I want to enable my website users to send an email.
I use PHP and my host is GoDaddy. I assume that PHPMailer is the best option.
I think my problem is trying to connect to GoDaddy's PHPMailer.
Should I use another PHPMailer?
My code is based on an example on your site which is supposed to work.
It appears that the lines:
require_once "PHPMailerAutoload.php";
$mail = new PHPMailer; //PHPMailer Object
prevent the subsequent code from working.
Please help.
<?php
if(isset($_POST['send'])){
echo "Sending";
require_once "PHPMailerAutoload.php";
$mail = new PHPMailer; //PHPMailer Object
$mail->setFrom('sender#example.com', 'Rob');
// $mail->addAddress("my godaddy webmail"); //Recipient name is optional
echo "still Sending";
$mail->addAddress("recipient#example.com"); //Recipient name is optional
//Send HTML or Plain Text email
$mail->isHTML(true);
$mail->Subject = "Email Test";
$mail->Body = "<i>This is a text</i>";
$mail->AltBody = "This is the plain text version of the email content";
if(!$mail->send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
echo "Message has been sent successfully";
}
}`enter code here`
?>
<form method="post">
<input type="submit" name="send" value="Send">
</form>
Pretty much all virtual hosting servers are banned from sending mail by being placed on an email blacklist. As you might imagine, this is to prevent spammers from simply firing up a new virtual server and sending gobs of spam mail. It's a necessary protection for the internet at large.
It's important to realize that the PHP mail() function just returns TRUE if your local server accepted the mail message for outgoing delivery. This just means that the local software running on your server told PHP it would try to send the email. This in NO WAY guarantees that the mail will look legitimate to all the mail servers that might end up handling this mail message. If you send mail this way, your mail is generally unlikely to be delivered.
That being the case, you'll need your PHP code to send its outgoing email through some server that is NOT on an email black list. There are a variety of mail-sending services like SendGrid, MailChimp, Amazon SES, etc. that offer SMTP access. I.e., you connect to their servers using the SMTP protocol and send your mail that way. The PHPMailer readme is probably a good place to start and has an example script that connects to an SMTP server to send outgoing mail. The trick is to get the right username, password, port, and SMTP settings -- and this tends to vary depending on who you use to deliver your mail.
If your mail volume is small enough, you can probably get away with just using a regular old gmail account.
It is important to realize, too, that just sending off an email using PHPMailer is not itself sufficient to make sure the mail gets delivered. Modern spam filters running on mail systems make use of a raft of modern, interlocking schemes to check if a mail message is legitimate or not.
In addition to the PHPMailer steps, you might also need to set up an SPF record on your domain, and possibly DKIM and DMARC credentials as well -- these are modern schemes to telegraph to other machines that your server is a legitimate source of email.
SPF is pretty simple and involves creating DNS records for your domain that identify your server as a valid source of mail.
DKIM and DMARC are a bit more involved but can dramatically improve your mail delivery rate.
Related
I will be using G Suite (formally Google Apps) to host the email of a site that runs off a separate host.
However, there is a contact form on the website, I haven't looked at it yet, but I assume it will use the standard mail() function.
As I understand it mail() will still use the servers mail server to send the mail, it may be a dumb question, but I assume this won't cause any spam detection issues because of this? Like, I know some servers won't accept mail if the From and/or Sender headers don't match the server it is coming from (or in some cases if the email you set in these headers doesn't exist).
So, if the mail is hosted on G Suite, and the email address that is setup in the From/Sender headers exists on G Suite this won't cause any issues correct?
Lastly, I know it's probably a better idea to use SMTP to send the mail via Google, but I may not have that choice, so I wanted to find out the answer to the above just in-case.
Edit: As per Nima's answer, is this something that can be avoided, or only with using Googles SMTP server to send with?
If you want it simple, then simple use SMTP.
Because of spam, multiple mail server provider are blocking mails from mail servers that have no correct RDNS (Reverse DNS) and MTA name configured.
You want to make sure that all three names are matching according to your MX Record:
Sender Hostname (e.g *mail#demohost.com, note that from can be what ever you want)
MTA-Name/HELO-Hostname (Configured in Mailserver, e.g demohost.com)
RDNS (Basicly it gives per IP-Adress the Hostname (e.g 42.42.42.42 -> demohost.com)
Also make sure your php.ini has the correct configuration for your Mail Server. Congrats you can now send Mails using mail(...).
