Last active
October 31, 2023 16:05
-
-
Save NTICompass/06eb0e60f004a073833d to your computer and use it in GitHub Desktop.
Bulk-remove Mandrill sending domains
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Quick and dirty script to remove spam domains from our mandrill account | |
| define('API_KEY', ''); | |
| // Their API doesn't offer a "delete" method, so I'm using their website | |
| define('USERNAME', ''); | |
| define('PASSWORD', ''); | |
| echo 'Downloading domain list...'; | |
| // Step 1, get all "sending domains" via their API | |
| $jsonKey = json_encode(['key' => API_KEY]); | |
| $api = curl_init('https://mandrillapp.com/api/1.0/senders/domains.json'); | |
| curl_setopt_array($api, [ | |
| CURLOPT_POST => TRUE, | |
| CURLOPT_RETURNTRANSFER => TRUE, | |
| CURLOPT_POSTFIELDS => $jsonKey, | |
| CURLOPT_HTTPHEADER => [ | |
| 'Content-type: application/json', | |
| 'Content-length: '.strlen($jsonKey) | |
| ] | |
| ]); | |
| if(($jsonDomains = curl_exec($api)) === FALSE){ | |
| die("cURL error\n".curl_error($api)."\n"); | |
| } | |
| echo "done.\n"; | |
| $domains = json_decode($jsonDomains, TRUE); | |
| curl_close($api); | |
| echo count($domains)." domains found\n"; | |
| // Step 2: Filter out *valid* domains! | |
| echo "\n"; | |
| $badDomains = []; | |
| foreach($domains as $domain){ | |
| if($domain['spf']['valid'] || $domain['dkim']['valid'] || $domain['valid_signing']){ | |
| echo "Keeping {$domain['domain']}\n"; | |
| } | |
| else{ | |
| $badDomains[] = $domain['domain']; | |
| } | |
| } | |
| echo "\nRemoving ".count($badDomains)." domains\n"; | |
| // Step 3: Login to MailChimp's website | |
| $siteCookies = tempnam(sys_get_temp_dir(), 'mandrill'); | |
| // To do this, we need to scrape the '__csrf_token' from the form | |
| $login = curl_init('https://login.mailchimp.com/'); | |
| curl_setopt_array($login, [ | |
| CURLOPT_HTTPGET => TRUE, | |
| CURLOPT_RETURNTRANSFER => TRUE, | |
| CURLOPT_FOLLOWLOCATION => TRUE, | |
| CURLOPT_AUTOREFERER => TRUE, | |
| CURLOPT_COOKIEFILE => $siteCookies, | |
| CURLOPT_COOKIEJAR => $siteCookies, | |
| CURLOPT_HTTPHEADER => [ | |
| 'Accept-Encoding: gzip, deflate', | |
| ] | |
| ]); | |
| if(($html = curl_exec($login)) === FALSE){ | |
| die("cURL error\n".curl_error($login)."\n"); | |
| } | |
| curl_close($login); | |
| $web = new DOMDocument; | |
| libxml_use_internal_errors(TRUE); | |
| $web->loadHTML(gzdecode($html)); | |
| $xpath = new DOMXpath($web); | |
| $csrf_el = $xpath->query("//input[@name='__csrf_token']/@value"); | |
| $csrf = count($csrf_el) > 0 ? $csrf_el->item(0)->nodeValue : ''; | |
| echo "Captured __csrf_token={$csrf}\n"; | |
| $website = curl_init('https://login.mailchimp.com/login/post'); | |
| curl_setopt_array($website, [ | |
| #CURLOPT_VERBOSE => TRUE, | |
| CURLOPT_POST => TRUE, | |
| CURLOPT_RETURNTRANSFER => TRUE, | |
| CURLOPT_POSTFIELDS => http_build_query([ | |
| 'referrer' => '/transactional/launch', | |
| 'username' => USERNAME, | |
| 'password' => PASSWORD, | |
| '__csrf_token' => $csrf, | |
| 'from' => '', | |
| 'auth_token' => '', | |
| 'auth_system' => '', | |
| ]), | |
| CURLOPT_FOLLOWLOCATION => TRUE, | |
| CURLOPT_AUTOREFERER => TRUE, | |
| CURLOPT_COOKIEFILE => $siteCookies, | |
| CURLOPT_COOKIEJAR => $siteCookies, | |
| CURLOPT_REFERER => 'https://login.mailchimp.com/', | |
| CURLOPT_HTTPHEADER => [ | |
| 'Origin: https://login.mailchimp.com', | |
| 'Accept-Encoding: gzip, deflate', | |
| ] | |
| ]); | |
| if(($x = curl_exec($website)) === FALSE){ | |
| echo "Cannot login to Mandrill\n"; | |
| die("cURL error\n".curl_error($website)."\n"); | |
| } | |
| curl_close($website); | |
