hlcYwMX2OcHbpA8
         zTtg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-language:thread-index:mime-version:message-id:date:subject
         :to:from:dkim-signature;
        bh=qI0pd1OCLQLqqFvztD8zxwZ0XJBtraToDzc2t4i88s0=;
        b=uLJIPEtdroC8P6tqoyfOikNhNzEmtmNRGpgoOefyyN/0wdAqExsSoUxZ9UKLL31lST
         AT7J8/ZOEMuGa/wn1dSUHfwRqiZl7d/rxM+AtT2a1PaSSLulOgz9HQDGw1r81QXKnZMI
         XzsGpuPmz9e3apEtczYBM0E3zYjm5Z2ITmpnrk9MluAnEuqE370R/24ixS1W2+EEG4mY
         FXZ6AsImGfZGFr75zc9kLTPgBxa1hxghD0mu6RIACf45b5ljQZQuspj8kRyhw5NX30SA
         FRwg1TwRjm3N+kmaUiDv4M64Y7s1d/PU7Gr4rb33v8Ia/aEOpeFfKLs2NfKmiiuvqBh7
         94vg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@drom.com.ua header.s=dkim header.b=G8nYIwzB;
       spf=pass (google.com: domain of shop@drom.com.ua designates 2a05:480:0:992f::2 as permitted sender) smtp.mailfrom=shop@drom.com.ua;
       dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=drom.com.ua
Return-Path: <shop@drom.com.ua>
Received: from drom.com.ua (drom.com.ua. [2a05:480:0:992f::2])
        by mx.google.com with ESMTPS id z24si17168655ljj.124.2019.04.05.05.26.18
        for <vostoknefteproduct@gmail.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 05 Apr 2019 05:26:18 -0700 (PDT)
Received-SPF: pass (google.com: domain of shop@drom.com.ua designates 2a05:480:0:992f::2 as permitted sender) client-ip=2a05:480:0:992f::2;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@drom.com.ua header.s=dkim header.b=G8nYIwzB;
       spf=pass (google.com: domain of shop@drom.com.ua designates 2a05:480:0:992f::2 as permitted sender) smtp.mailfrom=shop@drom.com.ua;
       dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=drom.com.ua
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=drom.com.ua ; s=dkim; h=Content-Type:MIME-Version:Message-ID:Date:Subject:To:From:Sender: Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=qI0pd1OCLQLqqFvztD8zxwZ0XJBtraToDzc2t4i88s0=; b=G8nYIwzBB+jpn8qK83ZCo7vu+m AM/RFrxq/PP8dITX1PNXqINAjHPSu2rBVsdE5QTMPDoaHYPbOeC9wFHFMfYspdy/JyQAh4A8hmSNz HgtnwRBVR14Nht8DAqeql7CCrOom0KNS0SQ95dTnOy42/5bFommziwUghHGgzyzjUav4=;
Received: from [176.98.31.190] (helo=DESKTOPV2831BB) by drom.com.ua with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from <shop@drom.com.ua>) id 1hCNvF-0000Rn-J9 for vostoknefteproduct@gmail.com; Fri, 05 Apr 2019 15:26:17 +0300
From: "DROM - служба обработки заказов" <shop@drom.com.ua>
To: <vostoknefteproduct@gmail.com>
Subject: Test title
Date: Fri, 5 Apr 2019 15:26:17 +0300
Message-ID: <005901d4ebaa$c4b3ea80$4e1bbf80$@drom.com.ua>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_005A_01D4EBC3.EA0197B0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdTrqr/vXGG/i/4HRdu0LENUGEwBuw==
Content-Language: ru
X-Scanned-By: ClamAV 0.101.1; Fri, 05 Apr 2019 15:26:17 +0300

Where can be the problem? Thanks


Solution

Unfortunately this seems to be business as usual with gmail. Their spam filter seems entirely arbitrary and uncontrollable by recipients - for example adding addresses to your address book, marking messages as "not spam", or repeatedly moving messages from spam to your inbox does not help, and nor does following their guidelines, which include implementing measures such as SPF, DKIM and DMARC, just as you've done. On my own gmail account, I often find messages sent to myself end up in spam!

Their postmaster tools are also broken - this is supposed to provide a feedback mechanism that allows server admins to see why IPs or domains are being blocked or spam filtered, however, it doesn't work properly, and it's very common to see domains & IPs marked as "bad" despite having zero spam reports. There is also no support available for postmaster tools, so you can't even report such problems. It might be worth trying anyway just see what they think of you.

In short, you are entirely at google's mercy - even if you're doing everything that they ask, your messages may still get spam filtered, and you have no recourse.



Answered By - Synchro
Answer Checked By - Dawn Plyler (PHPFixing Volunteer)

[FIXED] How to structure DKIM headers

      , ,      No comments   

Issue

I'm working on a system that sends emails from the ground up.

