Downloads

Download ColdFusion Email Templates (Password Reset & Verify Email)

by Aaron Longnion
8 min read

Introduction
This downloadable resource is a production-ready set of ColdFusion (CFML) Email templates and helper code for two common transactional messages: Password reset and Verify Email (account activation). It’s crafted for Adobe ColdFusion and Lucee servers, includes responsive HTML templates with matching plain-text fallbacks, and ships with example CFML snippets showing how to render, personalize, and send emails via cfmail. If you need clean, well-structured templates and a plug‑and‑play workflow for secure tokens, this package saves hours of design and Integration time.

H2: What You’ll Get

  • Templates
    • Responsive HTML template for Password reset
    • Responsive HTML template for Verify Email / Account Activation
    • Plain-text versions for both templates
  • Partials and assets
    • Shared header/footer partials
    • Button and signature partial snippets
    • Inline CSS (dark-mode friendly) and a minified CSS file
    • Sample logo placeholder (SVG/PNG)
  • CFML code examples
    • cfmail usage with SMTP Configuration examples
    • CFScript and tag-based examples for rendering and sending
    • Token generation and validation patterns (secure, single-use)
  • Documentation
  • Optional utilities
    • Simple function to inline CSS if you prefer external stylesheets
    • Helper to switch between HTML and text variants depending on user preference

Supported versions and environments:

  • Adobe ColdFusion 2018/2021/2023
  • Lucee 5.x and 6.x
  • Works with most SMTP providers: Amazon SES, SendGrid, Mailgun, Postmark, Office 365, Gmail (with app passwords), and custom SMTP

H2: Overview
H3: Why these templates matter
Password resets and email verification are high-visibility transactional emails. They must render correctly on mobile and desktop, pass spam checks, and deliver the right message with secure links or codes. The included templates:

  • Use semantic HTML with inline CSS optimized for major clients (Gmail, Outlook, Apple Mail)
  • Include plain-text fallbacks for improved deliverability and accessibility
  • Are token-aware, with code examples for time-bound, single-use links and optional one-time passcodes (OTP)
  • Support easy internationalization (i18n) by swapping in localized strings

H3: At-a-glance Features

  • Responsive layout, dark-mode aware
  • Clean call-to-action buttons
  • Fully customizable colors, fonts, and copy
  • HTML + Text multipart via cfmailparam
  • Examples for both tag and script CFML
  • Security-first token flow patterns

H2: File Structure

  • /templates
    • /partials
      • header.html
      • footer.html
      • signature.html
      • button.html
    • password-reset.html
    • password-reset.txt
    • verify-email.html
    • verify-email.txt
  • /assets
    • styles-inline.css
    • logo.svg
  • /cfml
    • sendPasswordReset.cfm
    • sendVerifyEmail.cfm
    • tokenService.cfc (example implementation)
    • mailService.cfc (SMTP wrapper)
  • /docs
See also  Download ColdFusion CORS Policy Examples

H2: Benefits

  • Saves development time: Prebuilt, reusable HTML and text templates with CFML snippets let you implement production emails quickly.
  • Improves deliverability: Multipart content, sane defaults, and guidance for SPF/DKIM/DMARC.
  • Enhances security: Opinionated patterns for signed, expiring, single-use tokens reduce common vulnerabilities.
  • Reduces Maintenance: Clear separation of templates, partials, and logic; straightforward customization.
  • Developer-friendly: Works with Adobe ColdFusion and Lucee, compatible with common SMTP providers.

H2: How to Install
H3: Step 1 — Download and extract

  • Download the ZIP: ColdFusion-Email-Templates-v1.0.zip
  • Extract into your project (e.g., /app/email/)

H3: Step 2 — Configure SMTP

  • Add SMTP details to environment variables or ColdFusion Administrator:
    • SMTP host, port (587 for TLS or 465 for implicit SSL)
    • Username and password (or API key for certain providers)
    • TLS/SSL enabled
  • Optional: If using environment variables, set:
    • MAIL_HOST, MAIL_PORT, MAIL_USER, MAIL_PASS, MAIL_SENDER

H3: Step 3 — Map template path

  • Ensure your CF mappings allow includes from /app/email/templates and /app/email/cfml.
  • In Lucee/Adobe CF Admin, add a mapping or use relative includes in your code.

H3: Step 4 — Set base URL

H2: Configuration
H3: Token settings

  • Token length: 32–48 bytes (base64url or hex)
  • Expiration: 10–30 minutes for password reset, 24 hours for email verification
  • Storage: Hash tokens (e.g., SHA-256) in DB with createdAt and usedAt columns
  • One-time use: Mark as used after successful action

H3: Branding and copy

  • Edit templates/assets/styles-inline.css for color, font, spacing
  • Replace logo.svg with your logo
  • Update footer with company name, address, unsubscribe/help links if applicable

H3: Internationalization

  • Externalize strings (subject lines, greetings, button text)
  • Add localized copies (e.g., password-reset.fr.html) or inject language-specific variables

H2: How to Use
H3: Password Reset flow (recommended)

  1. User initiates “Forgot Password.”
  2. Generate token and store a hashed version in your DB with expiration and userId.
  3. Build reset URL: APP_BASE_URL + “/account/reset?token={urlSafeToken}”
  4. Render template with personalization (user name) and reset URL.
  5. Send as multipart email (HTML + text).
  6. When user clicks, validate token:
    • Check not expired, not used, and matches hash
    • Prompt for new password, then invalidate token

H3: Verify Email (account activation)

  1. On signup, create verification token and store a hashed version with expiration.
  2. Build verification URL: APP_BASE_URL + “/verify?token={urlSafeToken}”
  3. Render verify-email template with name and URL.
  4. Send multipart message.
  5. When clicked, validate token and mark emailVerifiedAt.
See also  Download the New Relic & Datadog Monitoring Setup Guide for ColdFusion

H3: CFML example (tag-based, simplified)

  • Password reset example:
    • Generate token using tokenService.generate(userId)
    • Assign url: resetUrl = APP_BASE_URL & “/account/reset?token=” & token.url
    • Include templates and send via cfmail with cfmailparam for text part

H3: CFML example (script-style, simplified)

  • Use mailService.sendMultipart to send both HTML and text bodies

Note: The package includes fully commented examples in /cfml with better Error handling and logging.