As I said, it's probably most simple by just using SMTP. Assign the hard work to a hoster.
When you use GSUITE for hosting emails, it's obvious that you will be providing some domain name to GSUITE.
Now emails are marked spam and not spam based on the content as well as certificates of sending server and sending servers have different services for Transactional and Marketing Oriented emails. And GSUITE only provide transactional mail service, and transactional mails from a mail service --having valid certificates and not black listed-- lands directly into Inbox or Other Label, but Spam/Promotion.
Now GSUITE is having all correct certificates and I don't think there is any consumer oriented mail service provider, which blocks emails coming from google servers.
Other Question:-
Does the From Address in E-MAIL headers matters?
Upto now I have never seen from address impacting anything on receiving servers, but some consumer mail services block the usage of from address other than the account email address, just like mobile operators don't let us use someone else's caller id(Ideally).
But mail service providers to businesses let you use any address as from value in e-mail headers.
Edit:-
If you are still unsure about delivery of emails, you can use replyTo header with out any problem.
PS:- I have tested this myself with thousands of emails but using SendGrid servers.
http://php.net/manual/en/function.mail.php
The Windows implementation of mail() differs in many ways from the
Unix implementation. First, it doesn't use a local binary for
composing messages but only operates on direct sockets which means a
MTA is needed listening on a network socket (which can either on the
localhost or a remote machine).
On linux the sendmail executable is used to talk to the SMTP server configured on windows you can / could configure mail() function to use SMTP
So the best way is to use SMTP directly to send the email to Gmail to send the email.
Taken from:
https://stackoverflow.com/a/33506709/623150
Here is a way to do it with PHP PEAR
// Pear Mail Library
require_once "Mail.php";
$from = '<your#mail.com>'; //change this to your email address
$to = '<someone#mail.com>'; // change to address
$subject = 'Insert subject here'; // subject of mail
$body = "Hello world! this is the content of the email"; //content of mail
$headers = array(
'From' => $from,
'To' => $to,
'Subject' => $subject
);
$smtp = Mail::factory('smtp', array(
'host' => 'ssl://smtp.gmail.com',
'port' => '465',
'auth' => true,
'username' => 'your#gmail.com', //your gmail account
'password' => 'snip' // your password
));
// Send the mail
$mail = $smtp->send($to, $headers, $body);
If you use gmail smtp remember to enable SMTP in you gmail account,
under settings
On a Linux Server you can't use SMTP via the mail function.
Okay, I'm at my whit's end here. I have a client whose site is hosted on GoDaddy and that uses Outlook. I've written a PHP script to send mail to one of their domain e-mail addresses from a contact form on their website.
I can get this e-mail to send to every single service except outlook/exchange/live/microsoft accounts.
I read that using PHPMailer was a good idea, so this is what I'm currently using to send mail:
//$mail->IsSMTP(); // telling the class to use SMTP
$mail->SMTPDebug = 2;
$mail->SMTPAuth = true;
$mail->SMTPSecure = "ssl";
$mail->Host = "a2plcpnl0287.prod.iad2.secureserver.net";
$mail->Port = 465;
$mail->Username = "test#alamohomefinance.com";
$mail->Password = "xxxxxxx";
$mail->SetFrom('yourname#yourdomain.com', 'First Last');
$mail->AddReplyTo("name#yourdomain.com","First Last");
$mail->Subject = "PHPMailer Test Subject via smtp (hotmail), basic";
$mail->AltBody = "To view the message, please use an HTML compatible email viewer!";
$mail->MsgHTML($body);
$address = "jakerevans2#live.com";
if(!$mail->Send()) {
error_log("Error from calculator!". $mail->ErrorInfo);
} else {
error_log("Success from calculator!");
}
This e-mail gets sent to my gmail account and some others, but not to my .live account or my client's Outlook address.
I've tried everything I've found on the internet so far, nothing is working. Any ideas or thoughts anyone?
Thanks!