I'm currently working on a DKIM signer, I know how to do it, but cannot find how to format the header and body before hashing them.

Does anyone know this? Already thanks.


Solution

3.4.1. The "simple" Header Canonicalization Algorithm

The "simple" header canonicalization algorithm does not change header fields in any way. Header fields MUST be presented to the signing or verification algorithm exactly as they are in the message being signed or verified. In particular, header field names MUST NOT be case folded and whitespace MUST NOT be changed.

3.4.2. The "relaxed" Header Canonicalization Algorithm

The "relaxed" header canonicalization algorithm MUST apply the following steps in order:

  • Convert all header field names (not the header field values) to lowercase. For example, convert "SUBJect: AbC" to "subject: AbC".

  • Unfold all header field continuation lines as described in [RFC5322]; in particular, lines with terminators embedded in continued header field values (that is, CRLF sequences followed by WSP) MUST be interpreted without the CRLF. Implementations MUST NOT remove the CRLF at the end of the header field value.

  • Convert all sequences of one or more WSP characters to a single SP character. WSP characters here include those before and after a line folding boundary.

  • Delete all WSP characters at the end of each unfolded header field value.

  • Delete any WSP characters remaining before and after the colon separating the header field name from the header field value. The colon separator MUST be retained.

3.4.3. The "simple" Body Canonicalization Algorithm

The "simple" body canonicalization algorithm ignores all empty lines at the end of the message body. An empty line is a line of zero length after removal of the line terminator. If there is no body or no trailing CRLF on the message body, a CRLF is added. It makes no other changes to the message body. In more formal terms, the "simple" body canonicalization algorithm converts "*CRLF" at the end of the body to a single "CRLF".

Note that a completely empty or missing body is canonicalized as a single "CRLF"; that is, the canonicalized length will be 2 octets.

The SHA-1 value (in base64) for an empty body (canonicalized to a "CRLF") is:

uoq1oCgLlTqpdDX/iUbLy7J1Wic=

The SHA-256 value is:

frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=

3.4.4. The "relaxed" Body Canonicalization Algorithm

The "relaxed" body canonicalization algorithm MUST apply the following steps (1) and (2) in order:

  1. Reduce whitespace:

    • Ignore all whitespace at the end of lines. Implementations MUST NOT remove the CRLF at the end of the line.

    • Reduce all sequences of WSP within a line to a single SP character.

  2. Ignore all empty lines at the end of the message body. "Empty line" is defined in Section 3.4.3. If the body is non-empty but does not end with a CRLF, a CRLF is added. (For email, this is only possible when using extensions to SMTP or non-SMTP transport mechanisms.)

The SHA-1 value (in base64) for an empty body (canonicalized to a null input) is:

2jmj7l5rSw0yVb/vlWAYkK/YBwk=

The SHA-256 value is:

47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=

3.4.5. Canonicalization Examples (INFORMATIVE)

In the following examples, actual whitespace is used only for clarity. The actual input and output text is designated using bracketed descriptors: "<SP>" for a space character, "<HTAB>" for a tab character, and "<CRLF>" for a carriage-return/line-feed sequence. For example, "X <SP> Y" and "X<SP>Y" represent the same three characters.

Example 1: A message reading:

A: <SP> X <CRLF>
B <SP> : <SP> Y <HTAB><CRLF>
                <HTAB> Z <SP><SP><CRLF>
<CRLF>
<SP> C <SP><CRLF>
D <SP><HTAB><SP> E <CRLF>
<CRLF>
<CRLF>

when canonicalized using relaxed canonicalization for both header and body results in a header reading:

a:X <CRLF>
b:Y <SP> Z <CRLF>

and a body reading:

<SP> C <CRLF>
D <SP> E <CRLF>

Example 2: The same message canonicalized using simple canonicalization for both header and body results in a header reading:

A: <SP> X <CRLF>
B <SP> : <SP> Y <HTAB><CRLF>
       <HTAB> Z <SP><SP><CRLF>

and a body reading:

<SP> C <SP><CRLF>
D <SP><HTAB><SP> E <CRLF>

Example 3: When processed using relaxed header canonicalization and simple body canonicalization, the canonicalized version has a header of:

a:X <CRLF>
b:Y <SP> Z <CRLF>

and a body reading:

<SP> C <SP><CRLF>
D <SP><HTAB><SP> E <CRLF>


Answered By - jstedfast
Answer Checked By - Timothy Miller (PHPFixing Admin)

[FIXED] How to format DKIM Header and body?

      , , ,      No comments   

Issue

I've done a question about this before, but still do not understand what to do.

