|
Quote:
Also could you tell me how to enable cron or whateverscript to pull the emails from my server into this program. |
The cron is automatically enabled, it's ported with the product xml :)
Set your settings up in the forum manager, and then try running the cron from the scheduled tasks manually to be certain your connection type is correct. If it is, it'll say Done!, if it isn't you'll get one of the errors listed in the first post of FAQs :) Is that link coming up bad for a newthread, or a new reply? Or is it coming up bad for both for you? |
I am gettting this error
Quote:
|
did you comment out the thread prefix line in the cron job? assuming you aren't using the mod
|
Quote:
|
What about filtering out spam emails?
mail2forum has a method of using regex to setup rules that the inbound emails are checked against. my phpbb forum keeps out alot of extra spam that way. Is there something in this mod that does handle it as well? |
Spam emails would have to come from one of your users or be configured to match the email address of one of the users.
I've never used or messed with regex, so I'd have to do some reading on that to see how it works. |
Actually... wait, if I understand the description of regex correctly, I'm doing that already...
it's using preg_match and preg_replace, which I do. Exactly what does m2f do to match a user to an email? (don't have time to dig through all their code and decode it all to figure it out :) ) |
I am not sure I understand how the mod works, however the more I think about it; I am a little concerned about security.
Could someone just fake my email address and post as me? |
Not any way that I know how. At least not without having access to your outgoing mailserver and password.
Even for example, yahoo, when I set it up to look like I'm sending email from cyricx(at)mmogcommunities(dot)com when someone reads my emails, it'll show as coming from that address, and reply to will be to that address. While that email address is actually a forwarder that forwards email to my yahoo account. When I send an email to the site to be processed as a post, it sees my yahoo address. It ignores all the reply to and sending as junk. Goes straight to the guts :) |
Quote:
|
Like so
Code:
// this grabs an overview of all the messages in the mailbox and creates an array we can readI think I've mentioned this a few times in this thread how it determines the user that is posting :) |
Cyricx, just wanted to give you a hearty pat on the back... your hack is looking most excellent and the support you're providing in this community is very much appreciated.
|
Quote:
|
Perhaps using this hack to create that first post would be better? :)
https://vborg.vbsupport.ru/showthrea...highlight=form Then you would be able to take your existing form, send an email to someone if you needed and also have it create the new thread in the forum in question, which you could then utilize my hack to reply to :) Hypothetically speaking of course :) O and as far as the regex filter, basically your saying that M2F lets you setup that if XXX is in the email address, it has to be moderated? |
Quote:
anyways, I was hoping for one mod, but I'll go for two. Yes it does do two kinds of regex things, one to strip out and/or replace things like the yahoo/AOL mail signature, and also block spam. |
Ah, yes what they do with their "regex" stuff I do alot of. I hadn't figured out how to get the yahoo and aol stuff out of the sig, but I'll check that out.
This mod definately blocks spam like M2F does from how you've described the features to me :) I'll check out M2Fs pregs and see if it'll help spur ideas on how I can do that in my code :) Thanks!! |
sure, thanks. I'll let you know how it compares.
It is already set to block the following: Block emails with "failure notice" in Subject Block emails with "Undelivered Mail Returned to Sender" in Subject Block emails with "Autoreply" in Subject Block emails with "Mail delivery failed: returning message to sender" in Subject Block emails with "Your email requires verification" in Subject |
O awesome.
Those are easy to code. I'll add those to the error codes for the next version I fire out :) Thanks!!!! :) |
Quote:
|
I'm really excited about releasing this to my community. They will LOVE it! So, great work!