EDIT:
The Godaddy server has an SPF record that reads: v=spf1 include:spf.protection.outlook.com -all
I've created a DKIM key from https://www.port25.com/dkim-wizard/ and added a DKIM TXT record to GoDaddy, with the following details:
Host: key1._domainkey.alamohomefinance.com
TXT Value: k=rsa\; p=MIIBIjA...
I've added a DKIM record, with the following details:
Name: _dmarc.alamohomefinance.com
TXT Value: v=DMARC1; p=quarantine; sp=none; ruf=mailto:user#example.com; rf=afrf; pct=100; ri=86400
Am testing now to see if these changes make a difference...
First up, you should look at the PHPMailer troubleshooting guide, which has a little section on GoDaddy, and many other problems.
You will get much better feedback on what's going on if you enable debug output of server messages, so set SMTPDebug = 2, and see what it says.
GoDaddy is known to block outbound SMTP, and generally will either simply fail to connect (see many questions on SO about that), or cause TLS verification failures as you get redirected transparently to their mail servers.
In your code you've got the smtp.live.com Host, but this username:
$mail->Username = "a2plcpnl0287.prod.iad2.secureserver.net"
secureserver.net is the domain used for GoDaddy's mail servers, and that user name is the name of an actual GoDaddy mail server, so it seems very unlikely that you should be using it as a user id for live.com, especially since GoDaddy will be rotating mail servers frequently, so you're unlikely to get the same one every time - is that really your login ID for live.com?
I'm also suspicious of the phrasing of your question: you do not need to connect to live.com to send email to live.com - there's nothing stopping you sending to a live.com address from a connection through gmail, so it sounds like you may have a conceptual issue. The Host, Username and Password properties are for the mail server that you send out through, not that you are sending mail to.
As I said, normally GoDaddy doesn't allow remote SMTP at all, so I'm very surprised if you've had it working without using a GoDaddy mail server, so I suspect you've had something else work, not what you think.
I can also see you've based your code on an obsolete example, so make sure you're running the latest PHPMailer.
Update:
I noticed something critical. The code does not call $mail->isSMTP();. This means that it's not using SMTP at all, it's using the default mail() function, and as such none of the SMTP config makes any difference at all. The message will be submitted to your local mail server, which will then relay through GoDaddy's server. Look in your mail server's log file to see what's happening, usually in /var/log/mail.log or similar.
Check your server ip on http://mxtoolbox.com/blacklists.aspx . I've noticed Microsoft is very picky about blacklisting. I've had this issue with a brand new I.P addresses that were acquired with an apparent bad rep. If your on godaddy on a shared account ip it's very likely either the ip or entire subnets are blocked by default.
After setting up SPF Record i still am here to verify why i cannot recieve this email to hotmail account. I am able to send it to gmail with no issues. Please confirm if the code is correct, and SPF record is correct:
<?php
require_once 'PHPmailer/class.phpmailer.php';
$mail = new PHPMailer();
$body = "Thankyou for your Purchase. <br/><br/> Here is your Policy! You are now Protected during your Travels.";
$mail->AddAddress('$payer_email');
$mail->From = "noreply#example.com";
$mail->FromName = "Name";
$mail->Subject = "Thankyou for Your Purchase";
$mail->MsgHTML($body);
$mail->AddAttachment("tosend/xxx.pdf");
if(!$mail->Send()) {
echo "There was an error sending the message";
$sql = "UPDATE purchases SET policy_sent = 'Not Sent' WHERE id = '$lastid' ";
$stmt = $mysqli->query($sql);
$mysqli->close();
exit;
}
echo "Message was sent successfully";
$sql = "UPDATE purchases SET policy_sent = 'Sent', email_to = '$payer_email' WHERE id = '$lastid'";
$stmt = $mysqli->query($sql);
$mysqli->close();
?>
Here is the SPF:
v=spf1 a mx include:secureserver.net ~all
Are all these correctly configured?
Use SMTP Auth, then Hotmail wouldn't complain anymore. Anonymous mails are considered as spam by almost all receiving servers.
$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = "mail.yourdomain.com"; // sets the SMTP server
$mail->Port = 26; // set the SMTP port
$mail->Username = "yourname#yourdomain"; // SMTP account username
$mail->Password = "yourpassword"; // SMTP account password
But ofc. depending on whether you have control over your SMTP or not, you should make sure, that basic stuff like reverse-dns-lookup is setup properly
Due to the discussion in the comments, I want to add a little bit more information about my thinking about why SMTP Auth will fix this:
IF you are using PHPMailer without the definition of an SMTP-Server, PHPMailer will operate in mail mode, which will just call the mail() function of php.
