Subject: testing smtpmail
Message-ID: <8fad1n462667fik006052010101703@SMTP>
X-FromIP: 66.194.109.3
X-Nonspam: NoneLovely Spam! Wonderful Spam!--------------------------------------------------------------------------------
Bye.Notice how the fields we input to our script show up as headers and text in the email’s
raw text delivered to the recipient. Technically, some ISPs test to make sure that at least
the domain of the email sender’s address (the part after “@”) is a real, valid domain
name, and disallow delivery if not. As mentioned earlier, some servers also require that
SMTP senders have a direct connection to their network and may require an authen-
tication call with username and password (described near the end of the preceding
section). In the second edition of the book, I used an ISP that let me get away with more
nonsense, but this may vary per server; the rules have tightened since then to limit spam.
Manipulating both From and To
The first mail listed at the end of the preceding section was the one we sent with a
fictitious sender address; the second was the more legitimate message. Like sender
addresses, header lines are a bit arbitrary under SMTP. Our smtpmail script automati-
cally adds From and To header lines in the message’s text with the same addresses that
are passed to the SMTP interface, but only as a polite convention. Sometimes, though,
you can’t tell who a mail was sent to, either—to obscure the target audience or to
support legitimate email lists, senders may manipulate the contents of both these head-
ers in the message’s text.
For example, if we change smtpmail to not automatically generate a “To:” header line
with the same address(es) sent to the SMTP interface call:
text = ('From: %s\nDate: %s\nSubject: %s\n' % (From, Date, Subj))we can then manually type a “To:” header that differs from the address we’re really
sending to—the “To” address list passed into the smtplib send call gives the true re-
cipients, but the “To:” header line in the text of the message is what most mail clients
will display (see smtpmail-noTo.py in the examples package for the code needed to
support such anonymous behavior, and be sure to type a blank line after “To:”):
C:\...\PP4E\Internet\Email> smtpmail-noTo.py
From? [email protected]
To? [email protected]
Subj? a b c d e f g
Type message text, end with line=(ctrl + D or Z)
To: [email protected]Spam; Spam and eggs; Spam, spam, and spam.
^Z916 | Chapter 13: Client-Side Scripting