<div dir="ltr">We're noticing that when someone here uploads files into Zendto but mistypes the recipient's email address they're not learning of their mistake: they're not seeing the Non-Delivery Report.<div><br></div><div>Digging around in the mail queues shows the upload notification tried to go to the invalid address, fails, and then is trying to go back to a username based on the local username that Zendto is running under. This isn't a valid mailbox, so the Non Delivery Report gets stuck in our queues until it times out a few days later. The would-be sender never sees it.</div><div><br></div><div>I see in the the file lib/NSSDropbox.php that the deliverEmail() function includes this:</div><div><br></div><div><div><font face="monospace, monospace" size="1"> return mail(</font></div><div><font face="monospace, monospace" size="1"> $toAddr,</font></div><div><font face="monospace, monospace" size="1"> $subject,</font></div><div><font face="monospace, monospace" size="1"> $content,</font></div><div><font face="monospace, monospace" size="1"> $headers // JKF Commented out for now due to security concerns ,</font></div><div><font face="monospace, monospace" size="1"> // JKF Commented out for now due to security concerns</font></div><div><font face="monospace, monospace" size="1"> // '-f "'.$fromAddr.'"'</font></div><div><font face="monospace, monospace" size="1"> );</font></div><div><br></div><div>I assume it's to avoid forged sender addresses and/or problems with SPF.</div><div><br></div><div>Would it be possible (whilst avoiding such security and email authentication issues!) to instead:</div><div><ul><li>If the person doing the upload is logged in to Zendto (and so it has got a confirmed sender email address) <u style="font-weight:bold">and</u> that email address matches one of your internal domains <u style="font-weight:bold">then</u> set the RFC5321.MailFrom to the confirmed sender address)<br><br></li><li>Otherwise do as now and not set the sender address.</li></ul><div>Actually even this latter isn't ideal, as the local user account Zendto is running under is quite likely not to be a valid email address. Instead maybe a setting in the preferences should be used to specify this?</div></div><div><br></div><div>(My apologies: I can just about read PHP but don't know it sufficiently to try writing anything like this myself!)</div><div><br></div><div>Cheers,</div><div>Mike B-)</div><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><font color="#666666">Systems Administrator & Change Manager</font></div><div><font color="#666666">IT Services, University of York, Heslington, York YO10 5DD, UK</font></div><div><font color="#666666">Tel: +44-(0)1904-323811</font></div><div><font color="#666666"><br></font></div><div><font color="#666666">Web:<span style="white-space:pre"> </span><a href="http://www.york.ac.uk/it-services" target="_blank">www.york.ac.uk/it-services</a></font></div><div><font color="#666666">Disclaimer:<span style="white-space:pre"> </span><a href="http://www.york.ac.uk/docs/disclaimer/email.htm" target="_blank">www.york.ac.uk/docs/disclaimer/email.htm</a></font></div></div></div>
</div></div>