The mail-function itself will use the smtp-settings configured in the PHP-INI file, or the default values, which are listed here: http://php.net/manual/en/mail.configuration.php
defaults:
SMTP = "localhost"
smtp_port = "25"
Since the OP has configured a local mail server (or why would he setup MX-records?), php will now connect to this SMTP-Server without Authentication. The Server will accept the message and send it to the next server.
(Same applies if unix' sendmail is used)
Each Server in the chain and especially the receiving server can now see, that a private SMTP has been used and no Authentication has been provided.
That is already Spam-Score over 9000 because with a setting like that (theoretically) everyone could use that server to send mails!
Restrictions like only from localhost are ofc. not known by other servers, therefore that SMTP is considered to be an Open Mail Relay http://en.wikipedia.org/wiki/Open_mail_relay
Switching PHPMailer to SMTP-Auth (EVEN if still the local SMTP Server is used) will add This information to the Entry created by the server when forwarding the mail. The Entry will look like this:
Received: from SERVER1 ([xxx.xxx.xxx.xx]) by mydomain.de with ESMTPA
The trailing A after ESMTPA now tells the receiving Server, that Server1 has used a valid user account on mydomain.de to start the sending-attempt, which means that the SMTP-Server knows the origin of the mail and could provide information about the sender.
Still, the local SMTP-Server is not a known one, so in this case it might end up beeing greylisted and checked on various RBLs, which shouldn't be any problem in this case.
If the (local) SMTP-Server now passes ALL checks (Reverse-DNS Lookup, Greylisting, RBLs and what not) - the mail has a good chance to be successfully delivered, even if no remote smtp is used, because the server could be successfully authenticated as well as the sender using that server. (Otherwise no company could setup own servers)
So, using SMTP-Auth (Or any other authentication method) will also have an impact, even if no remote-SMTP Server is used.
Authenticated Mails are not a guarantee for not beeing considered as spam - but unauthenticated Mails are definitly ranked higher in the Spam-Score of common systems.
Had the same issue. I have checked the whole script 30 times. Each setting each . and , Checked and rechecked dns records dkim and spf 100 times.
Nothing worked.
I e-mailed hotmail/outlook/live about the issue. I didn't expect any help but within a few hours the problem was solved.
It wasn't in the script. Hotmail just blocks any e-mail that is sent trough most webpages. Even if your spam reputation is fine. They have placed the server's ip on a whitelist and the problem was solved.
They can change it back if they detect bad behavior. There's a limit for sending e-mail. If your server has a bad reputation they aren't likely to add the server to their whitelist. This can be an issue on shared hosting packages. Someone else on the same server where you host your website can f up the servers reputation.
Have you tested on a live server? If yes, what error did you get?
Have you enabled your phpmailer's debug to know what errors it has? If you are not using SMTP you can test with this
$mail->do_debug = true;
If you are using SMTP then use
$mail->SMTPDebug = true;
What output did you get from your debugger? You get a clue to where your problem is coming from from there.
I also suppose #dognose's answer by asking you to better use SMTP. That way your email passes through an authentication which would help indicate your identity was confirmed.
$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = "mail.yourdomain.com"; // sets the SMTP server
$mail->Port = 26; // set the SMTP port
$mail->Username = "yourname#yourdomain"; // SMTP account username
$mail->Password = "yourpassword"; // SMTP account password
If $mail->Port = 26; doesn't work you can try $mail->Port = 25;.
The SPF currently being published by your DNS is invalid because you have three records!:
# dig +short txt immortalinsurance.com
"v=spf1 a mx include:smtp.secureserver.net ~all"
"v=spf1 mx mx:v=spf1 a mx include:secureserver.net ~all include:secureserver.net -all"
"\"v=spf1 a\""
The first one is valid; You should delete the second two.
The content of this record is correct for your domain if you are sending mail from 182.50.130.73. The 'mx' stanza is not strictly necessary since it points at secureserver.net anyway, but it may save DNS lookups on receiving servers.
