On our website we use a MySQL table which contains all users. Some of the users should be able to send mails to all users. Unfortunately I haven't got the right idea how to implement such a system.
My current design:
A privileged user writes a mail to users#website.com using his personal mail software.
A server is waiting for incoming mails.
As soon as it receives a mail, it matches the 'From' field with the database.
If the user is not found or hasn't got the special flag, discard the mail.
Forward the mail to all users (mail addresses are saved in the database)
Send the sender a confirmation mail.
How can I implement such a system? I'm not required to stick to a certain programming language even though C++, PHP or Node.JS would be preferred.
As a jumping off point, look into IMAP/SMTP. You can, with any language, log into an email inbox, get emails, read them, etc etc etc. Set up your mailbox with an account users#website.com that receives legitimate emails. Then set up a cron job that checks the inbox every 5 minutes or so. If no emails are found, then you are done. If there is an email there, process it, run your checks against your DB, and then send it using SMTP, and then send the confirmation to the user.
If handling IMAP is too hard, you may just want to make a form on your website that privileged users can use which sends the emails to the users.
Related
In Email Queue, when I send queued campaign emails all emails are sent. I want it to send only the emails which are checked(selected checkboxes). Does any one know the way to do the same.
Thanks.
That's the default behavior, to modify it you'd check in /modules/EmailMan and ideally copy code/customization to the custom directory to try to stay as upgrade-safe as possible. Really, though, my experience with Campaign and Email customization is that there is heavy copy-paste from core files which are technically upgrade-safe but may not be upgrade-aware later on.
Also, the number of outgoing emails in a single blast can be controlled with Campaign Email Settings :
index.php?module=EmailMan&action=campaignconfig
On a more basic level though, why would you queue emails you don't want to send?
I'm making a quick Google App Engine program that presents a publicly available form that users can fill out with their name and email address, then can enter a friend's name and e-mail address. The application pulls in the data via POST, then sends a pre-formatted e-mail like 'Hi, , your friend wants to invite you...'
What should I be doing to prevent spammers from exploiting this publicly facing e-mail sending program? Is there a good resource for best-practices in this field? I've spent a few hours searching, but I haven't really found anything definitive...
Principally creating a publicly available form that anyone can use to send[s] a pre-formatted e-mail is another name for creating a spam machine.
You can mitigate by making it harder for non-humans to use it, recaptcha is the typical way to achieve this.
You could send a confirmation email to the sender and require a secondary action (like clicking a link) before sending the email. Or, if you expect your users to return, ask them to sign up (with a similar confirmation) before allowing them to send email.
I would first impose some limit to the # of email addresses a specific user/IP can send. This won't solve the problem but will limit the damage in case someone does try to send spam to 1000 emails.
Second, you could try sending the emails in small batches if an user puts in a lot of email addresses. Send 5 at a time, and monitor to see if there's any spam complaints (you can probably automate this somehow). If no complaints after 2 days, keep sending the rest.
I have a project to send some email to end clients. My client need to know what exactly "Email Client" they use to read the mail. I know a hidden can get the open event and even the user agent they use, so by parsing user agent i can get most email clients info.
But it's hard to detect some popular web mail clients like "Gmail", "Hotmail" and "Yahoo mail". Because user agent return is only the browser user agent string.
Edit: i think i need a result more like this:
here
You will not be able to perfectly detect the e-mail client your users are using.
In E-Mail headers some programs choose to include the X-Mailer tag, which tells you exactly with what program and version your user is sending the e-mail - of course that can be faked. Not all programs use the X-Mailer tag, I e.g. couldn't find it in a mail sent with Microsoft Outlook 2010.
Besides that you could do some guesswork by the Received from tag in the e-mail headers, but in the end you can use SMTP and POP3 with most webmailers like GMail or Yahoo. That means even though your e-mail is sent via servers from google.com, the originating client could still be Outlook or Thunderbird and not GMail itself.
Maybe we can help you if you better if you could tell us why exactly your client wants to know the programs the users use to read their mail? Probably to tune the appearance of newsletters?
I know this is a really old topic, but the most reliable way to detect webmail client for gmail, hotmail, outlook.com and office365 is to use a tracking pixel. What you will want to do is geo-locate the IP address and you'll find gmail all comes from mountain-view and microsoft based products from redmond.
I haven't validated this with non-US users, but I'd imagine the caching services they use will all be in the same place.
Cheers
We provide a web service that can email invoices and statements from our servers to our users customers.
Our users have asked us that all emails sent from the web-service are also stored in the Sent Folder of the person using the web service.
We know the users email, and we could insist they provide us with IMAP access credentials.
What options do we have for saving emails sent by a user from our server in the Sent Mail folder of that user?
(hope that makes sense. It was pretty hard to explain)
Since this is internal, you might be able to get an easy way out. BCC the person that is 'sending' the email, then they can setup a rule that moves any emails sent from your web service outbound email (or however you can flag them) to move that email to whatever folder they want.
This keeps credentials out of the process and may help to keep your SMTP servers a little more stable as well for sending out these emails (not constantly having to deal with mistyped names/passwords).
If it is an internal employee (s), then why not
- add them as the addressee of the mails (to, cc or bcc)
- add a filter that when such an email comes (from this service, to you, cc you or bcc you, as the case is) send it to the 'sent' folder?
My application server needs to notify users about some events via email. Usually there will be between 10-100 users to whom the notifications should be sent, but there may be a few cases where there may be a bit more (I don't think it will ever be more than 1000).
What is the best practice in such cases? Should I send a single email per user or one email with all users as recipients or group users and send one email for each group (for example 1 email for 10 users)? If it makes any difference I may add that I am using System.Net.Mail to send emails.
Thanks in advance for your suggestions
Lukasz Glaz
You should send one e-mail per user.
The alternatives either involve putting e-mails in BCC (which will increase your chances of having your mails flagged as spam), or revealing your user A's e-mail address to user B, where user A and user B are in the same "group".
You need to check with your smtp server manager - to avoid being blocked.
if you own the smtp server, than this is not a problem.
I think the best way is to send them in bulks of 50 recipients per message (it will be a little faster than one by one).
I wouldn't definetly put all recipients into a To: field. Even from one place. It's just not a good practice to show other's addresses. And it generates a problem when someone hits "Reply All" and suddenly mails all others with his crap :)
If you own the smtp server, and your application server -> smtp server connection isn't slow, I would just send every mail individually, with each single recipient in To: field. It just looks much less spam'ish then getting a mail with empty (or some bogus) To: field and being in BCC only.
Other advantage is the person recieving your mail will know what email address is used. I got plenty of them, use different ones in different places, and it helps to be able to see which one I used on which site (sometimes I need to use this address for password reset / login, and I forgot, and if all mails had me in BCC, I'm screwed). This is from your user's perspective.