| // MailChimp is doing something "fun", | |
| // it's returning a form you need to submit... after posting the login form | |
| $loginForm = new DOMDocument; | |
| $loginForm->loadHTML(gzdecode($x)); | |
| $formData = $loginForm->getElementsByTagName('form'); | |
| if (count($formData)) { | |
| $loginUrl = $formData->item(0)->getAttribute('action'); | |
| $loginFormData = []; | |
| foreach ($formData->item(0)->getElementsByTagName('input') as $field) { | |
| $loginFormData[$field->getAttribute('name')] = $field->getAttribute('value'); | |
| } | |
| $website = curl_init($loginUrl); | |
| curl_setopt_array($website, [ | |
| #CURLOPT_VERBOSE => TRUE, | |
| CURLOPT_POST => TRUE, | |
| CURLOPT_RETURNTRANSFER => TRUE, | |
| CURLOPT_POSTFIELDS => http_build_query($loginFormData), | |
| CURLOPT_FOLLOWLOCATION => TRUE, | |
| CURLOPT_AUTOREFERER => TRUE, | |
| CURLOPT_COOKIEFILE => $siteCookies, | |
| CURLOPT_COOKIEJAR => $siteCookies, | |
| CURLOPT_REFERER => 'https://login.mailchimp.com/login/post/', | |
| CURLOPT_HTTPHEADER => [ | |
| 'Origin: https://login.mailchimp.com', | |
| 'Accept-Encoding: gzip, deflate', | |
| ] | |
| ]); | |
| if(($x = curl_exec($website)) === FALSE){ | |
| echo "Cannot login to Mandrill\n"; | |
| die("cURL error\n".curl_error($website)."\n"); | |
| } | |
| curl_close($website); | |
| // After posting this login form, we redirect to Mandrill | |
| // And guess what, another form to post... | |
| $mandrillForm = new DOMDocument; | |
| $mandrillForm->loadHTML(gzdecode($x)); | |
| $formData = $mandrillForm->getElementsByTagName('form'); | |
| if (count($formData)) { | |
| $adminDomain = parse_url($loginUrl, PHP_URL_HOST); | |
| $loginFormData = []; | |
| foreach ($formData->item(0)->getElementsByTagName('input') as $field) { | |
| $loginFormData[$field->getAttribute('name')] = $field->getAttribute('value'); | |
| } | |
| $website = curl_init($formData->item(0)->getAttribute('action')); | |
| curl_setopt_array($website, [ | |
| #CURLOPT_VERBOSE => TRUE, | |
| CURLOPT_POST => TRUE, | |
| CURLOPT_RETURNTRANSFER => TRUE, | |
| CURLOPT_POSTFIELDS => http_build_query($loginFormData), | |
| CURLOPT_FOLLOWLOCATION => TRUE, | |
| CURLOPT_AUTOREFERER => TRUE, | |
| CURLOPT_COOKIEFILE => $siteCookies, | |
| CURLOPT_COOKIEJAR => $siteCookies, | |
| CURLOPT_REFERER => "https://{$adminDomain}/transactional/launch", | |
| CURLOPT_HTTPHEADER => [ | |
| "Origin: https://{$adminDomain}", | |
| 'Accept-Encoding: gzip, deflate', | |
| ] | |
| ]); | |
| if(($x = curl_exec($website)) === FALSE){ | |
| echo "Cannot login to Mandrill\n"; | |
| die("cURL error\n".curl_error($website)."\n"); | |
| } | |
| curl_close($website); | |
| } | |
| } | |
| echo "Logged into Mandrill website\n"; | |
| echo "Removing domains via website...\n"; | |
| foreach($badDomains as $domain){ | |
| echo "\t{$domain}..."; | |
| $query = http_build_query([ | |
| 'domain' => $domain | |
| ]); | |
| $website = curl_init("https://mandrillapp.com/settings/delete-domain?{$query}"); | |
| curl_setopt_array($website, [ | |
| CURLOPT_HTTPGET => TRUE, | |
| CURLOPT_RETURNTRANSFER => TRUE, | |
| CURLOPT_FOLLOWLOCATION => TRUE, | |
| CURLOPT_AUTOREFERER => TRUE, | |
| CURLOPT_COOKIEFILE => $siteCookies, | |
| CURLOPT_COOKIEJAR => $siteCookies, | |
| CURLOPT_REFERER => 'https://mandrillapp.com/settings/sending-domains', | |
| ]); | |
| if(($x = curl_exec($website)) === FALSE){ | |
| echo "Cannot remove {$domain}\n"; | |
| die("cURL error\n".curl_error($website)."\n"); | |
| } | |
| curl_close($website); | |
| echo "done\n"; | |
| } | |
| echo "\ndone\n"; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Here's the updated script: