I am using PHPMailer6.2.0 and I am having issues setting the return path.
I have added the custom header via PHPmailer function addCustomHeader()
$mail->addCustomHeader("Return-Path", $fromemail);
and for debugging I have printed out the header content in \PHPMailer\PHPMailer.php function mailSend($header, $body) on line 1794;
var_export($header);
die();
this prints out the header content before it will be sent and it verifies that the custom header return-path is set correctly, however in action, when i receive an email to my outlook, the header return path callbacks to the domains default email user#domain.com. Perhaps this is not the last place before the email is sent and it gets lost later on?
I am using DirectAdmin as my server manager
Stop right there! Senders should not set a return-path header. That header is added by the receiver, and what goes into it is dependent on the SMTP envelope sender, the address that's used in the SMTP MAIL FROM command that delivered the message. Setting this header as a sender is a straightforward contravention of the RFCs. So what should you do instead? Set the envelope sender, and in PHPMailer you do that like this:
$mail->Sender = $fromemail;
Even when you do this, whether the server your'e sending through will accept it is a different matter. For example gmail will not allow you to use anything other than your account username address or predefined aliases, not arbitrary addresses.
Have you seen the comment above in mailSend function?
The sender gets turned into a return-path header by the receiver!
<?php
$params = null;
//This sets the SMTP envelope sender which gets turned into a return-path header by the receiver
//A space after `-f` is optional, but there is a long history of its presence
//causing problems, so we don't use one
//Exim docs: http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
//Sendmail docs: http://www.sendmail.org/~ca/email/man/sendmail.html
//Qmail docs: http://www.qmail.org/man/man8/qmail-inject.html
//Example problem: https://www.drupal.org/node/1057954
// CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped.
if (!empty($this->Sender) && static::validateAddress($this->Sender) && self::isShellSafe($this->Sender)) {
$params = sprintf('-f%s', $this->Sender);
}
I do not think you should set the return-path header by yourself. I believe PHPMailer uses the sender to handle this automatically. But correct me if i am wrong.
Related
When I send an email using phpmailer to gmail, and I look the email source, I see the following next to the "from" field:
"Using PHPMailer 6.1.7 (https://github.com/PHPMailer/PHPMailer)"
For security reasons I'd prefer to remove that if it's possible, but I don't know if this is Gmail being smart or phpmailer appending it to every email message I send.
How can I remove it?
Thanks
This appears in the X-Mailer header. As per the docs, you can remove this header altogether by setting it to a space, like this:
$mail->XMailer = ' ';
If it's appearing somewhere else, I'll need to see the rest of your code and the headers of a message you've received in gmail.
I have suspicious message-id header of email sent by php to gmail account:
Message-Id: <5100054f.a489440a.5d93.6a70SMTPIN_ADDED_MISSING#mx.google.com>
Could you please tell does it have this strange format and what SMTPIN_ADDED_MISSING means here? Examples I saw in the internet had format something like this containing sending domain but my message id doesn't contain it for some reason:
38D1C1FD-3C35-4568-925C-FC46CAC0DE8A#sendinghost.com
I don't think I set this header in Zend_Mail. What generates this headers? Do you see any issues with this header?
A proper outbound email client should be generating the Message-ID header when the email is sent. Google is being 'nice' and generating it for you when the message passes through its email system, but most won't, and most spam filters will take this missing header as an indication that the message is more likely to be spam. Any malformed or missing headers will add to the "spam score".
It is not difficult to generate, all that is required is that it is unique per-message:
$message-id = time() .'-' . md5($sender . $recipient) . '#' $_SERVER['SERVER_NAME'];
Or
$message-id = time() .'-' . md5($sender . $recipient) . '#yourdomain.com';
Gives:
1358961017-677533f745f613447d06de25e7fa4d32#yourdomain.com
Google SMTP generates it if missing. This header must be set by the first SMTP server. So you do not generate it - google does. It is used to prevent multiple delivery and to link related messages together.
It is not required to set message id header, but it's like a good practice for most (but not all, only configured) smtp to add (may be fix) this header. So to avoid generation of this header by others you can generate it by yourself.
This one works for me (I also added a 'Date' line to the header because it was a spam issue to me as well). Based on this peace of code.
Here's my PHP array approach (using Pear's Mail and Mime libraries):
$headers = array(
'From' => $from,
'Subject' => $subject,
'To' => $to,
'Cc' => '',
'Date' => date('r'),
'Message-ID' => sprintf("<%s.%s#%s>",
base_convert(microtime(), 10, 36),
base_convert(bin2hex(openssl_random_pseudo_bytes(8)), 16, 36),
'yourdomain.com')
);
Note that using $_SERVER['SERVER_NAME'] instead of literally 'yourdomain.com' won't work in php cli as commented out by Oleg on another answer.
I am using same MessageId to track the exchanged messages.