H2: Best practices
H3: Security

  • Always hash tokens server-side; never store raw tokens.
  • Use HTTPS everywhere; avoid query params for sensitive info other than opaque tokens.
  • Short expirations; single use; Audit logging for resets and verifications.
  • Rate-limit requests and require recent login for sensitive account changes.
  • Consider adding optional OTP fallback for users who prefer codes over links.

H3: Deliverability

  • Configure SPF, DKIM, and DMARC for your sending domain.
  • Use a dedicated subdomain (e.g., mail.example.com) for transactional emails.
  • Warm up new IPs/domains if sending high volume.
  • Keep subject lines clear: e.g., “Reset your Example password” or “Confirm your Example email.”

H3: Accessibility and design

  • Provide descriptive alt text for logos/images.
  • Maintain high contrast; test in dark mode.
  • Keep actionable CTAs above the fold.
  • Include a visible fallback URL in the text part.

H2: Customization Guide
H3: HTML and partials

  • Modify /templates/partials/header.html and footer.html for branding.
  • Reuse button.html partial for consistent CTAs.

H3: Styling

  • Update /assets/styles-inline.css and run the included inliner if you switch to non-inlined CSS.

H3: Copy and language

  • Edit the main templates; use placeholders like {{firstName}}, {{actionUrl}}, {{supportEmail}}.
  • Replace with cfset variables or a lightweight templating include.

H2: Testing and Validation
H3: Rendering tests

  • Use email testing tools (e.g., Litmus, Email on Acid) to preview across clients.
  • Test on mobile clients (Gmail iOS/Android) and desktop (Outlook, Apple Mail).

H3: Functional tests

  • Generate tokens and ensure link validity windows work as expected.
  • Confirm single-use behavior and proper error states for expired/used tokens.

H3: Deliverability tests

  • Send to seed inboxes.
  • Check headers for SPF/DKIM pass and DMARC alignment.
  • Monitor open/click rates with your SMTP provider if available.

H2: Troubleshooting
H3: Common issues

  • Links broken? Ensure APP_BASE_URL is set correctly and includes https.
  • Email Not sending? Verify SMTP credentials, ports, and TLS settings.
  • HTML looks off in Outlook? Keep layout table-based and use inline CSS; avoid unsupported CSS properties.
  • Tokens failing? Confirm time zone consistency and that you hash and compare correctly.
See also  Download ColdFusion CFMAIL Test Harness Script

H3: Logging tips

  • Log mailService send attempts and SMTP responses.
  • Log token lifecycle: created, validated, succeeded/failed.

H2: Benefits and Use Cases

  • Startup MVPs: Ship secure password reset and activation flows without building from scratch.
  • Teams migrating to Lucee or upgrading to Adobe ColdFusion 2021/2023: Drop-in templates reduce regression risk.
  • Agencies: Consistent, brandable transactional emails across projects.
  • Compliance-focused apps: Clear Audit trail for reset/verify events and security-forward token handling.
  • Multi-tenant SaaS: Parameterized templates enable per-tenant branding and localization.

H2: Key Takeaways

  • You get responsive, accessible, and deliverable Email templates for Password Reset and Verify Email, plus CFML code to send them.
  • The package includes HTML and text versions, partials, assets, and secure token examples.
  • Works on Adobe ColdFusion and Lucee with common SMTP providers.
  • Emphasizes security, deliverability, and maintainability with best-practice guidance.
  • Quick to integrate; easy to customize and localize.

H2: FAQ
H4: Can I use these templates with both Lucee and Adobe ColdFusion?
Yes. The examples are compatible with Lucee 5/6 and Adobe ColdFusion 2018/2021/2023. If you rely on Admin mappings or specific tag behaviors, confirm in the included quickstart notes.

H4: Do I have to use the provided token service?
No. The tokenService.cfc is an example. You can integrate your own token generation/validation strategy, as long as tokens are hashed, time-limited, and single-use.

H4: How do I add my brand colors and logo?
Replace assets/logo.svg with your logo and edit assets/styles-inline.css. Update header/footer partials for colors and typography. The CSS is organized for quick swapping of variables.

H4: Will these templates pass spam filters?
While no template can guarantee inbox placement, multipart content, clean HTML, and guidance for SPF/DKIM/DMARC significantly improve deliverability. Use a reputable SMTP provider and monitor bounce/spam rates.

H4: Can I send OTP codes instead of links?
Yes. The templates include placeholders for a code block. The docs show how to include a short-lived numeric code and validate it on the server.

About the author

Aaron Longnion

Aaron Longnion

Hey there! I'm Aaron Longnion — an Internet technologist, web software engineer, and ColdFusion expert with more than 24 years of experience. Over the years, I've had the privilege of working with some of the most exciting and fast-growing companies out there, including lynda.com, HomeAway, landsofamerica.com (CoStar Group), and Adobe.com.

I'm a full-stack developer at heart, but what really drives me is designing and building internet architectures that are highly scalable, cost-effective, and fault-tolerant — solutions built to handle rapid growth and stay ahead of the curve.

View all posts

You may also like