I need to make canonicalized header and body for a email. I've read this piece of documentation lots of times. Could someone make a example, because I cannot wrap my head around this:

3.4.1. The "simple" Header Canonicalization Algorithm

The "simple" header canonicalization algorithm does not change header fields in any way. Header fields MUST be presented to the signing or verification algorithm exactly as they are in the message being signed or verified. In particular, header field names MUST NOT be case folded and whitespace MUST NOT be changed.

3.4.2. The "relaxed" Header Canonicalization Algorithm

The "relaxed" header canonicalization algorithm MUST apply the following steps in order:

  • Convert all header field names (not the header field values) to lowercase. For example, convert "SUBJect: AbC" to "subject: AbC".

  • Unfold all header field continuation lines as described in [RFC5322]; in particular, lines with terminators embedded in continued header field values (that is, CRLF sequences followed by WSP) MUST be interpreted without the CRLF. Implementations MUST NOT remove the CRLF at the end of the header field value.

  • Convert all sequences of one or more WSP characters to a single SP character. WSP characters here include those before and after a line folding boundary.

  • Delete all WSP characters at the end of each unfolded header field value.

  • Delete any WSP characters remaining before and after the colon separating the header field name from the header field value. The colon separator MUST be retained.

3.4.3. The "simple" Body Canonicalization Algorithm

The "simple" body canonicalization algorithm ignores all empty lines at the end of the message body. An empty line is a line of zero length after removal of the line terminator. If there is no body or no trailing CRLF on the message body, a CRLF is added. It makes no other changes to the message body. In more formal terms, the "simple" body canonicalization algorithm converts "*CRLF" at the end of the body to a single "CRLF".

Note that a completely empty or missing body is canonicalized as a single "CRLF"; that is, the canonicalized length will be 2 octets.

The SHA-1 value (in base64) for an empty body (canonicalized to a "CRLF") is:

uoq1oCgLlTqpdDX/iUbLy7J1Wic=

The SHA-256 value is:

frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=

3.4.4. The "relaxed" Body Canonicalization Algorithm

The "relaxed" body canonicalization algorithm MUST apply the following steps (1) and (2) in order:

  1. Reduce whitespace:

    • Ignore all whitespace at the end of lines. Implementations MUST NOT remove the CRLF at the end of the line.

    • Reduce all sequences of WSP within a line to a single SP character.

  2. Ignore all empty lines at the end of the message body. "Empty line" is defined in Section 3.4.3. If the body is non-empty but does not end with a CRLF, a CRLF is added. (For email, this is only possible when using extensions to SMTP or non-SMTP transport mechanisms.)

The SHA-1 value (in base64) for an empty body (canonicalized to a null input) is:

2jmj7l5rSw0yVb/vlWAYkK/YBwk=

The SHA-256 value is:

47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=

3.4.5. Canonicalization Examples (INFORMATIVE)

In the following examples, actual whitespace is used only for clarity. The actual input and output text is designated using bracketed descriptors: "<SP>" for a space character, "<HTAB>" for a tab character, and "<CRLF>" for a carriage-return/line-feed sequence. For example, "X <SP> Y" and "X<SP>Y" represent the same three characters.

Example 1: A message reading:

A: <SP> X <CRLF>
B <SP> : <SP> Y <HTAB><CRLF>
                <HTAB> Z <SP><SP><CRLF>
<CRLF>
<SP> C <SP><CRLF>
D <SP><HTAB><SP> E <CRLF>
<CRLF>
<CRLF>

when canonicalized using relaxed canonicalization for both header and body results in a header reading:

a:X <CRLF>
b:Y <SP> Z <CRLF>

and a body reading:

<SP> C <CRLF>
D <SP> E <CRLF>

Example 2: The same message canonicalized using simple canonicalization for both header and body results in a header reading:

A: <SP> X <CRLF>
B <SP> : <SP> Y <HTAB><CRLF>
       <HTAB> Z <SP><SP><CRLF>

and a body reading:

<SP> C <SP><CRLF>
D <SP><HTAB><SP> E <CRLF>

Example 3: When processed using relaxed header canonicalization and simple body canonicalization, the canonicalized version has a header of:

a:X <CRLF>
b:Y <SP> Z <CRLF>

and a body reading:

<SP> C <SP><CRLF>
D <SP><HTAB><SP> E <CRLF>

Solution

Okay, let's try translating these examples into C strings:

3.4.5. Canonicalization Examples (INFORMATIVE)

In the following examples, actual whitespace is used only for clarity. The actual input and output text is designated using bracketed descriptors: "<SP>" for a space character, "<HTAB>" for a tab character, and "<CRLF>" for a carriage-return/line-feed sequence. For example, "X <SP> Y" and "X<SP>Y" represent the same three characters.

