How can I make sure that I don't send any email to customers from testing site in php

Question

I have to make the copy of my existing site for testing purposes at home. I have got the permission from the company.

But in the database I have the more than 10,000 customer records with email. I don't want to accidentally send any emails to them while i make some mess with site during various tests.

whats the best way to avoid that

I do need the email functionality for testing other stuff

Answer 1

Change All the Email Address, For Example email@domain.com to email#domain.com. After the test completes you can replace # with @.

Answer 2

The most idiot-proof method you can use is often the best for these things as we all have those days where anything that can go wrong will. It's best to be careful, even borderline paranoid, when a mistake could really ruin your day.

Here's a few methods that might work:

Impotent Configuration by Default

The absolutely safest system is to keep the SMTP server configuration for the production server on the production server and only on the production server. Your development copy would have some other SMTP configuration, like to a testing GMail SMTP account. Usually GMail limits you to 500 emails per day on ordinary accounts so you'll quickly hit this limit if you really screw things up somehow.

Replace Customer Emails in Database

Another thing to consider is scrubbing all of the customer emails in your database, removing them and replacing them with mytestaccount+0000@gmail.com and mytestaccount0001@gmail.com if you care to actually receive and inspect them, taking advantage of the fact that the + and subsequent content is ignored for delivery to GMail, effectively giving you unlimited potential email addresses.

As an example:

UPDATE customers SET email=CONCAT('mytestaccount+', customer.id, '@gmail.com')

You'll have to customize this to be whatever email address you want. One advantage to doing this is that you won't have a valuable list of customer email addresses sitting on your development drive and any associated back-ups of it. To be thorough you should probably scramble the hashed passwords as well just so the database is basically worthless to potential hackers. Too many times passwords get scraped from backups that aren't secured properly.

Render Customer Emails Undeliverable

The next best approach is to add ".test" to the end of every email in the system you don't want to send so that it will hard bounce instead of going to someone's inbox.

This is basically a one-liner:

UPDATE customers SET email=CONCAT(email, '.test')

Over-Ride Email at Delivery Time

You can always include some conditional logic like where you will deliberately substitute the recipient of the email message. This can be risky because there's a chance that you might disable that switch by accident, though, so as always, be careful.

In practice this looks something like:

if ($i_should_not_spam_customer_accounts_accidentally)
{
  $mail->to = "nobody@nowhere"
}

Use an API Driven Service

Some Mail Service Providers have an API that can help you when testing email messages. I'm a co-founder at PostageApp and the service was designed so you can send messages using an API key that's specifically configured to receive but not deliver emails. Other services like MailGun can be used in a similar fashion.

No Single Point of Failure

It isn't a good feeling being one logical test away from tragedy, though. You should make sure there's several things that have to go wrong before you have a fiasco.

Answer 3

If you don't want to change your code or the data in the database, and if you are using postfix in your local machine, you can rewrite all the outgoing mail to your addres. More info: http://www.postfix.org/ADDRESS_REWRITING_README.html