I understand SMTP is often used to send mail to client addresses, because the host may be considered spam and blocked. In this case, suppose I have a website with a few contact forms, that sends an email to the administrator's email account (eg. gmail). Because the email is sent to the admin, does SMTP have any benefits in reliability or security? Additionally, if the host sends email directly, does the host server need an 'email account'?
There is nothing particularly wrong with this approach. Many large frameworks and CMS systems use email as a way of contacting the admins for internal messages (software updates needed) or for contact form submissions from users.
If your framework has built-in API calls for transactional mailers, check those out - eg: Laravel recommends a couple of mail providers that already have API calls baked into the framework.
If you are using pure PHP, I can strongly recommend the excellent PHPMailer library over the built-in mail() function - PHPMailer is far easier to set up for SMTP.
The admin will need an account to send mail from, but if this is purely for site -> admin communication you can use the same gmail account for both the sending and receiving.
Note about gmail:
If you are going to use a gmail account to send, the account needs to have access for less secure apps enabled. You will also need to ensure that you don't annoy the Google admins with the volume of mail. Things like spam detection can be ignored since all the mail is going to one account and that account can simply whitelist the sending address.
Note about SMTP:
SMTP is generally secure enough for this sort of thing, as long as you use SMTP over SSL/TLS. Do not send mail to an SMTP server unencrypted as the password will also travel unencrypted and your account will be hacked quickly. Do not use port 25.
Related
I am in the process of having a web app built. And it will link into other people's websites.
It's purpose is to be a login to a portal which will manage their customers and data.
My app will at some point send an email to their customers acting upon the clients interest.
My concern is that we won't be hosting our clients emails.
So my question is can I get my web server web app to email the customers of my clients using their email domain name?
I think all I would need is the mail server and email account details.
I think I'll be using phpemailer unless anyone can recommend anything else? Is it even possible?
I'm just looking for answers or documentation ton help me setup configure if anyone knows of any.
Thanks in advance
As Barmar says, if your clients include your servers address in their spf records (and only use SPF for protection) then your mail server can send messages with a from address with the clients domain.
However, there another schemes, DKIM, which requires a private key issued by the client. To confuse things further, there is a scheme combining DKIM and SPF called DMARC.
Multiplexing the schemes and client keys via your own MTA is a formidably complex task. While #Barmar usually gives good advice, in this case I think a recommendation to simply ask the clients to include your domain in their SPF is not the best approach.
There are a lot of different choices:
a link back to the clients MTA (for clients whom operate their own MX) which would need to support SMTPS and SMTP authentication. Possibly even vpn support
the spf based model (for those not using DMARC or DKIM)
sending emails from your MTA but with a a masqueraded text part in the email address, e.g.
From: "a_user#yourclient.com" <a_user_yourclient#yourdomain.com>
...but with a Reply-to header pointing to the clients address, although this may impact your IPR
just use the clients email as the from address for those without any protection scheme
It would be straightforward to handle the initial routing of the email within your applications code, but you are going to need developers who really understand how email works in practice.
I would recommend you to use mailgun... Mailgun is simple to implement, you can send 10000 emails for free every month (see below) and you can send emails in behalf of clients domains. You need to add new domains to mailgun account and verify them like it's described in the documentation (see below).
Official SDK for php
https://github.com/mailgun/mailgun-php
Domain verification documentation https://documentation.mailgun.com/en/latest/quickstart-sending.html#verify-your-domain
Pricing plan if you need to send more than 10k per month..
https://www.mailgun.com/pricing
Here are some options:
If your client provides you with an account in their email environment, then you can send using those credentials. Assuming your client has a properly configured mail environment (SPF and/or DKIM and/or DMARC), then everything should be good.
You can send from your email server directly, but your client's SPF records should include your server's IP address(es) if you don't want the email to go to spam. (Though it's possible the email will not go to spam depending on a lot of voodoo related to spam filtering and IP reputation)
You could have your client setup a DKIM DNS entry with a public key that you generate. Then you could have your server sign the message using DKIM and send it on behalf of the client.
I am developing a system, in which - I have a database of email addresses of a specific type of companies. There are near 10 lac addresses in this database. In this system I want to send a message to all these addresses by one click. I am using PHPMailer. I am using Yahoo SMTP for sending email. But when I send email to some numbers of addresses, it block my yahoo email account. I think, yahoo SMTP server dose not support this kind of sending email process. So, Is there any SMTP server that support this kind of sending email process?
Assuming that "10 lac addresses" means "1,000,000 addresses", you are very likely to run issues with any free email service providers. Any reasonable email service will limit the number of emails relayed to prevent spamming and general abusing of the service.