Before you start sending email using mail() or SMTP, make sure you create valid sender email account in your cpanel.
From = "noreply#immortalinsurance.com";
This is very important if not all emails you send will be tagged as SPAM and goes to junk.
Once this is done, you must setup domainkeys and SPF records. Having a dedicated IP instead of using shared given by your hosts will also help with the delivery.
Finally check your mail with all three major email providers such as Hotmail, Yahoo and Gmail.
You will probably have to break down the exact reason why step by step. I know for a fact Hotmail is using a rules based spam filter (which is quite strict) and Gmail uses more like a self-learning system, which could explain why Gmail accepts your message and Hotmail doesn't.
The following you can check though:
A spf-record only works on the domain the spf record is added and only works for mail sent from ips/domains defined in that spf. Therefore make sure your code is executed from a server that exists in your spf.
Using SMTP as proposed above can increase derliverability (but it really depends on the receivers' spam filter). If you're testing on a local server though, you can use SMTP to send the mails trough a mail server defined in the spf. Otherwise
If the mailserver you are using is an open relay, than that could (and probably would) be a reason to add extra spam points. Thus make sure you're using a closed relay (e.g. the mailserver you're using doesn't allow mails to be sent unauthenticated users)
Check if the mailserver you're sending from isn't on any blacklist (http://mxtoolbox.com/blacklists.aspx offers a great tool);
Use the message headers in Gmail to find out if Gmail sees any reason to add spam points to your message (Howto: https://support.google.com/mail/answer/22454?hl=en). There you can find if your spf works (by searching for 'spf=pass'). This might also work for Hotmail if your mail would be delevered into the spam folder.
One of the many rules spamfilter apply are keyword checking (which I think your mail contains a few off), the amount of text and such. Make sure the overall quality of your message is good;
PHPMailer uses php's mail function by default. You can change this to sendmail ($mail->isSendmail();, probaly doesn't work on Windows if sendmail is not set up properly) or perhaps check the settings of your php.ini what mailserver is used (use ini_set('SMTP', 'yourhost.com'); to override, but this only works on Windows as far is I know).
The user of the connection data $mail->Username must be the same as the $ mail->From, otherwise hotmail rejects the email or marks it as spam.
Also, if the email has images, it can also be marked as spam.
In summary, for everything to be perfect, send email without images and that the From is the same as the Username.
I want to send mail to inbox using smtp mail method using PHP.Now mail go to spam instead of inbox,i am using smtp mail method.I had set the hostname,username and password.
<?php
define("SMTP_HOST", "mail.test.us"); //Hostname of the mail server
define("SMTP_PORT", "25"); //Port of the SMTP like to be 25, 80, 465 or 587
define("SMTP_UNAME", "tttt");
//Username for SMTP authentication any valid email created in your domain
define("SMTP_PWORD", "tttt"); //Password for SMTP authentication
?>
Mail code
//smtp mail
$mail = new PHPMailer;
$mail->Host = SMTP_HOST;
$mail->Port = SMTP_PORT;
$mail->SMTPAuth = true;
$mail->Username = SMTP_UNAME;
$mail->Password = SMTP_PWORD;
$mail->AddReplyTo("test#test.com", "zamisoft");
$mail->SetFrom("test#test.com", "zamisoft.com");
$mail->Subject = $subject;
$mail->AddAddress($to, '');
$mail->MsgHTML($message);
$send = $mail->Send();
$mail->ClearAddresses();
//smtp mail
Anybody give any solution for these issue?
Add Headers to your email
$headers='From: ann#zamisoft.com \r\n';
$headers.='Reply-To: ann#zamisoft.com\r\n';
$headers.='X-Mailer: PHP/' . phpversion().'\r\n';
$headers.= 'MIME-Version: 1.0' . "\r\n";
$headers.= 'Content-type: text/html; charset=iso-8859-1 \r\n';
$headers.= "BCC: to";
It's been a while since I've played with PHP mail, but if that doesn't work it should put you on the right track.
Make sure you have SPF and DKIM setup. Since you are mailing from your own server, this is highly recommended.
