I'm using SMTPClient for sending emails to a SMTP server. But with Send method I can specify any false sender name or email. How can I prevent this?
It's the job of your mail server to decide on what it accepts as a sender email address - that's just a matter of policy.
There is no 'true' email address for a mail client, so nothing that can be enforced at the client.
I think that should be the SMTP server's role to decide whether a sender name is valid or not. In fact, introducing it in your code is a violation of the DRY rule since you'd be replicating the SMTP configuration.
As you can see in http://msdn.microsoft.com/en-us/library/swas0fwc%28v=VS.90%29.aspx, you should only be prepared to catch SmtpExceptions and properly display them to your software's user.
You can't do anything about it in the SmtpClient.
You can do something about it in your application. Send a verification email that the user must click on to validate it's email.
You can do something about it in your smtp server. Check the MX record or the defined SPF policies against the sender domain/ip address.
SMTP is a mail transfert protocol (as the name implies). It's not in charge of authenticating the sender. To authenticate the sender, your need to use certificates, which SMTP supports, but again, just as a mean of transfert. The program itself needs to have the logic to authenticate the sender with the certificate.
You can also use authentication, but in that case it'll be the SMTP server that will match the username/password with an email address.
Related
I have a web app that sends emails via smtp on behalf of the user to their customers. I am able to put the user's email in the reply-to of the email and this works for normal email use for the users. In the case the recipient has an auto-responder or the email entered was incorrect email, the auto replies go to the sender not the reply-to. The sender inbox is unmonitored.
The sender email service is using and Office365 account.
What are my options to get the auto replies and returned emails to the reply-to email?
This may be because the autoresponders don't regard their messages as replies, but rather as messages from the email system itself.
Your mail has three or four addresses related to the sender, which generally show up at the recipient as Return-Path, Sender, From and Reply-To. Return-Path is who should get error messages and other messages from the email system itself, Sender and From are the address that should be displayed as having sent the mail and Reply-To is the address to which the addressee's replies should be directed. (Sender and From are only very rarely different these days, but historically Sender might be e.g. a particular member of a team while From is the team's shared address.)
Many autoresponders respond to the address that shows up as Return-Path in the final message (it's also called the envelope from address), so your options are:
use the user's address as envelope from
set up a forwarding scheme so that autoresponses are suitably forwarded
The first is very tricky wrt. DKIM, DMARC etc, so you'll probably find the second one simpler, even though it requires you to filter spam and perhaps more.
Overview:
Our use case involves using the SendGrid Inbound Parse to accept, record and process emails. We also need those emails to be forwarded to our ticketing system (i.e. Zoho Desk).
We would really like to be able to forward the unedited email to Zoho Desk, preserving the original From, To, etc.
Problem(s):
When we try to forward the email using SendGrid's SMTP server, and using the MimeKit.MimeMessage.ResentTo("emailchannel#account.zohodesk.com") option, SendGrid is rejecting the forward request because of "Sender Authentication". The error we're getting from SendGrid is:
The from address does not match a verified Sender Identity. Mail cannot be sent until this error is resolved. Visit https://sendgrid.com/docs/for-developers/sending-email/sender-identity/ to see the Sender Identity requirements.
Below is the code we're using:
SmtpClient cli = new SmtpClient();
cli.Connect(_config["SendGrid:Server"], int.Parse(_config["SendGrid:Port"]), true);
cli.Authenticate(_config["SendGrid:Username"],_config["SendGrid:ApiKey"]);
message.ResentSender = null;
message.ResentFrom.Clear();
message.ResentReplyTo.Clear();
message.ResentTo.Clear();
message.ResentCc.Clear();
message.ResentBcc.Clear();
message.ResentFrom.Add(MailboxAddress.Parse(_config["SendGrid:From"]));
message.ResentReplyTo.AddRange(message.ResentFrom);
message.ResentTo.AddRange(from o in matches
select MailboxAddress.Parse((string)o.ticket_addr));
message.ResentMessageId = MimeUtils.GenerateMessageId();
message.ResentDate = DateTimeOffset.Now;
cli.Send(message);
Question(s):
Is there a way with SendGrid we can forward the inbound email to Zoho Desk while preserving the From fields?
