GwilliamP Posted April 27, 2011 Share Posted April 27, 2011 I have 2 domains running osC 2.2 RC2a. Recently I started receiving order updates and contact form emails that contained full headers (see example below). I contacted my hosting company as I have not recently changed anything. They responded by asking where the sending script is. I am sure that this must have been asked before but after searching the forum and the mess that is the osC code I still can not find where osC compiles and sends the message to the mail server. Could someone please either post an explanation as to how the system works or a link to an explanation as I need to locate the file(s) and supply the information to my hosting company. Current message example To: "Me" [email="[email protected]"]<[email protected]>[/email] MIME-Version: 1.0 X-Mailer: osCommerce Mailer Content-Type: multipart/alternative; boundary="=_6e57158b27b38e0f2d3d32b6de6ca951" --=_6e57158b27b38e0f2d3d32b6de6ca951 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message sender: Me ([email="[email protected]"]paul@[/email][email="[email protected]"]mydomain[/email][email="[email protected]"].com[/email])test --=_6e57158b27b38e0f2d3d32b6de6ca951 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Message sender: Me ([email="[email protected]"]paul@[/email][email="[email protected]"]mydomain[/email][email="[email protected]"].com[/email])<br><br>test --=_6e57158b27b38e0f2d3d32b6de6ca951-- Previous message example Message sender: Fred Blogs ([email protected]) Dear Sir/Madam, Some enquiry. Many thanks Fred Blogs Thanks, Paul. Link to comment Share on other sites More sharing options...
Hotclutch Posted April 27, 2011 Share Posted April 27, 2011 It sounds as if you have been hacked (I am not sure) if you say you or your customers are receiving mails that you as the store owner don't know about. You might want to read this recent thread. http://www.oscommerce.com/forums/topic/374162-hacking-of-customer-table/ Apply the security fixes recommended there if you have not done so already. Link to comment Share on other sites More sharing options...
Xpajun Posted April 27, 2011 Share Posted April 27, 2011 You haven't inadvertently turned full headers on in your email reader by any chance? My store is currently running Phoenix 1.0.3.0 I'm currently working on 1.0.7.2 and hope to get it live before 1.0.8.0 arrives (maybe 🙄 ) I used to have a list of add-ons here but I've found that with the ones that supporters of Phoenix get any other add-ons are not really neccessary Link to comment Share on other sites More sharing options...
GwilliamP Posted April 27, 2011 Author Share Posted April 27, 2011 @Xpajun - I wish it was that simple. @Hotclutch - I don't remember saying anything about spurious messages. The format is all that has changed. Thank you both for taking the time to respond. Link to comment Share on other sites More sharing options...
knifeman Posted April 27, 2011 Share Posted April 27, 2011 I had to utilize this fix for free e-mail recipients. Send mail problem to free servers, like AOL, Yahoo!, Google Mail, etc. Here's a_few_steps_long solution how to solve the problem (probably will not work with PHP in SAFE mode). In files includes/classes/email.php and admin/includes/classes/email.php Find the following lines: if (EMAIL_TRANSPORT == 'smtp') { return mail($to_addr, $subject, $this->output, 'From: ' . $from . $this->lf . 'To: ' . $to . $this->lf . implode($this->lf, $this->headers) . $this->lf . implode($this->lf, $xtra_headers)); } else { return mail($to, $subject, $this->output, 'From: '.$from.$this->lf.implode($this->lf, $this->headers).$this->lf.implode($this->lf, $xtra_headers)); } And add the 5-th parameter to mail function "-f".STORE_OWNER_EMAIL_ADDRESS so that you should have in result: if (EMAIL_TRANSPORT == 'smtp') { return mail($to_addr, $subject, $this->output, 'From: ' . $from . $this->lf . 'To: ' . $to . $this->lf . implode($this->lf, $this->headers) . $this->lf . implode($this->lf, $xtra_headers),"-f".STORE_OWNER_EMAIL_ADDRESS); } else { return mail($to, $subject, $this->output, 'From: '.$from.$this->lf.implode($this->lf, $this->headers).$this->lf.implode($this->lf, $xtra_headers),"-f".STORE_OWNER_EMAIL_ADDRESS); } Could this be the code/file that you need to find? Tim Link to comment Share on other sites More sharing options...
GwilliamP Posted April 27, 2011 Author Share Posted April 27, 2011 Thanks Tim The honest answer is, I haven't a frigging clue. About line 470 is a send the mail section so it could be. I will reply to the hosting company with those 2 files and see what they think. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.