The WWW Mail Gateway Info

About the WWW Mail Gateway

This little package is a totally self-contained perl script, which can be had right here. If you want to have a mail gateway in your HTML, but can't run the script for yourself, just make a link that points here, and give it standard GET method variables. An example of this is at the bottom of my home page. If you can't run your own copy of the script, you can use ours. What makes The WWW Mail Gateway better than mailto: URLs is the fact that you can give it default values for nearly every field.

GET method variables

Here are the variables you can pass using the GET method that have special meaning to the gateway. When you use the GET method, you get the default mail form from the script.

to
Specifies the default mail address of the user to send mail to. If restricted mail addresses are enabled, then this field specifies the address that shows up default in the selection list.
cc
Specifies the carbon copy mail address. Does not work when restricted mail addresses are enabled.
from
This value normally comes from the CGI variables REMOTE_IDENT and REMOTE_HOST to form a guess at the mail address, or if the remote user is running Netscape, then REMOTE_USER is used instead. If from is passed manually, then these methods are overridden.
sub
Gives the default subject for the mail. No strings attached here.
body
Specifies the default body text. This is very useful for feedback forms or surveys. You can't include too much here because of the GET method limit on the number of characters passed. I don't happen to know what this is off the top of my head.
nexturl
This tells the browser what URL to retrieve after mail is sent. If this is undefined, the user gets a short "mail sent" confirmation message. If you want to be friendly, you should define this.
All other cgi variables, whether hidden or part of a fill-out form will be logged after the body portion. This means questionairres via mail can be easily implemented.

How to use the variables

These variables can be supplied in the GET request when linking to the mailto script. If you simply want your mail address to be given in the mail form, make your HTML look something like this:

<A HREF="/cgi-bin/mailto.pl?to=your@mail.address">
The URL in the HREF tag should be changed to the full URL of the script. If you're using the one on this site, use http://www-bprc.mps.ohio-state.edu/cgi-bin/mailto.pl.

If you want your default subject to be "Wow! Spiffy!" then give the sub variable separated by an ampersand (each variable/value pair should be separated by one ampersand):

<A HREF="/cgi-bin/mailto.pl?to=your@mail.address&sub=Wow!++Spiffy!">
Notice that all spaces were replaced with plus signs -- spaces are not allowed in URLs. Also note that plusses must then be specified in hex with %2B. Other HTML-reserved characters must also be specified in the same way.

One special use of CGI variables here would be to include multiple questions to form a kind of questionare to be filled out via email. It's sometimes convenient to not cram all the body text into one big chunk of text, or maybe different fields are necessary if you're making your own FORM interface to the gateway. In this case, you can specify parts of the body text in different 'body' variables using GET or POST. When more than one 'body' variable is encountered, they are effectively concatenated to form one large body text.

New in version 2.0, you don't have to rely on the body concatentaion feature to get your fill-out forms done easily. Every CGI variable in your mail form that does not have a special meaning to the WWW Mail Gateway will be logged at the bottom of the mail in variable/value pairs that look like this:

variable -> value
You could also compose a mail form that contains only a fill out form to be logged, but one of the CGI variables must be named "body" to fool the gateway into thinking it has been filled out properly. Creative users will take this opportunity to use the "body" variable as a hidden variable in their forms to make the output a little more readable or include useful information. Always be sure to include the to and from variables correctly filled out in some form or another as well. Also be sure to point the ACTION tag of your form to the right script URL using the POST method.

Using your own copy

If you wish to run your own copy of The WWW Mail Gateway (very preferable), you must be running a UNIX type system with sendmail properly configured and installed. First download the perl source code. There should be relatively few changes to be made in the beginning of the source:

How to restrict mail addresses

As of version 1.3, you can restrict the mail addresses of sent mail to a certain few, and you can even hide the addresses from the user and give only real names or aliases. You can only do this if you are running your own copy of the script. If you want to see what this looks like, you can see an example here Here's what you need to do to get it to work:

  1. Decide if you want to put the names and addresses in the source or in an external file.
  2. If you want the real mail addresses exposed, uncomment the line that defines the value of $expose_address to 1.
Now when you access the URL, a selection list will be presented to the user with a list of valid mail address. Only those mail addresses are allowed to be used with this copy of the script -- any attempts to change them will be rejected.

Format of the mail addresses file

If you are using restricted mail addresses read from an external file, as defined the the variable $mailto_addrs, you have to set up the file in this way:

  1. In the defined file, each line should contain the name, any amount of white space, then the mail address. There must be no white space after the mail address -- a newline must follow! An example is here.
  2. Make sure the file is readable by the user that your http daemon runs as. World readable should always work.


New in version 2.2

New in version 2.0

I finally got off my butt and fixed this thing up to compete the the current demands. It took about 20 pieces of mail and new from various netters to get me to realized some of what they really want:

New in version 1.4

There's a couple new features (thanks to Gabriel White) and a couple of fixes in 1.4:

New in version 1.3

There are mainly enhancements to the enhancements in version 1.2.

I hope everyone finds these enhancements useful. Thanks to Mathias Koerber <Mathias.Koerber@swi.com.sg> for the ideas in versions 1.2 and 1.3.

New in version 1.2

The ability to place limits on where mail can be sent to has been added to the script. Modifications are easy:

  1. Download the source code here.
  2. Uncomment the lines that define the list @addrs, and change the elements to whatever addresses are allowed.
  3. Change the ACTION tag in the FORM declaration for the POST method to the URL of your copy of mailto.pl. Just string search for ACTION and do what comes natually.
You can see an example of this here. The choices listed are most of my effective e-mail address (which all get forwarded to doug+@osu.edu anyway). If the CGI variable "to" is given in URL (for GET method), then that address will be selected if it exists in the list.

Also available now is a .forward file and mail filter that handles returned mail from the WWW Mail Gateway. Put the .forward file in the home directory of the user who runs the http daemon (do NOT put it in an active user's directory!!), change the pathname where mailto.handler.pl exists and is executable, and all mail returned mail will get shipped off the the real sender. My server runs under the user "www" whose home directory is "/usr/local/WWW" as is evident from the source code. If your server runs as "nobody" and you don't want to change that, then you can make a home directory for "nobody" and enable mail to that user. If your server runs under your name, then all returned mail will get sent to your account unless you figure out how to redirect only WWW Gateway mail to the handler script. If the real sender's mail address is bad, then the mail goes to the bit bucket.


Please report misuse!

If you find that someone is misusing this service, please report this to me and/or the appropriate persons. This is intended to be useful for everyone, not harmful. To help locate offenders, the custom header X-Real-Host-From: is included in all outgoing mail which contains the real hostname or IP address of the person using the service.


Doug Stevenson: doug+@osu.edu