Login for more options
CFMAIL Keep sessions alive
Problem Description: when using CFMAIL and specifying an smtp server, username and password, the spool manager does not consider the username/password when the keep mail connection check box is checked in administrator.
Steps to Reproduce: Setup 2 cfmail based on a query with 1000+ records. set both cfmail tags to the same SMTP server, but use a different username/password for each... example tag 1: smtp.gmail.com username: email@example.com password:, tag2: smtp.gmail.com username: firstname.lastname@example.org password:
Actual Result: You will find that when "keep connection alive" is checked, it is entirely possible for emails from user2 to be sent through user1's account.
Expected Result: User1's emails sent only through user1's account and user2's emails be send through their account.
Any Workarounds: in my DNS, I created a cname to point to my smtp server addresses so that both websites were looking at different domain names rather than the same one. the unique domain name is enough to force coldfusion to create a new connection rather than use the same one.
My Hardware and Environment details:
|Platform(s)||Win 2008 Server x64|
|Found In Build||9.0.1|
|Fixed In Build||CF11 Update5,CF10 Update16|
4:23:31 PM GMT+00:00 Aug 21, 2013
Presumably this issue has been around a long time, but probably only being noticed now as more people send mail through gmail
7:31:29 AM GMT+00:00 Aug 21, 2013
This bug impacts security. It inhibits Confidentiality, Integrity and Accountability when it comes to that security. It also could inhibit secure communications where content is encrypted based on one email address, but then sent out by another.