Example 1: A message reading:

A: <SP> X <CRLF>
B <SP> : <SP> Y <HTAB><CRLF>
                <HTAB> Z <SP><SP><CRLF>
<CRLF>
<SP> C <SP><CRLF>
D <SP><HTAB><SP> E <CRLF>
<CRLF>
<CRLF>

Translation:

char *message = "A: X\r\nB : Y\t\r\n\tZ  \r\n\r\n C \r\nD \t E\r\n\r\n\r\n";

when canonicalized using relaxed canonicalization for both header and body results in a header reading:

a:X <CRLF>
b:Y <SP> Z <CRLF>

Translation:

char *headers = "a:X\r\nb:Y Z\r\n";

and a body reading:

<SP> C <CRLF>
D <SP> E <CRLF>

Translation:

char *body = " C\r\nD E\r\n";

Example 2: The same message canonicalized using simple canonicalization for both header and body results in a header reading:

A: <SP> X <CRLF>
B <SP> : <SP> Y <HTAB><CRLF>
       <HTAB> Z <SP><SP><CRLF>

Translation:

char *headers = "A: X\r\nB : Y\t\r\n\tZ  \r\n";

and a body reading:

<SP> C <SP><CRLF>
D <SP><HTAB><SP> E <CRLF>

Translation:

char *body = " C \r\nD \t E\r\n";

Example 3: When processed using relaxed header canonicalization and simple body canonicalization, the canonicalized version has a header of:

a:X <CRLF>
b:Y <SP> Z <CRLF>

Translation:

char *headers = "a:X\r\nb:Y Z\r\n";

and a body reading:

<SP> C <SP><CRLF>
D <SP><HTAB><SP> E <CRLF>

Translation:

char *body = " C \r\nD \t E\r\n";


Answered By - jstedfast
Answer Checked By - Cary Denson (PHPFixing Admin)

[FIXED] How can you verify that an email was sent from the proper domain and that the contents of the email haven't been modified?

      , , , ,      No comments   

Issue

I'm examining my email headers (sent from Gmail) and am wondering which ones are best to verify that an email was sent from the proper domain and that the contents of the email haven't been modified?


Solution

I'll use an example message I received from Stack Overflow to illustrate what you can do to verify a message manually.

SPF isn't a great deal of use after delivery as it's a relatively minor (but important) step of verifying the origin of messages, but it's good to know that it was good at the time, and the headers tell you that. The parts of message content related to delivery are the Return-path header added by the receiver, along with the last Received header that shows where it was received from:

Return-Path: <bounces+3553988-07ba-marcus=example.com@em.stackoverflow.email>
Received: from o1.em.stackoverflow.email (o1.em.stackoverflow.email [167.89.81.234])
    (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
    (No client certificate requested)

Looking up this em.stackoverflow.email domain as a TXT record in DNS gives us:

# dig txt +short em.stackoverflow.email
u3553988.wl239.sendgrid.net.
"v=spf1 ip4:167.89.81.234 ip4:167.89.85.72 ip4:168.245.32.199 -all"

and we can see that the 167.89.81.234 IP that appears in the Received header is explicitly listed in the record, so SPF checks out. Other domains might have more complex needs to verify the SPF, e.g. requiring additional DNS lookups for include mechanisms. Significantly, SPF does not even look at the address used in the From header; it can be entirely unrelated to the return path domain.

DKIM is where the real action is. You can use the information in a DKIM-signature header to verify that a message has not been tampered with. For example:

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; 
    d=stackoverflow.email; 
    h=from:subject:to:reply-to:mime-version:content-type; s=s1; 
    bh=IgKJJZNcUhfjH6LDr4XaWr3pBwq6wwxwyrGmf+k3DVo=; b=rR4J7VyvF3i0N
    20IX9bx0LGTKpSKj7XoHJurhBjcZLLTn/hXuZ8OMehfgMNFeXaMljlOz4tfoFwit
    aJ8UtK1oMVCPiv9200hpQViCh/5VsyYbs6k3YN6R3cFxMbrb7nflodXX+4Rp4xBu
    T+CloNFEDICtWJT4bVSrs/NRAUlJWY=

Look at the From header and check that it matches the domain shown in the d field of the DKIM signature, which it does:

From: Stack Exchange <do-not-reply@stackoverflow.email>

The DKIM signature has 2 signature parts: b is a signature for the message body, and bh is a signature for the message headers. The interaction of these is quite tricky. To generate a signature, first of all you calculate the body signature, then you calculate the header signature which includes the body signature, along with the canonicalised message headers listed in the h element except for the actual value of the bh element, because that would present a chicken & egg problem. The bh signature only includes the headers listed because mail servers may add other headers that should not be included, or that are not known at the time of sending, such as Return-path and Received. Stack overflow's signature is unusual in that it does not include the Date header, so the date on a message can be altered without breaking the DKIM signature.

