Add and remove email aliases (forwards) from CPanel with php (specifically on bluehost)

Web Programming Add comments

In this post I will briefly describe how to add and remove email aliases/forwards using CPanel scripts in php (or any language really), specifically on bluehost web hosting.  I found other articles and scripts related to accessing CPanel, but nothing specific to bluehost.

In my searching I came across this forum post from 2008 in which a bluehost user asks if there is a way to access the information about existing email forwards from within a php script, and he is answered that there is no way to do this.  In fact, this is possible and I was able to do this on my own site earlier this week (whether or not this was possible in 2008 I can’t say, but it’s definitely possible now, although not documented anywhere at bluehost that I could find).

Information about existing email aliases are stored in a file located in “/etc/valiases/domain.com” where “domain.com” is your actual domain that you have hosted.  This information is easily found on google in regards to many different web hosts – i.e. it’s not special to bluehost.  I have the standard hosting with bluehost (nothing special) but I do have ssh terminal access.  If I log into the terminal and attempt to read the file at /etc/valiases/sg20.com it says the file does not exist.  However, I discovered that from within a php script this file is accessible, and my script was able to read and parse all existing email aliases.

At this point we could decide to write a script to simply modify the valiases file directly, or we could opt to use the existing CPanel scripts.  One site I found useful was this site: http://www.zubrag.com/scripts/cpanel-email-forwarder.php – particularly the user comments (I did not download the script from that site).

CPanel scripts are generally located in the following directory structure:

http://domain.com:2082/frontend/<theme>/mail/

CPanel uses port 2082 (possibly 2083), and your webhost probably uses a theme folder.  Some people report themes called “x”, “x2”, or “x3”.  On bluehost the theme name is simply “bluehost”.  If you want to access the CPanel scripts from php (or any other language) you will also want to include your webhost username and password.  For example:

http://username:password@domain.com:2082/frontend/bluehost/mail/

The CPanel script for adding email aliases is doaddfwd.html.  I was not able to locate any CPanel documentation specifying exactly what parameters this script takes, but the user comments at the above linked site were helpful.  My hosting uses CPanel version 11.25 at the time of this writing.  The CPanel script expects parameters:

  • email – this is simply the name of the email alias (not the domain)
  • fwdemail – the actual email (or emails) to forward the mail to
  • domain – the domain of the alias
  • fwdopt – apparently a forward “option” parameter.  This needs to be set to ‘fwd’ for a regular alias.  I’m unsure what other possible options exist.

So to put it all together, if I wanted to add an alias ‘test’ using sg20.com which forwards to ‘realemail@sg20.com’ I would do:

http://username:password@sg20.com:2082/frontend/bluehost/mail/doaddfwd.html?email=test&fwdemail=realemail@sg20.com&domain=sg20.com&fwdopt=fwd

That’s it.  CPanel will do the alias creation for you.  As for possible error conditions, I really can’t say.  As I said before, I could not find any documentation for this CPanel script.

For deleting email aliases you can use the script dodelfwd.html.  For this script the parameters need to be:

  • email – this must be your current alias address combined with the real email address using an ‘=’ – e.g. ’email=aliasemail=realemail’
  • emaildest – this is the real email address (for a second time)

Odd parameters, I know, but this is what it needs.  So to put it all together, if I wanted to delete the above alias that I previously created, I would do:

http://username:password@sg20.com:2082/frontend/bluehost/mail/dodelfwd.html?email=test@sg20.com=realemail@sg20.com&emaildest=realemail@sg20.com

Again, possible error conditions are unknown.

Using these CPanel scripts we can write our own interface for adding and removing email aliases.  CPanel also provides scripts to add and remove email accounts, which you can hopefully find information about if you are interested.  If you create your own script to conveniently manage email aliases without needing to go through your host’s CPanel interface, be sure to add your own password/validation field or password protect the directory or something.  We wouldn’t want anyone on the internet to be able to view and modify our email aliases, right?  =)

I have not posted the full script that I created to manage my email aliases, as the above information should be enough for you to write your own.  But if there is interest I will consider posting the bulk of my php script.

