I have an SMTP webservice that sends emails from various applications. I use phpMailler to make these submissions. I use a GMAIL account to perform SMTP sending. When my client receives this email and opens it in their inbox, the sending server e-mail appears, in this case GMAIL. Is there any way to replace this email with another?
With gmail, no. What you're asking for is usually considered forgery, and will be blocked by SPF record checks. Gmail does not allow you set arbitrary from addresses. You can preconfigure aliases within your gmail settings, but that doesn't let you add new address at send time and there are a limited number available.
You have some options though - ensure that the from address you're using does have appropriate SPF records to allow you to send from it, or live with the from address and set the reply-to address to point where you want replies to go - this is how contact forms are usually configured, along the lines of:
$mail->setFrom('from#example.com', 'First Last');
$mail->addAddress('whoto#example.com', 'John Doe');
$mail->addReplyTo($_POST['email'], $_POST['name']);
Alternatively, if your sender addresses are set by users, then you need credentials for those email accounts so that you can send through them directly, rather than forging it through gmail.
Related
I am sending email using Gmail SMTP account, but I want show different sender email to the receiver. I am using below code to override the from email address.
Mail::send('emails_old.send_message', ['data' => $request->message], function ($message) use ($request, $toEmail, $cc, $bcc, $attacments)
{
$message->to($toEmail);
$message->subject($request->subject);
$message->from('no-reply#xyz', 'No reply');
$message->replyTo(auth()->user()->email, auth()->user()->name);
});
Above code working fine & also overrides sender name, but not email address.
can anybody tells what's wrong I am doing?
Thanks,
Kaleem
Gmail only permits you to use a From address that's in your Settings as a verified alias. You can't (and shouldn't) spoof an email address you don't control. If nothing else, it'll frequently be flagged as spam because of SPF records. – ceejayoz
If you want to use a different email address where the mail is send from try using a mail server, or try using a maildriver such as mailgun.
I only use Gmail SMTP for development, after that I switch over to my mail server.
I'd note that while other services may allow you to do this, it's still a horrible idea. SPF records will send a lot of email sent like this to spam. – ceejayoz
So if it's just for development or a school-project, you can use mailservices like mailgun or Gmail SMTP. Otherwise try to get a mail server to handle no-reply emails.
I want users on my website to use php mail() to send emails from my website domain. I would like users to get replies on their personal email address which will not be my domain email it might be gmail, hotmail or any other. When I do so, the email recipients get a phishing warning in gmail.
How can I set headers in php mail() so different sender and reply-to emails do not make gmail and other services tag the email as spam or phishing.
Your recipients are getting a pishing warning because your emails are not passing SPF checks. That simply means that the from domain you are using is not authorizing your server to send mail on its behalf.
Try using PHPmailer https://github.com/PHPMailer/PHPMailer
You can use it to set a separate from address as well as a specific reply to address
$mail->AddReplyTo('replyto#email.com', 'Reply to name');
$mail->SetFrom('mailbox#email.com', 'Mailbox name');
That being said. The SetFrom address is an address that must pass SPF and preferably DKIM checks to be NOT marked as SPAM or PISHED. This address is recognized as the BOUNCE address where all the bounced emails will be returned to. Not having a valid address may possibly disrupt future deliveries.
The AddReplyTo address will be loaded when the reply button is clicked by the recipient. Keep in mind that even though the message may pass SPF there are many SPAM filters that will potentially mark the message as spam.
The easiest way to get this working is to create an email address on your website (me#mysite.com) then get the website to automatically forward all mail to your gmail account. Then, use the website email address in the 'From' and 'Reply-To' address of your mail() routine.
I'm using Codeigniter PHP Mailer which is hosted here: https://github.com/ivantcholakov/codeigniter-phpmailer/ and with gmail smtp it works flawless.