To verify a signature you need the public key it was signed with, which you can get from DNS using the s field, which provides the selector, in this case s1:

# dig txt +short s1._domainkey.stackoverflow.email
s1.domainkey.u3553988.wl239.sendgrid.net.
"k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCyJRzkL/aRo1F1+ChY+Crt2TARqqo7tGATw3fMfzW8MXFWaoW1rSvZsq4k1EIf2iW7gO/QZjU1Td7h1aZpS63/CmpKymmqNbHnnbTxZGvZziKPcL/R2PVL0g88MFcpAuSjIsGysYTeow0mnXQ5W03z5mtWqm5nxNM40A/TIlOegwIDAQAB"

One issue with this signature is that it only uses a 1024-bit key; gmail ignores DKIM signatures with less than 2048 bits, so I would not be surprised if SO has deliverability issues with gmail.

Actually verifying a DKIM signature is a complicated process, especially if it uses the relaxed canonicalisation algorithms (which make the signatures more likely to survive the email journey). I wrote a PHP DKIM validator that you could use to verify your own messages.

The final layer is DMARC which ties SPF, DKIM, and the From address header together. Looking back at the Return-path, we can see that the return path domain is a subdomain of the domain used in the From header. This means that it qualifies for "relaxed" rather than "strict" alignment. We can see SO's DMARC record:

# dig txt +short _dmarc.stackoverflow.email
"v=DMARC1;p=reject;sp=reject;pct=100;rua=mailto:dmarc-aggregates@stackoverflow.com;ruf=mailto:dmarc-forensics@stackoverflow.com;fo=1"

This tells us that SO wants receivers to enforce SPF and DKIM checks strictly, and to reject any messages that do not check out, and they have set up addresses to receive summary and forensic reports of any messages that fail.

There's lots more detail but this isn't really the place for it. There's a good article on it all here.



Answered By - Synchro
Answer Checked By - David Goodson (PHPFixing Volunteer)

[FIXED] How to validate DKIM body hash manually?

      , ,      No comments   

Issue

RFC5322 Procedure

This is an auto forwarded email. I'm trying to verify the bh field as per rfc5322. But the sha256 hash value received is not matching this value. The message body is: for forwarded mail Any suggestions to validate the bh= field correctly? I have included some sample header field data. Please do explain (relaxed) canonical procedure too

    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1516798995;
        s=jan2017; d=headsup.co.in; i=sender@headsup.co.in;
        h=Date:From:To:Message-Id:Subject:MIME-Version:Content-Type; l=627;
        bh=ODw8icD/S+4UGcXgR4ocNpxXDh4PolWtd1IUXjh0AUs=;
        b=G2vTZ+uQ+krw49l+4aMnaeZjUvAJXPPRA8bvOhs3XZNbd2Ng+odB/F5PI3tRpdhr
        C0CJA5KPv4VncP2V1PjNdkgKLjs1eTzLSaqmPjhhQDc8mWQRT0rzcPP3V9v6BeXF987
        54Zns/QWtR+RbSacFXvUjyBEOlaWUVAmaVcqw5S8=

    //Message: for forwarded mail
  //Example Data
    Date: Wed, 24 Jan 2018 18:33:08 +0530
    From: sender <sender@headsup.co.in>
    To: "receiver" <receiver@gmail.com>
    Message-Id: <1612843d10d.d305604a24030.1212846966506749871@headsup.co.in>
    Subject: Test Arc Seal
    MIME-Version: 1.0
    Content-Type: multipart/alternative; 
        boundary="----=_Part_76205_1329960269.1516798988558"
    X-Priority: Medium  






//Cannonicalization code (relaxed)
package canonicalization;

import java.io.IOException;



public class Canonicalization {


        public String canonicalizeHeader(String name, String value) {
            name = name.trim().toLowerCase();
            value = value.replaceAll("\\s+", " ").trim();
            return name + ":" + value;
        }

        public String canonicalizeBody(String body) {

            if (body == null || "".equals(body)) {
                return "\r\n";
            }

            body = body.replaceAll("[ \\t\\x0B\\f]+", " ");
            body = body.replaceAll(" \r\n", "\r\n");

            // The body must end with \r\n
            if (!body.endsWith("\r\n")) {
                return body + "\r\n";
            }

            // Remove trailing empty lines ...
            while (body.endsWith("\r\n\r\n")) {
                body = body.substring(0, body.length() - 2);
            }

            return body;

        }
        public static void main(String[] args) {
            Canonicalization obj=new Canonicalization();
            System.out.println(obj.canonicalizeHeader("Date"," Wed, 24 Jan 2018 18:33:08 +0530"));
            System.out.println(obj.canonicalizeHeader("From"," sender <sender@headsup.co.in>"));
            System.out.println(obj.canonicalizeHeader("To"," \"receiver\" <receiver@gmail.com>"));

            System.out.println(obj.canonicalizeBody("for forwarded mail"));

        } 
}

Solution

The code works fine for emails sent in plaintext format (Content-Type: text/plain;)

But by default, emails are sent by Rich Text Format (Content-Type: multipart/alternative;), hence the body hashes did not match



Answered By - Shashank
Answer Checked By - Dawn Plyler (PHPFixing Volunteer)

[FIXED] How to Domainkeys/DKIM email signing using the C# SMTP client?

