On 10 April 1999, tomcat(_at_)visi(_dot_)com <tomcat(_at_)visi(_dot_)com> wrote:
I maintain a website that has an email contact page that uses a
CGI script to fire off email to a particular email account. The
email contact page is a form so the CGI can write the names of html
textboxes and their values and the name of the checkbox array and all
checkbox values that are checked into the body of the email. I use
procmail to check the body of the incoming email to see who it should
be forwarded to.
Here is what the body of an email looks like:
[...]
The email header info, which I show you here, is nearly useless to
me, since I (the html page and CGI) am the sender every time: I only
note the "From" to forward a copy of every email to one person who
coordiantes responses.
*************
To: myaccount(_at_)purple(_dot_)com
From: purple
Subject: purple:
Submitted by: unknown(_at_)12-20(_dot_)dynamic(_dot_)purple(_dot_)com
(http_referer=http://www.purple.com/~myaccount/contactus/contact.html)
*************
[...]
A problem with this scheme is that if someone cancels their email
account, or if they never check it, the person who sends in the email
won't get any response.
[...]
Not really what you asked for, but did you consider generating the
message with all information relevant to filtering in the headers? That
is, set
From: cr(_at_)aol(_dot_)com (Chad Robbins)
Subject: Summer sign-up
...
in the CGI when you _send_ the message instead of recording the
information in the body and trying to recover it later. This should be
trivial with most CGI libraries out there. The only (somewhat) delicate
point here is validating the address you write in the "From:" --- if you
fail to do that you open a security hole. Some CGI packages will do
that for you too.
Regards,
Liviu Daia
--
Dr. Liviu Daia e-mail: Liviu(_dot_)Daia(_at_)imar(_dot_)ro
Institute of Mathematics web page: http://www.imar.ro/~daia
of the Romanian Academy PGP key: http://www.imar.ro/~daia/daia.asc