12 Responses to “Add and remove email aliases (forwards) from CPanel with php (specifically on bluehost)”

  1. Jim Says:

    Phil,
    Found this page after my script doing much the same as you describe here stopped working on my hostmonster site. Turns out changes to CPanel security has removed the html authentication option and hitting these CPanel scripts no longer works.

    But here’s my quick shout out to everyone and specifically the Morons writing CPanel. This is completely symptomatic of the very reason the USA passed Obamacare: the decline in American schools in the last 100 years is turning out people who “feel” more than think, by teachers and professors who are, since 1920, at the bottom of the intellectual ladder (hard data here folks!)

    How’s that all fit together? Standard BS, the Head doesn’t know what the Ass is doing. Now please keep in mind, I don’t have time to write a tomb on this issue here so I’m trying to be extremely brief so if I’m not saying something just perfectly correct in the lingo, wiggle it into place first, as this IS the practical side of what has happened. And, any glaring faults are all mine, I’m all ears. But in general it goes like this:

    CPanel removes HTML authentication and we can’t use it’s already built scripts, like the ones you describe here for managing your aliases. The concern is supposed to be security, yet, when run from a script behind my host’s firewalls, how does that really matter, I’m already behind the secure fence? Moreover, and while I’ve been writing software professionally for almost 20 years now, I’ll admit, on all this web stuff, I’m flying by the seat of my pants, but fundamental principals are fundamental (except when you consider the 1st part of my remark, anyway…) within my script I AM ABLE to fully read and, I expect, write (haven’t gotten there yet) to the valiases file. In fact, currently my script does NOT rely on CPanel to list the aliases, I went right to parsing the valiases file directly.

    SO, CPanel tacks up what they think is a security hole, nevermind that url authentication is not secure and one would be silly to use such a url publicly, but they ignore that inside a script I’m already behind the security doors, AND being inside, I can read the mail system files directly already anyway. In fact, it’s just plain ignorant for a shell over a hosting configuration, dealing with multiple subsystems, to even try to break beyond its mission parameters, (giving people a way to REMOTELY, using the web, conveniently and securely configure their web hosting) and begin asserting itself on top of other systems. What does CPanel have to do with the mail subsytem? And being that I can manipulate the valiases file directly, all the idiots at CPanel have done is piss me off, by removing the convenience of using their already built scripts for managing my forwarders! So let’s nail up our pretty wood paneling over what looks to be a hole, that is really our chiminey and needs to remain open, all the while ignoring the mouse hole on the other side of the house.

    This is why, pretty functions, regex strings and Yahoo.utils are all one thing, but the ability to reason must underpin it all if we’re ever to get out of this spaghetti mess anything remotely resembling intelligence!

    Somebody tell the CPanel folks they need to have their foreheads smacked! Send them to me, this no BS Texan will gladly handle it!

    /j

  2. cpanel hosting Says:

    The most reliable control panel to use is cPanel.There is no doubt that it is a really easy and good choice, for both advanced and not so advance people.

  3. Aaqib Says:

    HI,
    very good post. i used the same script but adding email forwarder code is working fine but when i tried to delete forwarder it shows error message in respons “Access denied”. should i set the permissions for it??

    Any help will be highly appriciated.

    Thanks.

  4. phil Says:

    I’ve confirmed today that my scripts still work for adding and deleting email aliases (bluehost is still using cPanel version 11.25).

    Aaqib, make sure you have your username and password correct. Are you using bluehost or some other hosting service? I would expect that if adding a forward works, then deleting a forward should also work. Double-check the url you are trying to use to delete the alias.

  5. rEnr3n Says:

    Hi there.

    Can you post your script for deleting email forwarders? The script to add, available at zubrag, works fine for me. I added a few parameters to the “delete script” as you stated. It says that it has been deleted but it still exists on cPanel. Thank you.

