I use qmail, and i send a mail with Thunderbird or Outlook. I can handle to, from, body, cc informations with qmail. But i cannot handle bcc. Because people say "qmail stripts out bcc." Some other people says "it is not job of qmail ( mta) , problem is from thunderbird (mua), it strips out bcc ". I don't know which is true.
So, How can i handle bcc information with qmail , Can you explain ?
Thanks.
You have to distinguish between receivers in header and in smtp-envelope. What you use as "To", "Cc" end up as header fields in your mail and are also used as envelope receipients in SMTP. The header fields are merely informational and are not used for message delivery. For "Bcc", your MUA (e.g. Thunderbird) does not include a header field in the mail, but only uses a corresponding envelope-receipient when handing over the message to the mail server. Adding Bcc information to the mail itself actually would defeat its purpose. Therefore, no information about this receiver is contained in the message itself. So qmail does not "strip out bcc" from the mail, since was never there, but it will be able to deliver the mail anyway.
Related
I'm trying to implement List-unsubscribe. I have added a mailto: header but what's not clear to me is what e-mail is actually being sent when e.g. hotmail or gmail are sending an e-mail to this unsubscribe address.
Is it sending an e-mail with From: containing the e-mail address in question, or is it some hotmail/gmail service address?
Does anyone know a way to actually test it, since gmail and hotmail only activate this feature with highly trusted addresses (I've tried and it won't show).
http://download.microsoft.com/download/e/3/3/e3397e7c-17a6-497d-9693-78f80be272fb/enhance_deliver.pdf
This states:
- Include a List-Unsubscribe header
- Send an immediate confirmation message
I understand this as replying to the unsubscribe e-mail with a confirmation e-mail. Does anyone know if there should be any specific headers or contents in that message (e-mail)?
The unsubscribe should simply come from the address of the user who opted to unsubscribe. This is a very simple mechanism which should work with even extremely basic email clients.
The notation mailto:list-admin#example.net?subject=unsubscribe causes an email message with the Subject: header unsubscribe to be sent to list-admin#example.net.
There is an optional extension of the mailto: URI protocol specifier to allow you to put something in the body of the generated message, but this is less widely supported, and should not be relied on.
Maybe put a special unique identifier in the subject= field and set up the receiving server to handle that if these pedestrian facilities are insufficient for your needs.
If you are asking whether the confirmation message should follow any specific conventions, there's nothing beyond what you put in auto-generated confirmation messages in general. As a recipient, I would expect the unsubscribe confirmation to be pretty similar to the confirmation / welcome message when I originally signed up, only of course with the opposite contents.
What I am trying to do is, sending an email to one person but I want to add more email addresses in the TO field and don't want that users to get the email. Is it possible to somehow configure this?
Yes, this is completely possible. SMTP doesn't actually use the headers for anything; the envelope recipient list controls who actually receives a message (though many user-visible email programs will simply copy the To:, Cc:, and Bcc: headers into the envelope on submission).
Because you are not asking about any particular language, I won't post code which probably won't be useful to you anyway. In pseudocode, something like
s = smtp.connect(server)
s.ehlo()
s.from(envelope.sender)
for r in envelope.recipients:
s.rcpt(r)
s.data('''From: me#example.net
To: you#example.org
Subject: SMTP doesn't care
By the time SMTP transmits the actual message,
the recipient information has already been sent
separately.''')
Recently we are creating an application for interpreting email contents, this application shall give us the TO addresses, CC addresses and BCC addresses.
When handling BCC field, we found it seems not able to get BCC addresses directly. Referring to RFC2822, MORE QUESTIONS arise.
" There are three ways in which the "Bcc:" field is used.
In the first case, when a message containing a "Bcc:" field
is prepared to be sent, the "Bcc:" line is removed even
though all of the recipients (including those specified
in the "Bcc:" field) are sent a copy of the message...
Finally, since a "Bcc:" field may contain no addresses, a
"Bcc:" field can be sent without any addresses indicating
to the recipients that blind copies were sent to someone. "
Suppose an email is sent out as below adddresses
To: to1#address.com
cc: cc1#address.com
bcc: bcc1#address.com
My questions are, when the recipient bcc1#address.com received its email, will there a "bcc1#address.com" in the email source file? If yes, then what field it is placed? If not, then how is it possible for this email to the recipient when there is no any information about the "bcc1#address.com"??
[update]
how can the email server know whose mailbox to deliver this email to, if the email message contains no information about the BCC recipient's email address, including the header part? how a server correctly forwards such an email?
