I want to send an email from A to B, with HEADER and CONTENT through gmail.
How to do that by PHP?
I've specified the FROM (from#example.com), but when I receive the email, it's still from my gmail account (abc#gmail.com).
$mail->From = "from#example.com";
$mail->FromName = "Mailer";
$mail->AddAddress("abc12#163.example", "Josh Adams");// name is optional
$mail->AddReplyTo("abc12#qq.example", "Information");
How do I change the FROM part?
The short answer - you can't.
Google rewrites the From and Reply-To headers in messages you send via it's SMTP service to values which relate to your gmail account.
The SMTP feature of gmail isn't intended to be an open or relay service. If it allowed any values for the From header, it would significantly dilute Google's standing with spam services, as there would be no way to verify the credentials of the sender.
You need to consider alternatives. How are you planning to host your script/application/website when it's finished: virtually every hosting solutions (shared/vps/dedicated server) will come pre-configured with an email transfer solution: be it sendmail or postfix on *nix, or IIS on Windows.
If you are intent on using gmail then you could:
Setup a dedicated myapp#gmail.com account
If you own the domain you are supposedly sending from, use the free gmail for domains, and setup a myapp#mydomain.example account.
====
Edit June 2015
It was suggested that GMail does allow sending via different addresses. As far as I can tell, this is for sending via the GMail wep app, and utilises your existing external SMTP server, which is not relevant to the original question.
====
Edit Nov 2013
Seeing as this is still getting a trickle of votes. A quick update.
Google have withdrawn their free GMail for domains. There are plenty of other free services around. One of note is Mandrill - a one-to-one email service intended for transactional emails (e.g. ecommerce orders etc.). It's ran by MailChimp, who pretty much know all there is to know about sending email at volume. They also give you 12k/month free, which is rather nice.
This question and correct answer may be relevant:
When using Gmail for SMTP, can you set a different "from" address?
Gmail requires you to validate From addresses before sending mail as that email address. So you need to add a new sender in your personal gmail account and validate it.
Doing so will allow you to authenticate with youremail#gmail.com and send email from from#example.com
Unlike everyone else, I'll take the plunge and make the assumption that by letters you mean emails...
But I'm not sure what you are getting at when you mention that it should include "Headers and Content". Do you want to forward emails? Do you want the emails from A to appear as though they came from B's gmail account in the headers? Are you building some sort of gmail client?
The easiest way to send an email with PHP is with the mail function. This example comes straight from their documentation:
$to = 'nobody#example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#example.com' . "\r\n" .
'Reply-To: webmaster#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
If you want the headers to appear from A's gmail and not to simply change the from/reply to part, you'd have to use gmail as the SMTP server. I don't know if you can set that at the script level.
The answer above are not quite correct.
You are definitely able to specify any senders as long as you own the other email address.
As the help page explains:
On your computer, open Gmail.
In the top right, click Settings.
Click the Accounts and import or Accounts tab.
In the "Send mail as" section, click Add another email address.
Enter your name and the address you want to send from.
Click Next Step and then Send verification.
For school or work accounts, enter the SMTP server (for example, smtp.gmail.com or smtp.yourschool.edu) and the username and password on that account.
Click Add Account.
Once that email is added successfully,
you can send email on the behalf of the new email address in gmail.
Google will not rewrite your from email in this way while you're sending email via Google SMTP.
You need to go to GMAIL settings and add new alias.
You will be asked SMTP information, which is basically useless, since you are using SMTP to send email, BUT the catch is that if your alias is on Google Suite domain it will be added just with simple email confirmation!
Once you have the alias there, you can change "From" header in your SMTP email.
NOTE: You cannot change the "From" address to whatever#dude.example, that's just how Gmail works and is the reason it's trusted.
If the reason you want to use gmail is because you don't want to set up an MTA (the reason you stated in a comment to this answer), you have 2 options:
If the web server is at your
home/work place; use your ISP's
smtp-server
If the web server is at a dedicated
hosting center, ask them what
smtp-server to use.
Related
I appologize, if my questions sound naive, but I have no one to ask. I am new in PHP and right now I am playing with PHP.mail() function.
I am using XAMPP, PHP, SMTP server in our work just to see the functionality.
In C:\xampp\sendmail\sendmail.ini I set
smtp_server=mail.heaven.com
auth_username=fairy
auth_password=nice
I created sendmail.php to send test mail to myself:
<?php
$to = 'fairy#heaven.com';
$subject = 'greetings';
$message = 'if you read this, everything is fine';
$headers = 'From: devil#hell.com';
mail($to, $subject, $message, $headers);
?>
I ran that and received email from devil#hell.com, so actually from me. I could not find out real sender from this message and my attempt to reply failed... because devil#hell.com did not exist, of course.