However,using it for a standard contact form, when visitors use that contact form and send us an email, they basically send mails from our mail address to our another mail addess. When they open their own email address, they wont be seeing what they sent in their own sent items. What I want to do is (maybe without using smtp settings) show the visitors own mail adress (the one I'm asking as an input on contact form) as the FROM part of the email I receive from my contact form. So that, in case I want to reply the mail, hitting the reply button would be enough. İnstead of doing coding tricks and showing their email somewhere I could copy/paste and send new email.
Don't do that. It's effectively forging the from address and will fail SPF checks. Instead, use your own address as the From address, and add the submitted address as a reply-to address. In PHPMailer:
$mail->From = 'youraddress#example.com';
$mail->addReplyTo($POST['emailfrom']);
phpmailer is working fine and able to use it in various ways, but.... I'm trying to find a way to determine if a valid looking email address actually made it to some destination. I am NOT talking about validating addresses such as...
if (!$mail->validateAddress($email)) {echo 'Not a valid squiloople email pattern';}
This is my setup is using SMTP through gmail...
$mail->isSMTP();
$mail->SMTPAuth = true;
$mail->SMTPDebug = 0;
$mail->isHTML(true);
$mail->Host = 'smtp.gmail.com';
$mail->Username = "XXXl#gmail.com";
$mail->Password = "XXX";
$mail->SMTPSecure = 'ssl';
$mail->Port = 465;
If the email address looks like a duck and quacks like a duck then...
$result = $mail->send(); Will Always return true!
var_dump($mail->send()); // Also returns Boolean
Is there a way to test if the email was actually received somewhere? Or is this strictly a one-way shout-out through google's SMTP gmail servers???
Any tips, tricks, or pointers would be appreciated.
$mail->send() will not always return true. It returns true if the part of the sending process it was involved with works. So if you send to an unknown address, but do so via gmail, gmail's servers don't know whether the address exists or not at the time, so it will be accepted and bounced later. If you were sending to a gmail address when sending through gmail, then it would fail immediately.
If an account does not exist at all, most servers (including gmail) will still give a 5.1.1 "Unknown user" response, and that will be reported correctly by PHPMailer if you send by SMTP directly to the recipient's supposed mail server (but not if you send via an intermediate server (like gmail) or using mail()). PHPMailer doesn't have built-in support for doing that, but doing it yourself only involves a call to getmxrr and setting Host manually. Also you won't need to use authentication if you send that way.
You can do various things like check if a domain exists at all - if it doesn't, mail delivery won't work. Some servers will accept all addresses and send bounces later (e.g. if they have a spam filter with a long processing queue), but if you get rejected up-front, it's a pretty sure indication that the address doesn't exist.
You need to look into bounce handling too which will allow you to remove addresses that looked ok but later proved not to be, which is an entirely separate thing from anything that PHPMailer does. I will warn you now - bounce handling is extremely unpleasant!
You should also send using tls on port 587, not ssl on 465; see the gmail example provided with PHPMailer.
The only reliable way to confirm delivery is to get the recipient to answer. Tracking pixels don't work very well, or at all, and delivery receipts are often disallowed. Bounced emails only identify dead mailboxes that generate a non-delivery report - not all do - and won't identify a mailbox that's active but ignored. If the people you are emailing want something from you, don't give it to them until they've confirmed their address by responding to an email.
You can ask for a receipt but the user has a choice and most people like me will not let it acknowledge receipt. All you can do is to make sure all your headers are correct and monitor the bounced emails.
Yes this can be done by - Using imap to read the bounced mail notification that gmail mailer-daemon sends back for undelivered mail and then parsing out the bogus address. Using that you can go back to your database and clean it up. My login/registration system will not require a valid email for basic access, but for elevated privileges it will. I'll just make an admin class function that processes privilege requests and also does database cleanup for basic accounts so there will be no lag-time for new user registration.
Thanks to all that had a look and contributed!!! Now that I'm about done I'll have a look at getmxrr and see if that is better, but still plan to expand imap to automate email proxy account maintenance(deleteing, moving, ect...).
The solution I found was :
1) To save a copy of the email in a mysql database with an ID.