You can either set up your own SMTP server (Postfix, Exim, etc. just to name a few free alternatives -- they may even run on your web server) or better yet, use a third-party commercial transactional email service which take care of email delivery. If your budget allows, I recommend the second option.
to send the email to one million email addresses you need some commercial mail service as no email service provider will provide that much free mail. Its better you to buy some comercial mail service like chipmonkey, emailmarketing and few others
I have an app where i'm sending emails on certain events, but when i used my gmail account, i never receive the emails and they are not in my spam folder. When i send them to my work email, i receive them instantaneously.
What do i need to do to get the emails through to google?
I'm using the standard codeigniter email configs (which i think uses sendmail).
I'm using google apps for business and i have the MX records setup that google provides.
Do i need anything else? Also, i'm using subdomains in my app, does that affect what i may need to setup?
EDIT
When i use smtp like this example Sending email with gmail smtp with codeigniter email library, the page never seems to come back. It eventually just timesout.
The only plausible explanation for this behaviour is a SPF Check failure. SPF or Sender Policy Framework is a new technology that allows easy detection of spam. Gmail honours SPF unless you manually mark those emails as not spam. Regardless of this, if you have received emails on another address then they must have reached Gmail too. Check your spam thoroughly, as Gmail does not discard emails even on very high spam suspicion rather they end up in the Spam folder.
You can set up a SPF that allows your webserver to send emails which will result in Gmail accepting emails sent by your webserver as authentic. See http://www.mydigitallife.info/how-to-set-up-and-create-sender-policy-framework-spf-domain-dns-txt-record-with-wizard/ and a wizard from Microsoft.
You will probably see, that at some point in the future, you'll get them all appearing in Gmail. Google is most likely seeing if the sender is spam, and holding those messages. I've experienced that before setting up dev servers. I would suggest using a transactional email service, like Mandrill or SendGrid. You'll find you get a lot of info from those services that you forgo if you simply send an email through PHP.
The Filter Theory The other possibility is that the poster has a filter set up on their GMail account that is filtering out the emails.
I would make sure that you are sending the required header information as well. Have you tried registering a new gmail account and sending it to that user?
I am developing a social networking site. It has functionality like user registration, people exchanging messages and sending email notifications for people's actions (and many more).
Currently I use PHP's mail function to send mails and it is working fine. I already set up a VPS and hosted the application.
My question may be a dumb question. Do Facebook and other social networking sites use SMTP servers to send the notifications or only just any kind of PHP mail function?
I read somewhere that using PHP's mail, there is a chance of mail going to SPAM folder. They advised using a certified SMTP server.
So, if I have to use an SMTP server:
1) Do I have to purchase a certified SMTP server separately? Or can this be hosted on same VPS whatever I have. If so, what server software will be good for this?
2) Are there settings I have to do in SMTP servers like send unlimited messages, because we don't know how many people exchange emails in a minute, and that is totally random.
To start: you are definitely going to have to use an SMTP server to send the emails from PHP. You can't simply throw your emails at the mail() function and expect it to work. You have to connect it to an SMTP server that does all of the dirty work.
However, if it's not your domain, I would suggest you don't do it. If you have the time to learn the ins and outs of email delivery and want to set up and maintain an SMTP server, by all means, go ahead.
If you'd rather focus on building your app and not worry about your emails getting delivered, I'd suggest an email delivery service. Here's a good list of services to check out:
PostageApp
Sendgrid
Postmark
Mailjet
And there are plenty more out there. All of them have a free option for you to play around with, so just look for the one that fits your needs and requirements.
(FULL DISCLOSURE: I am the Product Manager of PostageApp. Happy to answer any questions you might have about sending email from your app, though!)
The issue here is not really with the mail() function in itself, but in how you construct the emails. Messages can be treated as spam for a million and one reasons, but it is generally accepted that if you use one of the tried and tested mailer libraries, like Swiftmailer or PHPMailer (both free) there is marginally less chance of your messages being treated as spam.
Whether your messages get treated as spam is far more about how you construct your messages than how you send them. Another major factor is if your server sends thousands and thousands of emails all the time, so another hint is to be sparing with the emails you send out - only send them when you actually need to.
If you really want to know the answer to this question, you should do some reading on exactly how the modern email system works. Being able to build and send good emails is all about knowing how to work the system. Start here.
I run a website that allows users to send email newsletters using their SMTP, not the host's SMTP. In that case the user can connect directly with his/smtp to send email. I am aware that some hosting companies do not allow this. Does anyone know the way around this? I need to move my website from the present host.
You can use SwiftMailer (http://swiftmailer.org/). The user would need to give you there login information, but then you can login to their email account and send the emails from their account. This will work all the time since the host can't tell if it's a standard mail client trying to send email. You can even send through a gmail account.
If that's not what you want, then you are probably referring to relaying, which you can just give up on. Open relay has been one of the biggest security holes on mail servers for over a decade. Nobody should have that issue anymore.