#!/usr/bin/perl # this is the email thingy coded for the cute tenchi boy # so he doesn't have to put a lame mailto: link on his page # and get spammed all the time # coded by, and copyright 1999 by Nick Johnson # all rights reserved # form fields should be: # FROM # SUBJECT # MESSAGE # ACTION use CGI; use Socket; ########################### # user configurable options: # # your outgoing mail server (usually mail.yourdomain) $mailer = "mail.morons.org"; # # where to find the nslookup utility, typically /usr/sbin/nslookup $nslookup = "/usr/sbin/nslookup"; # # where to find the mailform HTML file $form = "/web/spatula.net/feedback/mailform.html"; # # who to send the messages to (your address) $mailto = "feedback\@spatula.net"; # # your mail domain, eg "foo.com" or "gronk.net" $mydomain = "spatula.net"; ########################## # end of options CGI::ReadParse(*data); sub header { print "Content-type: text/html\n\n"; print "\n"; } sub footer { print "\n"; } sub error { my ($message) = @_; header(); open(IN, $form); while() { if (/^//; print; } footer(); exit; } if (!$data{FROM} || !$data{MESSAGE} || !$data{SUBJECT}) { error("You did not fill out the form completely. Please try harder.
"); } # try to validate the fields as much as possible $from = $data{FROM}; $subject = $data{SUBJECT}; $message = wrap($data{MESSAGE},75); if ($from =~ /^([\w\.\-]+)@(([0-9a-z][\w\-]*\.)+([a-z]+))$/i) { $username = $1; $domain = $2; } else { error("The FROM address you specified is not even remotely valid.
"); } $domain =~ s/[^a-z0-9\-\.]//g; # make doubly sure no metacharacters sneak in $username =~ s/[^w\.\-]//g; $from =~ s/[^\@\w\-\.]//g; $mydomregex = $mydomain; $mydomregex =~ s/(\W)/\\$1/g; if ($domain =~ /$mydomregex/i) { $message = ''; $message .= 'Linux pansy bedwetter! ' if $ENV{HTTP_USER_AGENT} =~ /linux/i; $message .= 'Oh hello; Like I believe you have an account on my box!'; error($message); } if (!getmx($domain) && !gethostbyname($domain)) { error("Your email address is not valid.
"); } $hishost = ''; # prefer higher priority mailers, and keep trying until one works foreach (sort {$a<=>$b} keys %mailers) { foreach $hostname (@{ $mailers{$_}}) { $ret = validate($hostname, $from); next if $ret == -1; if ($ret==1) { $hishost = $hostname; } last; } last if $hishost; } # if no mail exchangers work, try the hostname directly if (!$hishost) { if (validate($domain, $from)==1) { $hishost = $domain; } } if (!$hishost) { error("Unable to verify your email address.
"); } if (length($from) > 80) { error("Do you really expect me to believe that's a valid email address?
"); } if (length($message) > 8192) { error("Blah blah blah, I'm not gonna read something that long.
"); } if (length($subject) > length($message)) { error("Your subject is longer than your whole message. That doesn't make much sense, now does it?
"); } # ok, everything looks good, let's send an email $poster = $ENV{REMOTE_HOST} || $ENV{REMOTE_ADDR}; # here's where we actually send the message error("Mailer connect error") if !mailconnect($mailer); error("Mailer connect error") if !sendexpect("","220",60); error("Mailer HELO error") if !sendexpect("HELO $mydomain\r\n",'250',2); error("Mailer MAIL error") if !sendexpect("MAIL from: <$mailto>\r\n",'250',2); error("Mailer RCPT error") if !sendexpect("RCPT To: <$mailto>\r\n",'250',2); error("Mailer DATA error $data") if !sendexpect("DATA\r\n","354",2); error("Mailer MSG error $data") if !sendexpect("From: Web Page Comment <$mailto> Reply-to: <$from> To: You <$mailto> Subject: $subject Web form was filled out by $poster. From : $from (allegedly) Subject: $subject Message: $message .\n",'250',2); error("Mailer QUIT error") if !sendexpect("QUIT\r\n",'221',2); close MAILER; if ($data{RETURN}) { print "Location: $data{RETURN}\n\n"; } else { header(); print "Thanks\n"; print "

Thank You

\n"; print "

Your message has been sent\n"; print "\n"; footer(); }