问题
public class SendMail {
private class SMTPAuthenticator extends javax.mail.Authenticator
{
@Override
public PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("userID", "pwd");
}
}
public void sendMail() throws Exception {
String strFromIds = "xyz@gmail.com";
String strToIds = "xyz@domain.com";
String strSubject = "Sample Mail Subject.";
String strContent = "Sample Mail Content";
Properties objProperties = System.getProperties();
objProperties.put("mail.smtp.host", "<smtp host name>");
objProperties.put("mail.smtp.port", "25");
objProperties.put("mail.transport.protocol", "smtp");
objProperties.put("mail.smtp.submitter", "<user id>");
objProperties.put("mail.smtp.auth", true);
objProperties.put("mail.debug", "true");
Session objSMTPSession = Session.getDefaultInstance(objProperties, new
SMTPAuthenticator());
Message objMessage = new MimeMessage(objSMTPSession);
objMessage.setFrom(new InternetAddress(strFromIds));
InternetAddress[] objToAddress = new InternetAddress[1];
objToAddress[0] = new InternetAddress(strToIds);
objMessage.setRecipients(Message.RecipientType.TO, objToAddress);
objMessage.setSubject(strSubject);
Multipart objMultiPart = new MimeMultipart();
MimeBodyPart objBodyPart = new MimeBodyPart();
objBodyPart.setText(strContent);
objMultiPart.addBodyPart(objBodyPart);
objMessage.setContent(objMultiPart);
Date objSentDate = new Date();
objMessage.setSentDate(objSentDate);
Transport.send(objMessage);
objMessage = null;
}
public static void main(String[] args) {
try {
new SendMail().sendMail();
} catch (Exception ex) {
System.out.println("Exception in main :: " + ex);
}
}
}
By using the above code,i am able to send a mail to gmail user with the from address of GMail mail id(eg:xyz@gmail.com), without giving authentication details of gmail id,
here i gave my smtp ( company mail server ) server host name, and userid and pwd of my company mail server( which is given as smtp host)...
With these, i am sending mail as GMail user,,
But why GMAIL is accepting this type of mails.
回答1:
You've discovered why there is spam. :-)
You're sending the message through your company's mail server. Your company's mail server doesn't appear to be checking whether the From address you use is valid for your mail server, so it's letting you use your Gmail address instead of your company address. No, it doesn't check with Gmail to find out if it's ok.
回答2:
Gmail cannot sending mail without any authentication.
You can't Authenticate with wrong credentials. In another words if you have password (and gmail requires one) you can't log in without sending your password so you won't be able to send anything.
In general, you can, sure. In your concrete example code you are using GMail which does not allow anonymous sending.
From their references:
smtp.gmail.com (use authentication) Use Authentication: Yes Port for TLS/STARTTLS: 587 Port for SSL: 465
An additional comment regarding your catch clause:
In my opinion you are heavily misusing the exception idea. A better aproach would be something like:
catch(Exception x)
{
var s = x.Message;
if ( x.InnerException!=null )
{
s += Environment.NewLine + x.InnerException.Message;
}
MessageBox.Show(s);
}
来源:https://stackoverflow.com/questions/14559348/why-gmail-is-accepting-to-send-mail-without-authentication