Support Menu
Starting Points
Announcements
Beginners Guide
Common Questions
How Do I?
Banners
Using Your Account
Using FTP
Collecting Email
Email Admin
Domains
SSH
Recomended Software
Account Features
Vhosts
MySQL
ODBC
SSL
VFTP
Technologies
Server-side E-mail
CGI
Perl
PHP
Servlets & JSP
Frontpage
Positive Internet Technical Support Positive HomePrint This PageContact UsNext Page
 
Email From Scripts1 of 3
Sending e-mail from scripts/programs

Although you cannot relay e-mail through our servers from your normal mail client you can of course send e-mail out from our servers using a variety of methods including Perl CGI, PHP, Java servlets, Python, C and so on.

When configuring your server-side software you should normally send e-mail through the sendmail program located on all servers at:-

/usr/lib/sendmail

Some technologies such as PHP are preconfigured to do this when using their standard mailing functions.



SPAM Abuse protection

We recently added fairly strict anti-SPAM measures to all our shared servers. This was necessary in order that we could properly manage out going e-mail, to be certain who's code was sending e-mail, and to avoid excessive bounces and/or loops. The changes also close up an exploit in use widely with formmail.cgi

The rules that any script or code sending out e-mail from a shared server are as follows:-

1) e-mail addresses in BOTH the To: and the From: headers must contain valid e-mail domains, ie. with valid DNS MX Records.

2) One of EITHER the To: OR the From: e-mail addresses must be using a domain name known to the shared server. This in most cases will be the domain name you use with your web site.

In some cases point 2) may be a problem if your domain e-mail is not handled by us but by a third party and we have no known domain on our server. In this case we can add a particular domain to be allowed, please ask.

Point 2) may also require that some scripts which need to send e-mail from an unknown user to an unknown user (something which effectively provides an Open mail relay and is fairly bad practise anyway, but is often used with e-postcard type scripts) to be altered so that the From: header contains your own domain related e-mail address but the Reply-To: header contains the address you wish replies to go to.

Please note that prior to us making these changes an unqualified address (ie, one with no @ sign or domain name) would have been automatically qualified with the full server name (@proton.positive-internet.com for example). These addresses will no longer work, all e-mail addresses in the From: and the To: header must be fully qualified (ie. have an @ sign and a domain)

We appreciate that this is by no means a perfect solution and could still potentially allow 3rd party abuse to continue, however it does reduce the likelyhood of abuse and also ensures that we can identify and correct any source of outgoing e-mail from PHP or CGI scripts. An alternative to this would have meant a complete audit of all PHP and CGI code on our servers and then enforced control and vetting of all scripts prior to their use in the future. We felt the methods we have chose provide the maximum flexibility and at the same time protect all shared users from the serious issue of total e-mail blacklisting affecting all outgoing and incoming e-mail.

If you would like us to examine any particular form or script to advise on where changes could be made or why you are now getting a particular error we will be happy to do so. Please provide us with the full URL and path to both the form and the code in question.



CONTINUES... 
 

 

Phone: +44 (0)20 8579 5551   Email: support@positive-internet.com

Positive Internet Company Ltd 2004