      , , , ,      No comments   

Issue

I have written an program in C# which sends out emails. Now I have a requirement to sign outbound emails using Dominkeys/DKIM, but I'm not sure how to do it.

I have set up all keys, but I don't know how to get those and how to include them in the email header.


Solution

i didnt find much help on this issue, but my problem got solve by configuring smtp server. i cant post those steps as i am using 3rd party smtp server and every server has their own configuration. after proper configuration my smtp automatically adds DM/DKIM signature.



Answered By - Nnp
Answer Checked By - Terry (PHPFixing Volunteer)

[FIXED] How would SendGrid Automated Security handle SPF record?

      , , ,      No comments   

Issue

I use SendGrid and I have 2 dedicated IPs... My website sends its emails using SendGrid.

At the same time I use G Suite and I personally send my emails using G Suite (Google Workspace)

I want to setup DKIM and SPF records. SendGrid documentation has an option called Automated Security:

Automated security allows SendGrid to handle the signing of your DKIM and authentication of your SPF for your outbound email with CNAME records. This allows you to add a dedicated IP address or update your account without having to update your SPF record.

and later on...

When Automated Security is On, SendGrid generates 3 different CNAME records. In a later step of setting up domain authentication, you give these records to your DNS provider, and then you verify that they upload correctly.

If you select Off, we generate 1 MX record and 2 TXT records. In a later step of setting up domain authentication, you give these records to your DNS provider, and then you verify that they upload correctly.

So When Automated Security is ON I won't need to add any SPF and DKIM record, instead I have added the 3 CNAME records that is required for Automated Security...

On the other hand I am also using G Suite and G Suite wants me to add DKIM and the following SPF record:

v=spf1 include:_spf.google.com ~all

From what I understand, the above SPF record means that _spf.google.com is the only server that should be sending my emails...

So my question is: Is adding G Suite SPF record conflicting with SendGrid Automated Security? My SPF record is saying the My SendGrid's dedicated IPs are not allowed to send email?

Imagine Yahoo mail server receives an email from one of my dedicated IPs (SendGrid)... how would Yahoo know that I am using Automated Security and the SPF record is handled by SendGrid? Because If Yahoo checked the SPF record, the SPF record is telling it that only _spf.google.com is allowed to send my emails?


Solution

Just a note: Your question would probably do better at the Server Fault forum.

To answer you questions: No the SPF record where you list G Suite is not conflicting with your SendGrid setup.

What is important to understand is: SPF says absolutely nothing about who is allowed to send emails FROM your domain. SPF authenticates the Return-Path address instead, and you're creating a subdomain for the bounce messages (what the Return-Path header is used for) with the CNAME delegation records in "Automated Security".

So, basically, Sendgrid is asking you to create a sub domain for them, e.g. em123.yourdomain.com by means of CNAME record. You delegate that subdomain over to them, targeting your personal Sendgrid tenant zone in DNS, where they create an SPF record and MX record at the root of that zone. A typical email from Sendgrid will then look like this:

from: you@yourdomain.com, Return-Path: bounces@em123.yourdomain.com

Thus, the receiving server will check the SPF record at em123.yourdomain.com to see if your IPs are allowed.

The other two CNAMEs are for the DKIM selector records. They point to TXT records that Sendgrid manages and rotates periodically.

So why not have Sendgrid use their domain in the Return-Path and not bother with the CNAME setup at all? DMARC demands that your Return-Path domain aligns with your FROM domain, OR that the domain used in your DKIM signatures aligns with your FROM domain. Preferably both.



Answered By - Reinto
Answer Checked By - Robin (PHPFixing Admin)

[FIXED] How to Sign Javamail with DKIM

      , , , ,      No comments   

Issue

Is there a library or a way to do this without an external library? I am using apache james as my mail server and currently send email like this:

public void sendMessage(String to, String subject, String content) {
    MimeMessage message = new MimeMessage(session);
    try {
        message.addRecipients(Message.RecipientType.TO, to);
        message.setFrom(new InternetAddress(from));
        message.setSubject(subject);
        message.setContent(content, "text/html; charset=utf-8");
        Transport.send(message);
    } catch (MessagingException e) {
        e.printStackTrace();
    }       
}

But i'd like to sign the email with DKIM before hand. I understand I need to implement DKIM signing into the james server and plan on use jDKIM to do this, I also understand I need to create the keys using something like www.port25.com, but how do I actually sign the email in java before I send it out?


