Jump to content
  • Advertisement
Sign in to follow this  
wicked357

Slight PHP fsockopen issue...

This topic is 2533 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Fairly small PHP script that is supposed to connect like telnet will in command prompt. It hangs up at $fp = fsockopen(....) it won't connect to the host. If I get on telnet in command prompt I can connect just fine. Anyone have any idea why this is happening?

Share this post


Link to post
Share on other sites
Advertisement
From my understanding there is nothing wrong with the code at all, it is just my host I am running this script from GoDaddy doesn't allow fsockopen to be called from what I read. If there is a workaround that would be nice, but I am currently done with this crap. If I run it locally I have to have a workaround either way since I am running Windows. Frankly this was a stupid test that was supposed to test programming not how well I can set up and environment and come up with shotty workarounds to make it work like it should have normally.

Share this post


Link to post
Share on other sites
The reason hosts forbid opening arbitrary sockets is to prevent people abusing it for criminal intent.

Like email spam. Or SMTP DoS attacks.

And again, there are laws in effect, such as CAN-SPAM Act or EU privacy laws which you should really read before doing this.

Frankly this was a stupid test that was supposed to test programming[/quote]
You mean someone asked you to write this as a test? For a job?

Doing something that could classify as a felony?

---

As for why it doesn't work. Since this method was used for email validation by spammers, it was blocked long ago on many fronts.
SMTP server might only allow connections from same subnet.
SMTP server might require authentication and proof of being ISP client or subscriber.
If allowing connection, it may return "true" for all users, regardless of whether it exists, making returned information useless.
Your ISP might be actively blocking SMTP traffic except to their own server.
Hosts typically block all sockets, but almost always the ones most prone to abuse. They may provide their own service for sending email.
Telnet is known to be insecure and may be blocked.

Despite that, there is still a lot of poorly configured hosts which might be susceptible to such probing.

In order to "validate" an email, you first need a user who consents to such action. Then you send a properly configured (headers, origin, etc., I don't really remember the details) email to them, informing them they consented to such mailing and giving them an option to unsubscribe.

If sending an email (in same fashion) to them at any later point, you may monitor bounce rates. All such sending must be done from a legitimate SMTP server you control and own and for whose security you are responsible. Exceed or break any behavior rules and that SMTP gets blacklisted in a second and put on permanent spam record. It has happened often to legitimate businesses, which is why such traffic is often outsourced via external services or vendor-provided facilities (AppEngine or similar).

There is never, ever any legitimate reason to open raw connections to foreign SMTP hosts.

For newsleter or sign-up purposes or other forms of business communication, all CMS stacks come with existing email confirmation/validation systems which implement above mechanisms.

Share this post


Link to post
Share on other sites
There are all kinds of red flags after a couple of days working on it, after I realized that I just wanted to figure out my problem because that is my personality... haha! Now that I figured it out why it wasn't working I could care less how the script turned out. Even if it was a legit company the fact that they are giving me a test that I could potentially either A. Get in trouble or B. Get blacklisted shows a lot character about what kind of company it is! Thanks for all the help and responses though you were confirming what I was coming to the conclusion too after reading so much on this.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!