Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Re: Triggering a script via email...continued

by Dragonfly (Priest)
on Apr 19, 2002 at 21:47 UTC ( #160686=note: print w/replies, xml ) Need Help??

in reply to Triggering a script via email...continued

You might want to be careful with this approach; perhaps you could consider validating the emails you received against a list of known "authorized" IP addresses. The danger is that since email is of course sent in plain text, the message could conceivably be sniffed anywhere en route from the sender to the server, including
  • the sender's network,
  • the router on the sender's network
  • the ISP or any machines the message travels through on the public internet
  • the router on the receiving end
  • the receiving subnet.

Now I'm probably just being paranoid, but one would think that if soemone with malicious intentions sniffed that particular piece of mail, they might realize what it was, and mount a very effective denial of service attack by mailbombing the address. That is, unless you use some form of IP header validation. Also, make sure you keep the email address private. You wouldn't want a random piece of spam to suddenly trigger something important and/or dangerous. ;-)

If you get this working, post some code. It's a cool idea and one that has occurred to me before (although I haven't yet tried it out.)

  • Comment on Re: Triggering a script via email...continued

Replies are listed 'Best First'.
Re: Re: Triggering a script via email...continued
by rob_au (Abbot) on Apr 20, 2002 at 01:02 UTC
    I cannot agree more fully with DragonFly's comments above - While not a complete solution, one of the earlier nodes that I posted on this site implemented IP-restricted mail delivery for just this type of scenario.

    This node can be found here.


      Thanks for giving me the link again! I was stumped as to who had showed me that node or what the title had been, so I couldn't relocate. Teach me to bookmark, eh?
      Thank you,
      Think a race on a horse on a ball with a fish! TG

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://160686]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (2)
As of 2022-01-17 02:21 GMT
Find Nodes?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:

    Results (50 votes). Check out past polls.