hello-email

Email on Glitch!

It uses the sendmail package to send emails without a STMP server, like PHP’s mail() function, but in Node.js!

I setup a little demo of it (like hello-express) and it automatically changes to your Glitch project’s name on remix!

When using the public demo, you will get a email from noreply@hello-email.glitch.me, so make sure to whitelist it!

Remix this project and then you have your own private email sender! Happy coding!
( ᵔ ᴥ ᵔ )

Project URL: hello-email.glitch.me

wow nice!
if only they didnt get ignored by gmail

It’s because of something called DKIM. DKIM tells the receiving email server is fully authorized. I can’t do DKIM as well, I don’t have control over the glitch.me DNS records.

I’m confused by the name do you make email accounts or just emails

Oh cool, it works!

Just send emails.

oof i guess i was dumb for thinking you made a website that makes email accounts

You are not dumb. I just didn’t clarify.

Imma stop talking now

XSS lol

I recommend using a custom domain with a SPF record or something of the sort so you are not spam.

Someone can use this for bad purposes like emailing from a domain that they don’t own like my domain, nicsena.tk by using this project and they can pretend to be me or someone else at a domain too.

2160×1620

2160×1620

Gmail didn’t reject the email. Oof.

2160×1620

You’re right, someone could put support@glitch.com as their sender email and pretend they’re Glitch Support, how can this be fixed?

You’re both right, but that’s not the fault of aboutDavid’s project, it’s just a design feature of email generally. You can make an email appear to come from any address in the world, and it’s always been pretty easy to do so (with or without this project).

The burden is on email clients like Gmail, Outlook etc. to tell you whether or not an email is legitimate, and that’s why standards like DKIM exist. Emails that fail DKIM will usually go straight to junk/spam.

tl;dr - Not aboutDavid’s fault, it’s email’s fault. It’s always been this way. But it’s ok

IIRC ff the glitch.com domain has spf and dkim records in their DNS settings it should pretty much be impossible for anyone to spoof the email address.

EDIT Not impossible, more like the receiving end would verify that the email was actually sent by glitch.com and not some random place. A decent email provider will reject a mail that fails the dkim signature.

Yes, you’re right. But this could still happen to other business emails made by small organizations, new coders, and others. Like, i could be sending out random emails pretending to be big youtubers like Pewdiepie or DanTDM.

Now this was just an example, like, imagine people falling for this. I do not think this should happen - like, aboutDavid needs to put some kind of security measures to prevent this.

Absolutely! I just thought it would be a good idea to point out it is possible to project oneselves against email spoofing

I wish there was some sort of signature check for how SMS and MMS work, phone number spoofing and phone label spoofing is way too simple! The SMS and MMS protocols could use an update XD

This is pretty much a test if your domain is all set up with the right DNS records.

I have a question: how do you add an attachement to the email