cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: SMTP: CURLOPT_MAIL_FROM vs CURLOPT_USERNAME

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 11 Jun 2014 10:10:15 +0200 (CEST)

On Wed, 11 Jun 2014, Chandran, Naveen wrote:

>> But nobody except you know that it is in fact invalid, and you know that
>> due to some out of band information. The server cannot know it is invalid.
>
> True. But my point is at least after libcurl tried sending the email (using
> the invalid email address), the server at the other end (on receiving it)
> should have rejected it, since it is not from a valid email id.

Perhaps it does, perhaps it doesn't. That depends on what the servers do with
the FROM address. If the server returns an error due to this, libcurl would
detect that and return an error. As you can probably see in the verbose output
when you send this email, the receiving server has no objection to this. And
really, many servers don't care very much about the FROM address.

libcurl cannot tell if the address is OK and if the server accepts it, there's
not a lot we can do I think!

>> How do you mean in sync? There's nothing that says they need to be even
>> remotely similar or use any similar patterns or names. How would libcurl be
>> able to check or enforce something like that?
>
> Pardon me. But my point here is that, since CURLOPT_MAIL_FROM takes the
> sender's email id, should it not be a valid email id AND also correspond to
> the same email address whose username and password are being passed to the
> options: CURLOPT_USERNAME and CURLOPT_PASSWORD respectively?

Not at all. The user name and password are used to "login" to the server. That
user name is completely independent from the FROM address and sure in some
cases they may be similar but in many other cases they are totally different.
It depends on the server setup.

> Since otherwise, regardless of whatever invalid value is passed to
> CURLOPT_MAIL_FROM, libcurl would still proceed to send the mail, only as
> long as the CURLOPT_USERNAME and CURLOPT_PASSWORD have the correct/valid
> values (which is what is happening currently).

That is correct. As long as the server happily accepts the CURLOPT_MAIL_FROM
input of course.

This is just the way SMTP works.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2014-06-11