I would imagine SendGrid isn't the only company requiring Sender Authentication, as such, how else can we forward unedited emails to a ticketing platform?
Twilio SendGrid developer evangelist here.
SendGrid does require you to verify, via Single Sender Verification or Domain Authentication, email addresses from which you wish to send emails. So you cannot use SendGrid to automatically forward keeping the from email intact.
I have a couple of ideas about workarounds here though.
You could forward from your verified email address and add the original from email address in a reply-to field. I haven't worked with Zoho Desk, but perhaps you could configure it to respect that field instead of from.
Zoho has a guide on how to set up forwarding from various inboxes. Could you host your email with one of those providers and forward incoming emails onto Zoho and to your SendGrid email address for this processing?
Is there any mechanism in which you can prevent a user from replying to an email message? Here's the use case:
An automated system (C#.net) sends emails to a user. The action of the task
is included in the email message (e.g. RSVP link for "yes" or "no")
Instead of using the buttons/actions in the email, the user replies
to the email.
The email originally sent specifically says that the mailbox in use
is unmonitored. (in bright red box!!!)
The user doesn't actually read the email, and gets pissed off when nobody replies or his RSVP is "lost"
Clearly a user issue. I'm thinking the best recourse might be an automated reply saying the mailbox is unmonitored if a user replies to the e-mail.
Any SMTP conditions/flag which can prevent a user from replying in the first place?
I don't believe there is any setting that you can include in the original email that would stop someone from replying to an email.
If the recipient really wants to reply, they can literally copy-paste the sender's email address into a new email and reply to it that way.
Just wanted to point out that the following hack is not elegant and would result in a bad customer experience. This is the only way I could think of achieving this.
One hack that comes to my mind is that you can try to set MailMessage.ReplyToList property to an invalid email address like - abc#g#g.com. In theory, this will force the customer's email client to reply to the invalid email address instead of the original sender. We can hope that the customer's email client validates that before sending the reply.
I have not tried this myself as I don't have an SMTP server to validate. But if the SMTP server does not validate the ReplyToList value then it should work.
Again this is a super sketchy hack and might not work with all the email clients out there.
You are better off setting up an auto-reply on the mailbox.
I coded a website contact form with mail send and after dozens of research cannot find an answer hoping stackoverflow users can help.
The aspx.cs file signs into the specified gmail configuration to send the email HOWEVER is there a way to set the SENDER as what the user inputs in the email textbox, so instead of recieving the email from myself so when clicking "Reply" on the mailbox its not replying to myself? If that makes sense?
So the sender is not me but the sender is what the user inputs in the mail box and I receive the email FROM the input value rather than myself
From comments:
This is the solution:
set mail.From = new MailAddress(address, display name)
in Gmail, go to Mail Settings >> Accounts and Import.
Add the email account you will use as sender in "Send Mail As". (tick
as Alias)
This is the only way gmail will let you specify the from address.
Setting the From Address requires special configuration/confirmation in Gmail for each From Address (see here), or is otherwise prohibited.
You could create a generic gmail address such as no-reply-yourapp#gmail.com. Then use the ReplyToList property to set the default Reply To email address that the user will use for their reply, to the user input email address, as well as an appropriate Display Name for the sender.
So in theory, for flexibilty use different mail service such as web host provided or outlook etc and set the mail.FROM to the value from the textbox and it will be sent from the address the user has typed? Gmail being extra secure causes confusion. Got it. Thanks guys
I am using System.Net.Mail/ SmtpClient to send verification Email in MVC4. The primary email address format check is performed by a REGEX. I am successful in sending messages using Gmail SMTP server.
However I would like to know if the email address that I am sending message to Exists and that my email is received as the user will not be approved without verification link. I tried non existent email address and no warning/exception was generated.
Can anyone point out any method to generate exception if the sending fails due to non-existence of the email address. Or can you suggest what status codes to look out for?