And now comes, what confuses me. As far as I know, the first step is to provide the real login and the pass (auth_username, auth_password) to the SMTP server. The server knows I exist, it lets me in, so I can send email from my REAL account.
I thought, that SMTP server takes automaticaly all necessary info from my account and wrap it into the email message, so the other people could reply, but obviously not.
I do not understand, why can I add misleading information so easily. It seems me, I can use my account to generate fake emails to molest my colleagues daily. I was not able to find out, who actually was the real sender.
Is this information stored anywhere? Is it possible for a client to see, who sent email or is it totally dependent on the From: header in PHP.mail() function?
Thanx for clarification
It is the way SMTP protocol is made.
You're telling the recipient who you're supposed to be, and how it can answer you. There is no central repository of who controls a email domain, or an email user.
It can check by itself, by implementing security mechanism, such as what gmail is doing using DKIM. You can't impersonate a gmail email.
See https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail for more information.
My webhost ONLY allows sending/recieving emails IF either the sender or reciever is hosted with them. (freehostia.com)
This is a huge disadvantage to me (and I'm assuming everyone else), because of the way my website works.
(My website: I have a classifieds website where CustomerA posts an ad with her email and CustomerB replies via the email form with his email. Neither email is hosted with my host.)
I asked if I could use an external SMTP server (such as Gmail) to bypass the limitations, and they said "Even if you set an external MX record for your domain you will not be able to send e-mails via your mail forum, if you do not use a mailbox from your hosting account with us as a sender or recipient."
Theoretical Workaround:
Auto-enter and hide my hosted email into the "email" section of the form
Have a new section for customer to input their email
When a message is sent, embed customers message and email into a default message. It will look like this:
To: customerA#example.com
From: DONOTREPLY#example.com
Subject: You have recieved a message!
Body: Blahblahblah (customers message) blahblah. To reply, email: customerB#example.com
Sorry about all the confusion. Would this work? Should I give up? I really like my host, but should I switch? Or is there a better workaround?
While you don't need to send through a different server, you can just send to whom you need and set the reply to any address you want.
The mail function allows you to set your own headers as a final parameter.
$headers = 'Reply-To: someone#some_other_domain.com\n\r';
mail($to, $subject, $body, $headers);
You can set the reply-to address.
That way even though the email is sent from your address, when the recipient hits reply it creates an email to the address given in the reply-to.
I'm not sure what you are using to send mail but there are some examples in the PHP documentation mail function - http://php.net/manual/en/function.mail.php
Im using PHP's mail() function to send some emails. But all my mails land automaticly in the trash box. Is there a way of preventing this? If so, where should i read to learn more about it.
Would you recommend me using PHPmailer?
Best of regards,
Alexander
TL;DR: There's no magic bullet. Just because you can learn how to form an email in PHP, does not guarantee it is routed to someone's mailbox, or even accepted. Success is based on reputation, not any single fix.
I am (edit: was) a mail server engineer, have written SpamAssassin rules, and have deep-dived issues for customers sending or receiving email.
The recipient's mail server scans your email, looking for attributes and "historical problems" (lack of mail agent, coming from your webserver IP, etc). These get "points". The total number of points is compared, and the recipient's server may do one or more of the following:
List item
refused during SMTP,
routed to Spam folder,
routed to Inbox, but tagged "SPAM"
blackholed (accepted, then mysteriously lost).
"Points" (score) only means something to a particular anti-spam solution. There is no public test. Fix ALL the problems you can, and success goes up.
*The #1 issue is: do not send email directly to the recipient's SMTP server. This network space sends 99.9% spam. It costs money to scan email, so a good email admin will block or refuse such connections.
The "fix" for your source IP is: Use an SMTP Gateway. The gateway can be our ISP mailserver, or a commercial service. Check first with their terms of service. They may prohibit sending emails using an authenticated web form, since these are so frequently abused ("someone hacked me" is not an excuse).
If you have email hosting, do the following: create a mailbox called for example 'website-notification#websitedomain.com'. Call it what you like. Now you want your PHP script to send the email -through- that address, using Authenticated SMTP. I'll leave the process of learning how to use Authenticated SMTP from PHP as a learning exercise for you -- there are many tutorials online).
Once you send emails through your valid SMTP server, the mail is seen as "originating" from your SMTP gateway. It's not seen as coming from your script. But this isn't the end of the story
As someone else noted, Be sure you are not missing display headers such as To: From: Subject: and Date:. Strictly speaking these headers are NOT "required" in email handshaking, but in practical terms no reputable email software omits them. Also, Date must be in the standard date format, or some spam filters will flag it.