The content of an email does not necessarily contain any information about its recipients. During message transport, this information is carried in the message envelope, which is then discarded on delivery.
What you are pursuing cannot be done reliably (although many person-to-person messages obviously contain the information in the headers).
Many mailing list messages are good examples, especially those which are delivered to multiple recipients in the same domain.
Just for knowledge purposes, I want to know if it is possible to know if email spoofing has been done successful or not . Suppose if I am sending an email from one's account, What if receiver doesn't exist? Means will i get any error as a spoofer that receiver doesn't exist and you cant send email . Thanks
There is no way to know for certain, but you can make an educated guess.
First, when sending an email to a non-existent recipient and the recipient's server is configured to report this to the sender (pretty much the default behaviour), this reporting can happen either:
1) During the email transmission. The SMTP conversation with the recipient's server may very well fail at RCPT TO: (i.e. when the recipient is specified) or at the end of the DATA or BDAT commands (i.e. when the email just have been transmitted and the server either acknowledges this or rejects the email). If you receive an 5xx-type response at either stages, or, well, anytime earlier in the conversation, you can be sure the recipient did not get the message. Validation during email transmission is common.
2) After the email transmission. Servers that don't do recipient validation on SMTP level will often accept and queue emails during the transmission, then generate a bounce report (also called a Delivery Status Notification/DSN or Non-Delivery Report/NDR) later and attempt to return it to the original message sender. As you have no access to the mailbox of the original message sender when spoofing, you will have no idea if such bounce report is generated. This method of validation is still fairly common.
Second, you can embed a tracking image in your HTML email to see if the email was opened. This works by placing a HTML <IMG> element in the email that points to e.g. http://example.org/tracking-1x1.gif?uuid=<id>. The idea is that you track whether that image was downloaded. Be aware that virtually all modern email clients will disable downloading images from unknown sources and some action is required from the recipient to enable downloading images.
Third, you can spoof the MIME sender only. Emails have two distinct set of addressee information: the envelope addressees and the MIME addressees. Emails are delivered based on what's written on the envelope, but email clients render the MIME information instead (what's inside the envelope). In other words, during the SMTP transmission you may specify a different sender address (MAIL FROM: command) from that in the email (From: header). The fun part is that bounce reports are sent to the envelope sender address, a.k.a. the Return-Path, so if you have access to the envelope sender mailbox, you can receive a bounce report no matter what stage it was rejected. Note that you will reveal yourself, either through the mail server logs or through the email header, where the Return-Path header will contain the envelope sender address.
Please use the above information for "knowledge purposes" only. Be aware that email spoofing is likely a crime in just about any country.
I'm using PHPMailer to send mails to a clients database when certain events triggers. Obviously I don't want everyone to get the full list of client's emails, so i'm sending those in BCC using PHPMailer. It's working fine, but there is one problem.
The customer that receive the email got nothing in the field of the targeted email. Just blank. Shouldn't he be able to see his own address and own name I'm sending ? It's helpfull for people who are redirecting emails to know which was targeted.
Same goes with PHP native mail() function.
Is there a way to handle this ?
Thanks ahead !
No, that's not how BCC works.
If you receive an email via BCC, your mail client will show you the original recipient's address in the 'to' field, not yours.
This applies to all BCC mails; it has nothing to do with phpMailer.
If you want the recipients to see something in the 'to' field, you need to populate it with a dummy value -- for example, 'donotreply#yourdomain.com'.
It is good to send messages like this via BCC, so you're doing the right thing. But if you really want the end user to see his own email address in the 'to' field, then the only way to do it is to send the message to each user as a separate email, so you use the 'to' field and not 'bcc'. However, this will dramatically increase the load on your mail systems, so it's probably not the answer.
That's the nature of email. When a person is BCC'd, they will only see the To:, From: and CC: fields. The BCC field will hide every single email address, even the recipient's.
From wiki:
There are three ways in which the "BCC:" field is used.
In the first case, when a message containing a "BCC:" field is prepared to be sent, the "BCC:" line is removed even though all of the recipients (including those specified in the "BCC:" field) are sent a copy of the message.
In the second case, recipients specified in the "To:" and "CC:" lines each are sent a copy of the message with the "BCC:" line removed as above, but the recipients on the "BCC:" line get a separate copy of the message containing a "BCC:" line. (When there are multiple recipient addresses in the "BCC:" field, some implementations actually send a separate copy of the message to each recipient with a "BCC:" containing only the address of that particular recipient.)
Finally, since a "BCC:" field may contain no addresses, a "BCC:" field can be sent without any addresses indicating to the recipients that blind copies were sent to someone.