Update an email id using PHP

Question

Is there a way in PHP to update an email id in a mail server if we have the access details of the mail server. The requirement is as follows. I am developing a community website which need a provision to upload photos to their photo gallery by sending an email. We planned to create email id for each user so that they could send emails with photo attachments to that id. A cron job will search for emails inside those id's and if it finds a mail with attachment, uploads the file to the server and subject of the email will be considered as the photo caption.

But it has a security loophole such that anyone who knows the email id can send an email and add photo to others account. We are planning to have a security code in their id which can be modified by user if required.

eg. name.XXXX@domain.com where XXXX is a four digit secret code. THe user can change that code whenever required. i.e. the email id can be name.1234@domain.com or name.3452@domain.com according to the user's wish to maintain privacy. So is there a way to edit the email id using PHP functions.

Answer 1

Creating email accounts and/or aliases would certainly be possible with PHP, but it would depend so much on your server setup.

Another route to consider would be to not have any real email boxes, but to instead have all email delivered to a catch-all account and have your cron script search through that one mailbox and compare all recipient addresses against a database, then you don't have to worry about actually creating real email users on the server.

Additionally, in terms of improving security, you could have each user authenticate which sender email addresses are allowed to send emails with photo attachments. It's still not bullet-proof, because sender addresses can be spoofed, but it's an extra step in the right direction.