2) Make sure the email is signed with the domain in 1024
3) Add a img to the email requesting an image from a PHP file like https://www.example.com/img.php?id=emailid with the email ID instead of emailid
4) In img.php get the email ID and update the corresponding entry of your database with the time and date and render a base64 image.
So now you can know when the email is open and the time and date.
Try this:
if ( !PHPMailer::ValidateAddress($email) )
or
if ( !$mail->validateAddress($email) )
I am using phpmailer to send email. I need to know how to hide or mask sender email address
You can specify any sender email address anyway, since SMTP by itself does not place any requirements on sender email addresses.
If the actual SMTP server you use places restrictions on email addresses (e.g. corporate servers which do not allow sender emails outside of the company domain) there's no way around that, unless of course you can influence the mail server configuration.
Update:
You say in a comment that you want to use gmail to send email where the sender's address is not a gmail address. There is no way to do that.
This is a rare situation you have here... if you do not have a mail server you can still tell PHPMailer to send from a different address just set the From attribute of the PHPMailer object to the address you want. But Wait! if your server doesn't exists, the client can't verify the account and then your mail will more likely be deleted (moved to spam in the more benevolent scenario). If you are trying to mimic third party mail, I'll help you no futher.
Note: Your mail server may be valid but clients are still unable to verify it, and thus you are getting mails delivered to spam or deleted. Check "Must Read" to below to have some inside on how to solve this.
On the other hand, if you already have a mail server, then tell PHPMailer you want to use it, set the Host and Port attributes to your domain name and port respectively. The same if you want to use an account form a different server, remember to set the attributes Username and Password correctly, you may also need to set SMTPAuth = true; and SMTPSecure = 'ssl'; depending on the server. [Note: Username and From may differ]
Now, if you want to use an account from Gmail, you could easily set an alias in Gmail to send as another account [Go to Settings-> Accounts And Import -> Send mail as -> (click) Send Mail From Another Address], that can be the case if you have a mail server but you cannot afford to have it online, you will need to start your server so you can receive the confirmation code Gmail generates to verify your account. Check recommended read for PHP side configuration details.
Lastly if for some rare circunstancies you can't tell PHPMailer to use your mail server, but you do in fact have one, and that one is able to recieve the mail... you can use AddReplyTo('me#example.com', 'My Name'); Most clients will understand that any reply to the message must be (unless explicitly defined by the user) directed to "me#example.com" in this case.
Disclaimer: I take no responsibility of any harm result of the use of the method I mention here, such as (but not limited to) your mail account getting banned.
Must read:
Coding Horror on sending mail via code
Recommended read: PHPMailer Tutorial (old version)
No need (neither a good way) to hide or mask whatsoever.
I assume you already know how to use the class you are talking about.
You probably have some variable for sending email, like
var $From = "someguy#whatever.com";
you can type whatever you want into that email address. Gmail dont care what email things is sent from.
And no, this dosent sound very legit.
One more thing: Gmail requires a gmail account to relay mails. Its no problem, it wont be visible.
You want to "show the company email address as sender" but you "didn't (sic) have any email server"?
Can anyone actually send you email at your company email address? If so, use that server which is hosting your email to send out from.
If you don't really have a company email address, then I suggest you get a gmail address like companyname#gmail.com and just send from that. Otherwise the email will appear as spam to a great many of your recipients.
Now, if the people you are about to send an email to actually signed up to be on your mailing list then you can use a third party application like Constant Contact to do your broadcasts from.
If they haven't, then I suggest you not send an email at all.
in mail headers you can have both a Sender: and a From: header which in most mail clients is displayed as either just the From or in some cases Sender on behalf of From, using this way is a nice and clean way to be able to send From a different mail address then the actual Sender mail server
This is highly illegal.
var $From = "someguy#whatever.com";
Is the only option your have for trying to hide email address. But no matter what your email will be inscribed with IP. Someone who knows what they are doing will still be able to trace the email back to the source.