I'm having a problem with BB Code not being formatted correctly and broken links (see attached screenshots). Is there something I'm doing wrong? I'm using MS Outlook and VB 3.8. Thanks! :) |
Quote:
I am still not understanding how the script would prevent someone with an email address on same domain and a fake header, from posting as someone else. I would think that a better approach would be to issue a unique hash to each user on the forum and when the email is sent to them this hash must be somewhere in the email so that when users reply the software will authenthicate the user. Or something along the lines. Great job by the way on the scrip, I have not been this excited about a hack in a long time!!!!! |
Quote:
I looked in depth at the form hack and the WoW hack based on form hack and they both require turning off the CAPTCHA image verification to allow guest posting Here's some screenies of what the m2f backend settings and config are like and it really keeps the system from getting spammed. https://vborg.vbsupport.ru/external/2007/08/20.jpg https://vborg.vbsupport.ru/external/2007/08/21.jpg https://vborg.vbsupport.ru/external/2007/08/22.jpg |
Quote:
|
Quote:
I estimate a release by tuesday :) Also, yes, it'll be in the options :) It'll have to be to allow for multiple languages heh :) |
I am also a little concerned about spam, if a spam boot gets hold of the email. They will start spamming it, the script will receive each email and basically return an error to each of the bogus email addresses sent by the spam software, this will cause my board to become a spamming hub as I will be replying to bogus addresses and in essence become a spammer myself. Maybe setup the software to delete any emails that are not in the db, or simply configure a forum to dump posts from unknown emails?
|
Quote:
I will do some testing on my board, but if there is a way for someone to bypass the filter and post as another user, then we are approaching this from the wrong angle. Security must prevail over functionality and ease of use. I love the idea of this mod and it is working flawlessly on my site so far!!! |
Quote:
Code:
imap_delete($mailbox,$msgno);As mentioned, the scripts next creation will handle any "returned mail" errors that you would get from an invalid email address :) I really really appreciate your input!! Your bringing up some great points! Quote:
Or forwarded messages to create new threads would also not work for that system :( I'm not opposed to a more secure system to receive posts... just wanna make sure it's feasible :) The previous "Mail Reply" system by Colin F, created a new user profile field that people could put in a password. It hashed that onto the subject line of posts sent to users that when they replied validated the reply. He then had users have to put something like -pmypassword at the end of subject lines of new threads if I recall right. That seems infeasible, and definatley not user friendly enough to compete with yahoo groups. I'm curious... will false headers from the same domain work to post to yahoo groups? has anyone tried? |
Well how about this, regular threads would get a random password attached to the subject line. New threads one must add a user password to subject line. If I have to type a whole email to make a post, I do not see why functionality would be sacrificed due to requiring that I type a password on the subject line right after my topic.
It would not be fully automated, but it would definitely beat, having a competitor spam the board with an email bomber. Can you imagine the work to clean that mess? Allot of sites are ran on shared accounts, all I would have to do is get an account on the shared server and then fake the headers and that could spell trouble for an unsuspected site. I am not trying to be difficult, competition is though as it is, just do not want to give other sites a way to mess with my forum. |
I'm mixed, I'd rather try to avoid having users that are sending threads to the forum have to do alot extra, or remember a password.
Heck, I have users now that have to reset their passwords weekly because they can't remember them :) I'd love to hear from others on if they think that this would be nessecary. Or if anyone else has any alternate ideas :) Secondly, if you have a "competitor" on a shared server spamming your board... I'd really wonder why your host isn't doing something about that, as the end result would be them crippling their servers ;) I understand your not trying to be difficult. :) I just don't find the system your suggesting to be feasible, and would like to find an alternative :) |
Can you use this with Google Apps?
|
v2.1 looking good, Cyricx.
I did find a little error: when in USERGROUP MANAGER, and "automatically add Instant Notification by Email subscriptions" is set to YES, but no FORUM IDs are selected, the *[ei_auto_sub]* link gives a nasty syntax error. |
V2.1 - This is someting I looked at doing last year and forgot it "too much time required". I want to thank you very much for doing this! I'll definitely donate some $$$ to back that up. I do have a few ideas w.r.t threading replies (using the References: SMTP header and the post ID for example), but that's for later!