Solution

I ended up using DKIM for Javamail which can be downloaded at: DKIM For Javamail

Here is an example (Its pretty well documented in the examples in the download):

public void sendMessage(String to, String subject, String content) {
    //Create DKIM Signer
    DKIMSigner dkimSigner = null;
    try {
        dkimSigner = new DKIMSigner(properties.getProperty("mail.smtp.dkim.signingdomain"), properties.getProperty("mail.smtp.dkim.selector"), properties.getProperty("mail.smtp.dkim.privatekey"));
        dkimSigner.setIdentity(properties.getProperty("mail.user") + "@" + properties.getProperty("mail.smtp.dkim.signingdomain"));
        dkimSigner.setHeaderCanonicalization(Canonicalization.SIMPLE);
        dkimSigner.setBodyCanonicalization(Canonicalization.RELAXED);
        dkimSigner.setLengthParam(true);
        dkimSigner.setSigningAlgorithm(SigningAlgorithm.SHA1withRSA);
        dkimSigner.setZParam(true);
    } catch (Exception e) {
    e.printStackTrace();
        }
    if(dkimSigner != null) {
        //Create message
        Message message = new SMTPDKIMMessage(session, dkimSigner);
        try {
            message.setRecipients(Message.RecipientType.TO, InternetAddress.parse(to, false));
            message.setFrom(new InternetAddress(from));
            message.setSubject(subject);
            message.setContent(content, "text/html; charset=utf-8");
            Transport.send(message);
        } catch (MessagingException e) {
            e.printStackTrace();
        }   
    }           
}


Answered By - ryandlf
Answer Checked By - Marie Seifert (PHPFixing Admin)

[FIXED] What happens when an old email is forwarded but the original public DKIM key that was used to check the signature has changed in the DNS settings?

      , ,      No comments   

Issue

What will happen on the receiving email server when it gets the forwarded email? I assume it will want to check the signature but it will think the signature is invalid. In what folder will the email land, in the inbox or in the spam folder?


Solution

I think I forgot the fact that there are two kinds of forwarding:

  1. The first one is the automatic forwarding. This happens ideally pretty quickly. So before changing the DKIM public key we should wait some time or some days to allow the already signed messages to reach their destination.

  2. The second one is the manual forwarding. In this case the forwarded message will be signed again with a completely new signature, with the forwarder's private key. It does not matter if the DKIM public key of the original sender has changed.



Answered By - pepe
Answer Checked By - Terry (PHPFixing Volunteer)

[FIXED] Why would I choose simple over relaxed canonicalization for DKIM?

      ,      No comments   

Issue

DKIM supports two canonicalization schemes: relaxed and simple. The former is more lenient and allows for intermediary mailers to modify the email to a limited degree.

The only data I could find is a survey of implementations that shows the vast majority of email senders using relaxed canonicalization both for headers and body. (Noticeable fewer use relaxed for the body, but it's still a definite majority.)

The DKIM specification says that all clients have to support both canonicalization forms if they support DKIM, so that doesn't seem like a major factor. Both schemes allow intermediaries to add headers. The only distinction I can tell is in the handling of the case of header names (not values) and the whitespace within a header. Given that, it seems like relaxed will always have at least as good deliverability, which is the aim of DKIM.

(Of course, if I want to actually sign my emails to attest to their contents, I'd use S/MIME and certificates. DKIM is strictly about deliverability, right?)


Solution

I suppose that simple canonicalization is available as a choice for senders who wish to have a less computationally intensive signing method, at the possible cost of some deliverability. The difference in complexity isn't that much, but it might make an appreciable difference for large bulk senders.



Answered By - Greg Hewgill
Answer Checked By - Mildred Charles (PHPFixing Admin)

Tuesday, November 8, 2022

[FIXED] Why am I getting "socket.gaierror [Errno 11001]" when trying to run my Python SMTP script?

      , ,      No comments   

Issue

I have been trying to run the following code however I am getting the following error when the code runs. I am currently following a video on a course on Udemy, however, the video seems to be outdated as the option to turn on "Less secure apps" on Gmail can't be turned on anymore as Google disabled the option. To fix this, I have enabled 2-factor authentication and generated a new password for this python script. However, it is still not working and I don't know why. Please can somebody help?

import smtplib
from credentials import  *

connection = smtplib.SMTP("smtp.gmail.com", port = 587)

connection = smtplib.SMTP("smptp.gmail.com", port = 587)
connection.starttls()
connection.login(user=my_email, password=password)

connection.sendmail(from_addr=my_email, to_addrs=to_address, msg = "Testing")
connection.close()

Error as follows:

