Re^4: smtp authentication in perl script for contact form

Replies are listed 'Best First'.
Re^5: smtp authentication in perl script for contact form by Corion (Patriarch) on Dec 01, 2015 at 13:11 UTC
Hmm - it doesn't seem as if the NMS form mailer supports authentication. Looking at Mail::Sender, it doesn't seem too hard to add at least PLAIN and LOGIN authentication to the script, but I have too many projects on my plate already to also start working on the nms-cgi scripts. The relevant code in Mail::Sender is: sub Mail::Sender::Auth::LOGIN { my $self = shift(); my $s = $self->{'socket'}; $_ = send_cmd $s, 'AUTH LOGIN'; if (!/^[123]/) { return $self->Error(INVALIDAUTH('LOGIN', $_)); } if ($self->{auth_encoded}) { # I assume the username and password had been base64 encoded a +lready! $_ = send_cmd $s, $self->{'authid'}; if (!/^[123]/) { return $self->Error(LOGINERROR($_)); } $_ = send_cmd $s, $self->{'authpwd'}; if (!/^[123]/) { return $self->Error(LOGINERROR($_)); } } else { $_ = send_cmd $s, &encode_base64($self->{'authid'}, ''); if (!/^[123]/) { return $self->Error(LOGINERROR($_)); } $_ = send_cmd $s, &encode_base64($self->{'authpwd'}, ''); if (!/^[123]/) { return $self->Error(LOGINERROR($_)); } } return; } sub Mail::Sender::Auth::PLAIN { my $self = shift(); my $s = $self->{'socket'}; $_ = send_cmd $s, "AUTH PLAIN"; if (!/^[123]/) { return $self->Error(INVALIDAUTH('PLAIN', $_)); } $_ = send_cmd $s, encode_base64("\000" . $self->{'authid'} . "\000 +" . $self->{'authpwd'}, ''); if (!/^[123]/) { return $self->Error(LOGINERROR($_)); } return; } [download] ... so to make FormMail.pl always authenticate, you could try to rewrite the sub `newmail` in FormMail.pl as follows: sub newmail { my ($self, $scriptname, $sender, @recipients) = @_; $self->{Sock} = IO::Socket::INET->new($self->{Mailhost}); defined $self->{Sock} or die "connect to [$self->{Mailhost}]: $!"; my $banner = $self->_smtp_response; $banner =~ /^2/ or die "bad SMTP banner [$banner] from [$self->{Mail +host}]"; my $helohost = ($ENV{SERVER_NAME} =~ /^([\w\-\.]+)$/ ? $1 : '.'); $self->_smtp_command("HELO $helohost"); $self->_smtp_command("MAIL FROM:<$sender>"); # AUTH PLAIN support use MIME::Base64; # Crash immediately if the module is unavailable if( defined $auth_user and defined $auth_password ) { $self->_smtp_command("AUTH PLAIN"); $self->_smtp_command( encode_base64("\000" . $auth_user . "\000" . + $auth_password, '')); }; foreach my $r (@recipients) { $self->_smtp_command("RCPT TO:<$r>"); } $self->_smtp_command("DATA", '3'); $self->output_trace_headers($scriptname); } [download] Note that the above code is completely untested. You will need to add `$auth_user` and `$auth_password` near the top of the script to the `use vars qw(...)` block and also set their values in the "USER CONFIGURATION SECTION".</c>	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re^5: smtp authentication in perl script for contact form
by Corion (Patriarch) on Dec 01, 2015 at 13:11 UTC

Hmm - it doesn't seem as if the NMS form mailer supports authentication.

Looking at Mail::Sender, it doesn't seem too hard to add at least PLAIN and LOGIN authentication to the script, but I have too many projects on my plate already to also start working on the nms-cgi scripts.

The relevant code in Mail::Sender is:

sub Mail::Sender::Auth::LOGIN {
    my $self = shift();
    my $s = $self->{'socket'};

    $_ = send_cmd $s, 'AUTH LOGIN';
    if (!/^[123]/) { return $self->Error(INVALIDAUTH('LOGIN', $_)); }

    if ($self->{auth_encoded}) {
        # I assume the username and password had been base64 encoded a
+lready!
        $_ = send_cmd $s, $self->{'authid'};
        if (!/^[123]/) { return $self->Error(LOGINERROR($_)); }

        $_ = send_cmd $s, $self->{'authpwd'};
        if (!/^[123]/) { return $self->Error(LOGINERROR($_)); }
    } else {
        $_ = send_cmd $s, &encode_base64($self->{'authid'}, '');
        if (!/^[123]/) { return $self->Error(LOGINERROR($_)); }

        $_ = send_cmd $s, &encode_base64($self->{'authpwd'}, '');
        if (!/^[123]/) { return $self->Error(LOGINERROR($_)); }
    }
    return;
}

sub Mail::Sender::Auth::PLAIN {
    my $self = shift();
    my $s = $self->{'socket'};

    $_ = send_cmd $s, "AUTH PLAIN";
    if (!/^[123]/) { return $self->Error(INVALIDAUTH('PLAIN', $_)); }

    $_ = send_cmd $s, encode_base64("\000" . $self->{'authid'} . "\000
+" . $self->{'authpwd'}, '');
    if (!/^[123]/) { return $self->Error(LOGINERROR($_)); }
    return;
}
[download]

... so to make FormMail.pl always authenticate, you could try to rewrite the sub newmail in FormMail.pl as follows:

sub newmail {
  my ($self, $scriptname, $sender, @recipients) = @_;

  $self->{Sock} = IO::Socket::INET->new($self->{Mailhost});
  defined $self->{Sock} or die "connect to [$self->{Mailhost}]: $!";

  my $banner = $self->_smtp_response;
  $banner =~ /^2/ or die "bad SMTP banner [$banner] from [$self->{Mail
+host}]";

  my $helohost = ($ENV{SERVER_NAME} =~ /^([\w\-\.]+)$/ ? $1 : '.');
  $self->_smtp_command("HELO $helohost");
  $self->_smtp_command("MAIL FROM:<$sender>");

  # AUTH PLAIN support
  use MIME::Base64; # Crash immediately if the module is unavailable
  if( defined $auth_user and defined $auth_password ) {
    $self->_smtp_command("AUTH PLAIN");
    $self->_smtp_command( encode_base64("\000" . $auth_user . "\000" .
+ $auth_password, ''));
  };

  foreach my $r (@recipients) {
    $self->_smtp_command("RCPT TO:<$r>");
  }
  $self->_smtp_command("DATA", '3');

  $self->output_trace_headers($scriptname);
}
[download]

Note that the above code is completely untested. You will need to add $auth_user and $auth_password near the top of the script to the use vars qw(...) block and also set their values in the "USER CONFIGURATION SECTION".</c>

[reply]
[d/l]
[select]