Here is a link to Namecheap with screenshots. I couldn't explain it better:
https://www.namecheap.com/support/knowledgebase/article.aspx/9214/31/email-authentication-tool-in-cpanel-spf-records
Also, there are various checkers out there that well validate your SPF, DKIM, and check other things, and give it a score.
http://www.port25.com/support/authentication-center/email-verification/
https://www.mail-tester.com
http://dkimvalidator.com
The only things you can do when mailing from your own server. Use SPF and DKIM. Stay away from spammy words. One wrong word can make the difference of spam or inbox. Have a baseline email and baseline subject for testing. I had a slogan of mine that landed me in the spam folder, so I had to change it because I wanted it in the signature of my emails. Using certain link shorteners could land you in the spam folder. I am not saying they do, but using bit.ly or tinyurl links could land you there. Using tinypic or another image hosting service could. Your domain name could be the problem! The from name..
Remember, every word (whether it's in your email address, domain name, hostname, subject, or the body of the email) is looked at.
As well as your server's IP address. Is it on any blacklists? Check it with http://mxtoolbox.com/blacklists.aspx
Without one of us actually getting on your server and sending dozens of test email to see what is actually causing it, I can only tell you the dozens of things to check.
With all that said, mailing off your server sucks and I don't recommend it. I suggest using SendGrid or Mailgun. I had a client landing in the spam folder, on a new server, clean IP, new domain, everything. I put him on SendGrid and he wasn instantly going into the inbox.
For development, or a low level site, mailing off your server is fine if your hitting the inbox most of the time. But anyone that takes their site serious and the emails hitting the inbox is important, use a 3rd party. Most servers (from GoDaddy, Hostgator, etc.) are not for sending emails to tens of thousands of customers. They are web servers, not mailing (MX) servers, and they will tell you that it isn't their problem.
Update: I forgot to mention reverse DNS. You should have rDNS setup, and that is done by your upstream. So you would need to contact your webhost and ask them to setup "Reverse DNS" on your server.
Can you show the content of your mail? Are you trying to send HTML or text mail? Maybe the provider is on blacklist, check the sending IP address (see mail header) at a blacklist check.
I had these spam problems with Google Mail only when sending with mail() - after the change to SMTP all works properly.
I stumbled on the following script today for sending an e-mail using PHPMail.
<?php
$to = "some_address#domain.com";
$subject = "Test mail";
$message = "Hello! This is a simple email message.";
$from = "my_address#domain.com";
$headers = "From:" . $from;
mail($to, $subject, $message, $headers);
echo "Mail Sent.";
?>
Above can be runnable through php mail.php and instantly you'll get an e-mail sent to $to from $from despite not needing to set outgoing/ingoing servers out.
It really intrigued me, since my CMS uses an SMTP outgoing server (well, same way Mail PHP does), which I need to set up with my Outlook SMTP username and password - some sort of verification.
However, about Mail PHP just.. sends an e-mail. To the address you set it as. From the address you set it as.
Looking at PHP docs it does not really reveal how it works. Does Mail PHP not have any issues with spamming since anyone can send anyone anything anytime programmatically without verification of the from identity?
EDIT:
It's rather funny the people in the comments were talking about the POTUS, since I had the exact thing in mind:
It did land in my junk folder, but I'm sure it isn't hard to make this look convincing enough and still be considered "oh damn spam filter lost my e-mail!"
The mail function uses the settings from php.ini. The details of this configuration can be found in Mail Runtime Configuration.
The defaults can be set in php.ini, although you can override them using ini_set.
I bet you sent the mail from a PHP script on a hosted server. That server probably has SMTP settings configured beforehand. If you would try this locally on a WAMP/LAMP server, you would have to do this configuration yourself, since PHP cannot read your Outlook/WhateverMailclient settings.
As stated in the comments, you can specify the sender/from address yourself. SMTP doesn't require this to be the actual sender domain, so that's why this works. The missing link is the pre-configured SMTP server of your host.
Some relay servers do check for this, and your mail might be blocked or sent to a junk mail folder. You can however configure this in your DNS to indicate that <Your server's IP> is indeed allowed to send email for <yourdomain>. For more information about that subject, you might want to read this question on ServerFault.
It uses the smtp protocol or send_mail, you can even configure what php should use to send mails in php.ini. It can send e-mail but the e-mail will end-up in your spam filter take a look to DKIM and SPF records for more information