I fix the MessageId with:
$mail->MessageID =sprintf('<%s#%s>', $myMessageID, 'myserver');
tl;dr; Do not use port 25 when sending email instead use port 587
When I was sending outbound email from my custom created golang email client using port 25 to my local postfix server with destination email address either gmail or google gsuite adddress I was seeing
Message ID <5be55db9.1c69fb81.d0444.d894SMTPIN_ADDED_MISSING#mx.google.com>
as viewed from destination email adddress in gmail Show Original ... However since I am using full TLS certs in both my golang email client and local postfix server, when I replace using port 25 with the secure port 587 in my outbound email client (postfix was already using TLS certs) then I get the proper
Message ID <20181109163255.F164D8E9588#mail.myexample.com>
NOTE - at no time am I defining an email header message-id infact the golang repo I'm using does not have an api call to define that header
You missed the '<' and '>' brackets.
I am using Swift Mailer to check for bounced messages. I have created one separate account for bounce messages, however when I set the return path, it does not allow the bounce message send to that account. Is it normal or is it a code error?
$verp = 'bounces-' . str_replace('#', '=', $row['ReplyTo']) . '#gmail.com';
$message = Swift_Message::newInstance()
->setSubject($row['Subject'])
->setFrom(array($row['ReplyTo'] => $row['FromName']))
->setReturnPath($verp)
->setBody($html, 'text/html')
->addPart($txt, 'text/plain');
I am now using VERP, it seems that it is to locate a delivery error? But not for sending the message to a bounce mail account?
Yes, that is normal. When sending email through Gmail's SMTP servers, it will force the return-path to be the account you are sending from.
Your only solution is to search for a provider which allows you to set the return-path.
It's not a gmail issue, it's a requirement of the SMTP specification, as defined in RFC 5321 section 4.4:
A message-originating SMTP system SHOULD NOT send a message that already contains a Return-path header field.
It also says that while SMTP systems should not inspect message content at all (i.e. they don't look at headers), a gateway from some other context to SMTP SHOULD remove any return-path header. In short, if you're adding a return-path header yourself, you're doing it wrong.
The return-path header you see in a received message is created by the receiver, not the sender, and is derived from the SMTP MAIL FROM command used to deliver the message. This address need not to have anything in common with the From address header within the message, and designates where the message should be sent to in the event of a delivery failure, i.e. exactly what you want the VERP address for.
I don't know about SwiftMailer, but in PHPMailer you can set the SMTP envelope sender value by setting the Sender property, and a receiver will convert that into a return-path message header on reception.
I have noticed that some mails come with the from address like :
Adam Mannet via www.findyourfriend.com.
What headers do I need to pass to the native PHP mail() function to accomplish this when sending e-mail?
I think the via tag is added by the mail server when somebody uses an external (from his domain) smtp server.
Per example,
my email is iceduck#iceduck.net but I send email via Gmail's smtp, you will see From iceduck#iceduck.net via Gmail.com.
If you want to make the via appear then you'll have to send your mail through the smtp server you want to appear in the via.
You can check out this link : http://email.about.com/od/emailprogrammingtips/qt/PHP_Email_SMTP_Authentication.htm
I don't think the solution is in the header.
Best
You should check PHP mail documentation. There is a description how to modify 'From' header. You should use additional_headers to change that header information and include 'friendly name' beside your e-mail address.
<?php
// The message
$message = "Message content";
$headers = 'From: User Name <user#example.com>';
// Send
mail('test#example.com', 'My Subject', $message, $headers);
?>
This should make your from address look like: 'User Name via www.example.com'
I'm trying to sends mails in PHP. The code I used for sending a mail in CakePHP is given below. I get the message 'Simple Email Sent' in my web page but the mail is not delivered to my inbox. Am I missing something?
The values in the to, subject and link fields are set with the values entered in the user interface.
$this->set('to',$this->params['form']['to']);
$this->set('subject',$this->params['form']['subject']);
$this->set('link',$this->params['form']['link']);
$this->Email->to = to;
$this->Email->subject = subject;
$this->Email->from = 'someperson#somedomain.com';
$this->Email->delivery= 'mail';
$this->Email->sendAs='text';
$this->Email->template = 'simple_message';
//$this->Email->send(link);
if ( $this->Email->send(link) ) {
$this->Session->setFlash('Simple email sent');
} else {
$this->Session->setFlash('Simple email not sent');
}
On a Linux system, you'll probably have a sendmail script installed already, and PHP will use that. If this is what you have and it's not working, then I'd look for mail configuration problems in your Linux system itself.
On a Windows system, you'll need to configure the SMTP server you want PHP to send mail to. The normal way to do this is in php.ini. The instructions for this are here.
Unless you have set Email->delivery this should be the same for CakePHP - it should default to whatever PHP uses.
Note: If you are using your own Linux install, it could just be that your ISP is blocking port 25, which your mail server is using. In that case you'll need to configure linux to route email to your ISP's email server. Maybe this will help?
Since when is 'to' (line 4) a valid destination email address?
You need to use variable syntax for setting to 'to' line, and the 'subject' line. Those lines should read
$this->Email->to = to;
$this->Email->subject = subject;
Also, I believe there is an attribute in the Email component called error (I cannot find it in the documentation currently) that will help you debug. This may not be totally correct; I use the Email component with SMTP, and there is an attribute that gets set by the Email component called smtpError. I believe there is one called error that you can use to check for an error -- it should contain code that will tell you where your problem lies.
In case that's an incorrect statement, you can always do a var_dump( $this->Email ); after you try to send an email. That will dump the entire contents of the object, so you can see if you have set attributes correctly, and it should help you find out what the error attribute is named.