This topic is not to be confused with "envelope headers" (the hidden stuff in the SMTP handshaking), which also can also impact your score. Using an SMTP Gateway usually takes care of this (since the recipient's mailserver will handshake with your gateway host).
Your FROM address must be VALID. Do not use a fake domain. Do not use your domain name with a fake mailbox name. Some anti-spam software will do a "Sender Verify" to test if the From address is bogus or fake (oversimplified: they'll try sending a reply and see if you would accept it or not).
The #1 mistake is setting your from address as "noreply#yourdomain.com", and not creating that mailbox. When that happens, everyone's "Sender Verify" on your email fails, and you look like a spammer covering their tracks.
If your domain DNS has an SPF record, be 100% sure it lists every IP that might send email for your domain. This is a technical topic. Having a valid, correct SPF record helps your deliverability a little bit. But if you misunderstand and create a bad (incorrect) SPF record, you will be worse off. Take your time to understand before using this.
If you have a business with a real address or PO box, don't use "Domain Registration Privacy" or "Domain Proxy" services if you can avoid it. When this was written (2011) It used to be very true that anonymizing services could get your mail blocked, or "tagged spam". This is less true today, but it's still worth considering.
Know the IP address of your mailserver, and regularly check that it is not "blacklisted" at SpamCop, SpamHaus, or the Barracuda spam blacklists. Google for more. There are monitoring services, and scripts which can alert you. But if you get on these lists, it means there is something else happening you were not monitoring for...
As said, no simple answer. :)
I suppose you mean thrash box at the receiver's end. So basically the receiving email server is regarding it as spam. This can happen if:
1) The IP you are sending from is already blacklisted for spamming (happens often in shared hosting)
2) The IP and domain are relatively new and unknown.
(Note that many times, newsletters from well established sites also end up in spam).
If its your dedicated IP, then setting RDNS for the IP, to match the domain name will very likely solve the issue. Another usual practice is to alert the receiver (if she is subscribing on your website) to check their thrash/spam folder and whitelist your email address in their mail account.
regards,
JP
JP's answer is partly correct but it also could be your header's in the email i know from experience this sends stuff to the spam folder try the following;
set the emails to your domain something like no-reply or a valid reply.
$to = 'nobody#example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#example.com' . "\r\n" .
'Reply-To: webmaster#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
This probably has something to do with your mail client and spam settings configuration. Try opening account on gmail.com and sending email there, if it's OK you know it is your mail server/client problem. If it's not, post your PHP code and full email headers of the email you've got.
This happens because many a times, headers are missing / if its a well known email server domain key signature is not present, or something like that. If you already have a separate email server, you should check out if you can use the PHP Pear Mail package to send email using your email server, rather than directly via mail function. That's what I find convenient, as its much more flexible.
I am using phpmailer to send email. I need to know how to hide or mask sender email address
You can specify any sender email address anyway, since SMTP by itself does not place any requirements on sender email addresses.
If the actual SMTP server you use places restrictions on email addresses (e.g. corporate servers which do not allow sender emails outside of the company domain) there's no way around that, unless of course you can influence the mail server configuration.
Update:
You say in a comment that you want to use gmail to send email where the sender's address is not a gmail address. There is no way to do that.
This is a rare situation you have here... if you do not have a mail server you can still tell PHPMailer to send from a different address just set the From attribute of the PHPMailer object to the address you want. But Wait! if your server doesn't exists, the client can't verify the account and then your mail will more likely be deleted (moved to spam in the more benevolent scenario). If you are trying to mimic third party mail, I'll help you no futher.
Note: Your mail server may be valid but clients are still unable to verify it, and thus you are getting mails delivered to spam or deleted. Check "Must Read" to below to have some inside on how to solve this.
On the other hand, if you already have a mail server, then tell PHPMailer you want to use it, set the Host and Port attributes to your domain name and port respectively. The same if you want to use an account form a different server, remember to set the attributes Username and Password correctly, you may also need to set SMTPAuth = true; and SMTPSecure = 'ssl'; depending on the server. [Note: Username and From may differ]
Now, if you want to use an account from Gmail, you could easily set an alias in Gmail to send as another account [Go to Settings-> Accounts And Import -> Send mail as -> (click) Send Mail From Another Address], that can be the case if you have a mail server but you cannot afford to have it online, you will need to start your server so you can receive the confirmation code Gmail generates to verify your account. Check recommended read for PHP side configuration details.
Lastly if for some rare circunstancies you can't tell PHPMailer to use your mail server, but you do in fact have one, and that one is able to recieve the mail... you can use AddReplyTo('me#example.com', 'My Name'); Most clients will understand that any reply to the message must be (unless explicitly defined by the user) directed to "me#example.com" in this case.
