An HTML form has been filled out and now it's time to send the data via email. The server hosting the HTML is not running any server side scripting language like PHP, ASP, CGI etc. The owners don't want the email coming from outside of their walls, so no SMTP.js.
A fellow at work provided the SMPT server and port 25 and says to use Websockets, or to use Flash. I'm under the impression that port 25 is blocked by browsers, and they will need some kind of server side support to send an email. Alternatively, to use a mailto link to utilize their computer's email client.
Maybe I'm not up on current technologies. Are websocket the way to go? Don't they need a websocket server running to answer those calls?
Is there another solution to sending email from Javascript directly to an SMTP server?
Thanks to some highlighting, looks like I had SMTP.js confused with smtpjs, which just uses someone else's server to send mail. SMTPJS needs node.js, which they aren't running. Darn.
You are right about websockets. Its not a "tcp socket" you can use for smtp communication.
And if you could, you would have to make sure the clients can reach your smtp server. Many isp blocks port 25 to other servers then their own to reduce spam from their network. Forget about flash. Its dead and will give you the same problem with blocket smtp port.
I would solve this by using a web server with support for server side code. If you cannot move your webpage to that server, you can use cross site scripting to communicate with a server with support for server side code.
Related
I want to make a server using python, and the auto discover it using a web aplication.
I know i can make a python->python discovery using How to make a server discoverable to LAN clients from this thread. But i can't find a way to make the javascript discover that server.
It would be great if I could use the same connection, or at least the same port to make a socket server where i can send commands back and forth.
Any ideas?
Consider a web server (HTTP) that fetches some data from somewhere and displays it as convenient HTML to its users.
Also consider that the fetching process involves confidential data like usernames/passwords of its users. One example is our HTTP server contacting SMTP servers of popular email services such as gmail, yahoo, etc.
It would be smart to use TLS, as we don't want confidential data being exposed to men-in-the-middle.
So, the current model is:
[end user] <-TLS-> [our HTTP server] <-TLS-> [other SMTP server]
The problem here is that our HTTP server has cleartext access to the confidential data from its end users.
What would be really nice is for the end user's browser to initiate a connection to the other SMTP server directly.
The two problems are:
the browser only understands HTTP at the networking level
XMLHttpRequest normally does not allow cross-domain requests
One idea that I came up with is for the end user's browser to act like it's going to create a TLS connection to the other SMTP server, but instead of inttiating a connection to the other SMTP server, to simply send Byte-for-Byte all the data that it would send to our HTTP server instead (perhaps through WebSockets), and the HTTP server will just "proxy" the TLS encrypted data to and from the other SMTP server.
I already would know what to do on the server side, but I want to know the best practice for implementing this on the client side.
Also, does this not seem like it would be a relatively popular feature in the realm of security? The example I gave was for SMTP but it equally applies for any other protocol that can use TLS. I feel like there would be standard JavaScript methods or such.
I am developping a mobile HTML/CSS/JS app with a contact form.
For now I use a "mailto" to send the message, but it is not efficient because the user is sent to his email app before sending.
How can I send the message directly from the app ?
thanks
Write an application that runs on the server of you website.
If you don't want any server side code then you either need to use any third party Javascript application. (API)
or you can try this also :
Email
1) For third party API you can try this also (Never tried it but looks good enough)
www.mycontactform.com
2) Mail Chimp (as Robert suggested)
You will not be able to do this purely from javascript. You will need a server side component to connect to an SMTP server in order to be able to send your email.
Even if you were able to somehow develop an SMTP client for javascript, the security risks involved would much outweigh the advantages. All your users will need to do to send email as you, is to go through your javascript code and get your SMTP credentials.
You can't do it by client side language. Use server side language like php to do that.
<?php
mail(to,subject,message,headers,parameters);
?>
Copied from w3school
I am currently building a web application, that has fully separated a "frontend" server with Lighttpd only serving the index.html and javascript etc.
Backbone.js etc. keep my frontend in connection with my webservice "backend" written in Node.js
The backend is completely stateless, doing authentication each request through http basic and runs SSL (https).
How do I make sure that only the connections happening on my "backend" server are comming from the Lighttpd "frontend" server and not some random hacker?
Thanks for help.
If you know the front-end server is going to be on a specific IP address or range or IP addresses, you might want to restrict traffic on the back-end server to only be from that address.
You may use ssl between the 2 servers and use a certificate to ensure identification. That's really secure if you protect your certificate well.
Is there any widget, or similar, that i could use to send an email for me?
Something like i pass a post in some pre-defined way, this server would get it, parse it and send it to some email for me?
More of a curiosity than a valid question itself...
There's the classic formmail, a CGI script from the days of yore, which now seems to have a commercial, hosted version. Most web hosts have formmail or some variation of it installed; check the documentation for your host.
Hardly in a public way, as it would most certainly be misused by spammers within a day or two.
You can set something like it up easily using a scripting language like PHP on an own server.
Yes; it's called a server-side script.
You can do it in a couple of lines of ASP.Net. (See the SmtpClient class)
It's also called an open relay; you'll need some way to prevent it from being used by spammers.
You need server-side scripting for this, using a language such as Perl, PHP, Ruby, Python, any .Net language, or Java.
Typically what happens is that your web page will send a POST message to your web server with the recipients, body, and perhaps attachments of the email as POST parameters.
The server side script will parse the POST parameters and run a SMTP or IMAP session with your mail server to send the mail, and the script will pack the parameters from the POST message into that session with the mail server. This is the same kind of SMTP session that your mail client (e.g. Outlook, Thunderbird, Evolution,...) uses to talk to your mail server (e.g. Exchange, gmail, sympatico.ca,...).
The server side script will then render a web page saying whether or not the mail succeeded.
You need to figure out what your web host offers as a server side scripting language. All of the major server-side languages have libraries that allow you to both parse parameters from POST messages and to run a session with your email server. I have personally used libraries from Perl and Ruby on Rails for both parsing and talking to mail servers, and they were straight-forward to use.