  6. phil Says:

    My actual line of code that performs the delete is:

    $file = fopen (“http://$username:$password@sg20.com:2082/frontend/bluehost/mail/dodelfwd.html?email=$email[0]=$email[1]&emaildest=$email[1]”, “r”);

    Remember the real email address will end up being listed twice ($email[1] in the above code).

    It still works for me, but as I said in the post I couldn’t find any documentation about these scripts so I really don’t know what parameters or errors are available.

    You should try dumping the output from the delete call and see if that gives you any clue (if you haven’t already).

  7. rEnr3n Says:

    Thank you for your reply. There doesn’t seem to be a problem with my script. There might be some difference in the host.

    How can I dump the output? I don’t have root access to the host.

  8. phil Says:

    Sorry for the slow reply. What I meant was you could try printing the output of the fopen call to see what it says on your system. Something like:

    while (!feof ($file))
    {
        $line = fgets ($file, 1024);
        echo $line."<br>";
    }
    fclose($file);
  9. rEnr3n Says:

    Hi again. I would like to ask if the script (add) is still working for you. It gave me an error recently. The only change I made to cPanel is index manager and hotlink protection. I’ve reverted the changes back and I have no idea what is causing the error. Do you have any ideas about this?

    [04-Sep-2010 07:04:36] PHP Warning: file_get_contents(http://…@boru.x10hosting.com:2082/frontend/x3/mail/fwds.html) [function.file-get-contents]: failed to open stream: Connection timed out in /home/ren/public_html/email/add.php on line 77
    [04-Sep-2010 07:05:37] PHP Warning: fopen(http://…@boru.x10hosting.com:2082/frontend/x3/mail/doaddfwd.html?email=asd&domain=domain.com&fwdopt=fwd&fwdemail=e@mail.com) [function.fopen]: failed to open stream: Connection timed out in /home/ren/public_html/email/add.php on line 87

    Below is the source of add.php:

    line 77:
    preg_match_all(‘/\?email=’ . $euser. ‘@’ . $edomain . ‘=([^”]*)/’, file_get_contents(“http://$cpuser:$cppass@$cpdomain:2082/frontend/$cpskin/mail/fwds.html”), $forwarders);

    line 87:
    $f = fopen
    (“http://$cpuser:$cppass@$cpdomain:2082/frontend/$cpskin/mail/doaddfwd.html?email=$euser&domain=$edomain&fwdopt=fwd&fwdemail=$eforward”,
    “r”);

  10. phil Says:

    Hm… “failed to open stream” means it could not access that url. Double check that you have the correct username and password. If you try connecting to the url in your browser (without your username/password) does it do anything? Like try going to http://boru.x10hosting.com:2082/frontend/x3/mail/doaddfwd.html (and it does look like this works). You could also try using port 2083 which is sometimes the correct port.

    I don’t really have any other ideas. The error is saying that your php script could not access that url for some reason. I wonder if your host is blocking it or something. Although when I try that url directly it does work and brings up the login screen which is what I would expect since I didn’t include a username and password. So double check that you have the correct username and password in the url.

    My add and delete code is still working on Bluehost as of today. I use the same fopen call to the doaddfwd.html page. I can’t see any errors in your fopen call from line 87. Really puzzling…

  11. phil Says:

    As I think more about it, if that doesn’t work I would suggest writing a simple php script to try opening a simple file with fopen or file_get_contents and see if it works (make sure the file is accessible from your website). If it does not work in that situation then you may need to contact your host and ask why you are not able to use those php functions.

    HTH,
    phil

  12. Teddi B Says:

    Hi,

    This page was really helpful. I did want to add something I found about the fwdopt option. It’s used in the advanced options to do something extra with the email. I’m using it to forward my emails to a script, which then uses them to post a new blog to my db. The values for that are:

    fwdopt=pipe
    pipefwd=relativepathtoscript.php

    -Teddi B

Leave a Reply

© Phillip Hansen | Original theme by N.Design Studio
Entries RSS Comments RSS Log in