Disclaimer: I take no responsibility of any harm result of the use of the method I mention here, such as (but not limited to) your mail account getting banned.
Must read:
Coding Horror on sending mail via code
Recommended read: PHPMailer Tutorial (old version)
No need (neither a good way) to hide or mask whatsoever.
I assume you already know how to use the class you are talking about.
You probably have some variable for sending email, like
var $From = "someguy#whatever.com";
you can type whatever you want into that email address. Gmail dont care what email things is sent from.
And no, this dosent sound very legit.
One more thing: Gmail requires a gmail account to relay mails. Its no problem, it wont be visible.
You want to "show the company email address as sender" but you "didn't (sic) have any email server"?
Can anyone actually send you email at your company email address? If so, use that server which is hosting your email to send out from.
If you don't really have a company email address, then I suggest you get a gmail address like companyname#gmail.com and just send from that. Otherwise the email will appear as spam to a great many of your recipients.
Now, if the people you are about to send an email to actually signed up to be on your mailing list then you can use a third party application like Constant Contact to do your broadcasts from.
If they haven't, then I suggest you not send an email at all.
in mail headers you can have both a Sender: and a From: header which in most mail clients is displayed as either just the From or in some cases Sender on behalf of From, using this way is a nice and clean way to be able to send From a different mail address then the actual Sender mail server
This is highly illegal.
var $From = "someguy#whatever.com";
Is the only option your have for trying to hide email address. But no matter what your email will be inscribed with IP. Someone who knows what they are doing will still be able to trace the email back to the source.
I am using php and mysql. And my site is in flash (full flash site)
I have a website which let users to sign up. The signup process including sending "activation email", click link to activate account.
The first two weeks was fine. Out of around 2000 users, 1800 users are activated. After that, the activated users drop drastically, to about 30%. Example: 1000 users signup, only 300 were activated.
At first, I found the problem is because the email could not be reach to ymail, msn and gmail users. (Most of my subscribers are Ymail (yahoo), hotmail/msn(live) and gmail (gmail)). I tried signup using ymail and hotmail, but i didnt get any activation email. I contacted yahoo and msn, eventually my email can go through now.
However, my signup statistic still showing, the activated users are only about 30%, which very confuse me. I contact my hosting company, ask them the whitelist my IP. And they did it.
I need your advice/help on following questions:
How to check where the problem lies? Is the email not delivered? User receive email but didnt click the activation link?
I am using php mail funstion. and this is my headers:
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";
$headers .= 'From: Admin <\admin#domain.com>' . "\r\n";
$headers .= 'Return-Receipt-To: Bounce <\bounce#domain.com>' . "\r\n";
$headers .= 'Reply-To: Admin <\admin#domain.com>' . "\r\n";
$return_path = "\bounce#domain.com\";
(I hide my domain name, and i add backslashes within emails, cuz if not, the email wont show here, weird)
Is there anything wrong with the headers?
What can I do to improve my registration/signup activation process?
You should pass your return path as "-f" parameter for mail() function:
mail(
$this->recipient,
$subj,
$this->body,
$this->compose_headers(),
'-f ' . Options::obj()->mail->return_path);
Also, for the best results, if the sending server has a public domain name example.com, the return path should be something#example.com.
Anyway, you should definitely check the logs (/var/log/mail*) to know exactly what's going on.
Try using gmail as your smtp server istead of mail server like sendmail from a domain. Using gmail smtp would kinda ensure that your mails are sent on best effort surity. Also Gmail would not be treated as spam unless email id is marked as spam (so try using a one which is safe). To improve singup->activation through put your best bet is to ensure that email is reaching user's inbox.
For safety net you can have a feature in which you allow user to resend the activation link if the first one failed for some reason.
If you are uncomfortable using gmail as smtp, you can sign up ur domain with google apps (but that might require changes in business needs) and you can have admin#domain.com kind of email and still use efficient gmail smtp servers.
There are many libraries out there like phpMAiler which allows to use external smtp servers. Note all data through gmail servers go via SSL or TSL.
Do you have access to the log files of the email server sending out the registration emails? Any bounced emails normally go back to the sending server. By monitoring the log files you can check and see what number of emails (if any) are still getting bounced back.
What kind of access do users have to your web site without an activated email address? Are any features disabled? Are there any incentives to activate or use a real email address?
Your example doesn't show a Date header which is a required field. In my experience some mail handlers reject emails that don't have one (and some just add one with the current date.) If your actual code doesn't have one then try adding one and seeing if it makes a difference.
Search for RFC2822 for information on what is required,