Slight PHP fsockopen issue...
Author
Fairly small PHP script that is supposed to connect like telnet will in command prompt. It hangs up at $fp = fsockopen(....) it won't connect to the host. If I get on telnet in command prompt I can connect just fine. Anyone have any idea why this is happening?
Author
From my understanding there is nothing wrong with the code at all, it is just my host I am running this script from GoDaddy doesn't allow fsockopen to be called from what I read. If there is a workaround that would be nice, but I am currently done with this crap. If I run it locally I have to have a workaround either way since I am running Windows. Frankly this was a stupid test that was supposed to test programming not how well I can set up and environment and come up with shotty workarounds to make it work like it should have normally.
The reason hosts forbid opening arbitrary sockets is to prevent people abusing it for criminal intent.
Like email spam. Or SMTP DoS attacks.
And again, there are laws in effect, such as CAN-SPAM Act or EU privacy laws which you should really read before doing this.
Like email spam. Or SMTP DoS attacks.
And again, there are laws in effect, such as CAN-SPAM Act or EU privacy laws which you should really read before doing this.
Frankly this was a stupid test that was supposed to test programming[/quote]
You mean someone asked you to write this as a test? For a job?
Doing something that could classify as a felony?
---
As for why it doesn't work. Since this method was used for email validation by spammers, it was blocked long ago on many fronts.
SMTP server might only allow connections from same subnet.
SMTP server might require authentication and proof of being ISP client or subscriber.
If allowing connection, it may return "true" for all users, regardless of whether it exists, making returned information useless.
Your ISP might be actively blocking SMTP traffic except to their own server.
Hosts typically block all sockets, but almost always the ones most prone to abuse. They may provide their own service for sending email.
Telnet is known to be insecure and may be blocked.
Despite that, there is still a lot of poorly configured hosts which might be susceptible to such probing.
In order to "validate" an email, you first need a user who consents to such action. Then you send a properly configured (headers, origin, etc., I don't really remember the details) email to them, informing them they consented to such mailing and giving them an option to unsubscribe.
If sending an email (in same fashion) to them at any later point, you may monitor bounce rates. All such sending must be done from a legitimate SMTP server you control and own and for whose security you are responsible. Exceed or break any behavior rules and that SMTP gets blacklisted in a second and put on permanent spam record. It has happened often to legitimate businesses, which is why such traffic is often outsourced via external services or vendor-provided facilities (AppEngine or similar).
There is never, ever any legitimate reason to open raw connections to foreign SMTP hosts.
For newsleter or sign-up purposes or other forms of business communication, all CMS stacks come with existing email confirmation/validation systems which implement above mechanisms.
Author
There are all kinds of red flags after a couple of days working on it, after I realized that I just wanted to figure out my problem because that is my personality... haha! Now that I figured it out why it wasn't working I could care less how the script turned out. Even if it was a legit company the fact that they are giving me a test that I could potentially either A. Get in trouble or B. Get blacklisted shows a lot character about what kind of company it is! Thanks for all the help and responses though you were confirming what I was coming to the conclusion too after reading so much on this.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
