We're testing email based registration validation on a project. We started by using mailinator but a few times this has failed apparently because screen-scraping an ever-evolving AJAX UI is not particularly stable.
I decided to hack something up using my trusty old linux toolset.
Make a user account, maildump.
Get sendmail running.
Turn on FEATURE(`virtusertable`) in sendmail.mc
Set up an apach2 virtual host to ~maildump/web/
#!/bin/bash FN=$(mktemp) cat > $FN TARGET=$(cat $FN | formail -z -x "To: " | sed 's/[^0-9a-zA-Z\@\.\-]/X/g' ) chmod a+r $FN mv $FN /home/maildump/web/$TARGET.html exit 0
Now I wonder what security holes this has.