Traceback (most recent call last):
  File "C:\Users\user\Documents\Python\bootcamp 2022\day 32\Birthday+Wisher+(Day+32)+start\Birthday Wisher (Day 32) start\main.py", line 9, in <module>
    connection = smtplib.SMTP("smptp.gmail.com" ,port =587)
  File "C:\Python39\lib\smtplib.py", line 255, in __init__
    (code, msg) = self.connect(host, port)
  File "C:\Python39\lib\smtplib.py", line 341, in connect
    self.sock = self._get_socket(host, port, self.timeout)
  File "C:\Python39\lib\smtplib.py", line 312, in _get_socket
    return socket.create_connection((host, port), timeout,
  File "C:\Python39\lib\socket.py", line 822, in create_connection
    for res in getaddrinfo(host, port, 0, SOCK_STREAM):
  File "C:\Python39\lib\socket.py", line 953, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno 11001] getaddrinfo failed

Solution

getaddrinfo looks up the IP address for a domain name. The reason why this is failing is because you have a simple typo in the address for smtp.gmail.com. Just fix it and it should be fine. Like this:

import smtplib
from credentials import  *


connection = smtplib.SMTP("smtp.gmail.com", port=587)
connection.starttls()
connection.login(user=my_email, password=password)

connection.sendmail(from_addr=my_email, to_addrs=to_address, msg = "Testing")

connection.close()

Also, there is no need to redefine connection. Doing it only once will work.



Answered By - Michael M.
Answer Checked By - Cary Denson (PHPFixing Admin)

[FIXED] How to send email from broadcastreceiver?

      ,      No comments   

Issue

I am implementing one application.

Based on my application i am created class named "RepeatingAlarm.java"

My RepeatingAlarm class extends broadcastrecevers.

I am calling the above class in every one hour.

My requirement is,when this class is called

I want to get a file from sdcard and send this file through email.

How to do this?


Solution

Add these inside onReceive method in your BroadcastReceiver.

   File file= new File(Environment.getExternalStorageDirectory()
                    + "/filefolder/"+"filename");
Uri u1  =   null;
u1  =   Uri.fromFile(file);

Intent sendIntent = new Intent(android.content.Intent.ACTION_SEND);
sendIntent.putExtra(android.content.Intent.EXTRA_SUBJECT, "Sending a file");
 sendIntent.putExtra(android.content.Intent.EXTRA_EMAIL, new String[] 
        {"me@gmail.com"}); 
sendIntent.putExtra(Intent.EXTRA_STREAM, u1);
sendIntent.setType("text/html");
context.startActivity(Intent.createChooser(sendIntent , "Send mail..."));


Answered By - Manikandan
Answer Checked By - Marilyn (PHPFixing Volunteer)

[FIXED] How to send an email with $_POST data submitted with AJAX

      , , ,      No comments   

Issue

I want to submit some data from localStorage to

Autoform.submitStoredData = function() {
    var data = localStorage.tbRecoveredData;
    if(data) {
        jQuery.ajax ({
            type: "POST",
            url:"http://www.thewebsite.com/Autoform.php",
            data: data,
            success: function() {
                console.log("success");
            },
            error: function(xhr,status,error) {
                console.log("payload failed to submit with xhr: " + xhr + ", status: " + status + ", and error: " + error);
            }
        });
        localStorage.removeItem("tbRecoveredData");
    }
};

I am getting "success" in the console so far so good. Autoform PHP looks like this: 

<?php

    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $data = $_POST;
        mail('myemail@gmail.com', 'OK SO here at least is the captured string', $data);
    }

?>

This does nothing or at least no email gets sent. I admit I dont know much about PHP, I've tried googling without much luck. Do I need to wrap this in a sort of self invoking function or something because it seems like the PHP code is not being executed. Any help is appreciated thanks!


Solution

Okay, if you try putting the below code and finding it to be NULL:

var_dump(mail(...));

Then you need to configure your server to make the PHP work with it's built in mail() function. There are several ways to do it:



Answered By - Praveen Kumar Purushothaman
Answer Checked By - Pedro (PHPFixing Volunteer)

[FIXED] How to send emails to multiple users using Laravel 7 Mail?

      , , , ,      No comments   

Issue

This is my code which sends an email to a single address:

Route::get('/send-mail', function () {
$details = [
    'title' => 'Mail From KN7',
    'body' => 'Email test in Laravel SMTP'
];
\Mail::to('iamlegend707083@gmail.com')->send(new \App\Mail\TestMail($details));
echo "Email has been Sent!";
});

Is there any way to change this code so I can send the same email to multiple email addresses?


Solution

You can add simple array :

 $usersArray = ['mail@gmail.com', 'mail2@gmail.com', 'mail3@gmail.com'];

    foreach($usersArray as $user){

        \Mail::to($user)->send(new \App\Mail\TestMail($details));
        echo "Email has been Sent!";
        });
    }


Answered By - Met Br
Answer Checked By - Willingham (PHPFixing Volunteer)

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...