Right now I have only one significant bug. HTML posts coming from Thunderbird 2.0.0.6 (latest) start with {font=Arial,Helvetica,sans-serif} (but with [] not {}) so somehow the bbCode isn't getting translated. Anyway, thanks so much again! |
PS: Don't bust your butt on anti-spam. This would best be handled by the SMTP mail server that's receiving the incoming posts destined for the forums. You'll end up re-inventing that huge wheel, and the SMTP servers out there have all sorts of fancy and complex spam traps already. To them, the forums' email addresses are just user accounts to be protected just like any other "user".
I'd much rather see you work on the threading and HTML/bbCode functionality :D:D I'm going to see if I can work out threading here, but my initial look is a bit overwhelming given that I'm not a PHP/VB expert. Wow. I just donated $50 - money well spent IMO! |
Woo Hoo! I can now send out messages from newly created threads and replies to same (created in VB), and the resulting email messages thread properly in the email client. I probably have missed some corner case, but so far so good! I produce the Message-ID: header and (for replies) the References: header with IDs of the form threadid.postid@forum.host.com. Minimal mods to Notify_Email_for_New_Posts (replies) and Thread_Notification_Email (new threads) hooks. A lot of "just in time learning"!!
I have to say, your code is so well structured and so complete. I have a high level of confidence in your mod working reliably and handling all of the cases it needs to. Good work! Now to see if I can get emailintegration.php to work with the new Message-Id/References headers to thread incoming email posts correctly. If I get this working, there'll no longer need to be all that stuff in the [] in the subject line, as the thread ID is part of the new Message-Id: header, and the parent to which to thread the incoming post will be in the References: header if it's not being threaded directly to the initial post of the thread. I'm having fun at least. |
Got it! Threading works in both directions, with the emailer's and the forum's thread trees being identical, regardless of where a message comes from. The "-t-nnnn" is now gone from the subject line (change to the ei_notify_xxx phrases).
One thing I ran into when posting HTML from T-Bird with Helvetica, Arial set as the default font, I kept getting stray [font=Helvetica, Arial, sans-serif] bbcodes in the messages posted in the forum. I found the problem, the "hail mary" cleanup for [font=xxx] needs a space in the character class of its regex. Once I put that in there, the problem disappeared. Man that message "purty"-fication code is crazy. Well you must have gone crazy getting it to work with the different emailers out there. I don't really even understand some of it :-) Tomorrow I'll do more testing and I have a few TODOs to pick up, then I'll roll it up and send it along. I need your email address, so I sent you a PM with mine so you can send me a message and I'll have it. Thanks again! |
With regard to spamming - check out Domain Keys and DKIM (forget Microsoft's competing proposal, it's dying/dead). Here's an easy to understand explanation
http://antispam.yahoo.com/domainkeys The 'key' is, as I was talking about earlier, the mail server manages this, rejecting messages when the From: address is forged. One could impose the requirement that all incoming posts to their VB forums be DKIM-authenticated. This requires that the sender's mailserver support DKIM as well as the server hosting the VB forum mailboxes. I don't see a practical way of handling forged From addresses winthin individual clients (short of signing and verifing signatures, requiring everyone to have certs, etc.). Think of DKIM as a sort of driver-client architecture, where the common problem of address authentication is solved at the common points, the mail servers. Don't burn time trying to do something in you stuff. Yahoo! uses DK in Yahoo! groups, so expect it to be widely available. |
There's an unclosed <a> tag in the ei_notify_xxx phrases for the Replies to this topic link.
Also, in case you missed it, T-bird can produce a font list with spaces after the commas, so you need to add a space to the character class in the font tag hail mary cleanup. |
Quote:
Quote:
Quote:
Quote:
|
just curious how the ahck will react to hard and soft email bounces. Will it post the error messages in the forum?
|
| All times are GMT. The time now is 04:04 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|