I was trying to send emails from my website which is hosted by Hostgator.
whenever I try to send SMTP emails via any common port such as 587 or 25 the email works fine with the same code, but when I try to send using port 465 following the host settings it doesn't work and the website stops responding for few minutes on any device connecting from any other IP.
I'm posting this since the host doesn't provide any coding help.
below is the code:
$email = new PHPMailer();
$email->isSMTP();
$email->SMTPDebug = 0;
$email->Debugoutput = 'html';
$email->SMTPAuth = true;
$email->Host = "gatorxxxx.hostgator.com";
$email->Port = 465;
$email->Username = "email#mydomain.com";
$email->Password = "emailpassword";
$email->setFrom('email#mydomain.com', 'Sender Name');
$email->Subject = 'Subject';
$email->MsgHTML($body);
$email->AddAddress( "useraddress" );
$email->AddReplyTo('email#mydomain.com');
if(!$email->Send()) {
header("xxx");
die ();
} else {
header("yyy");
die ();
}
My concern is Port 465 is for authenticated email sending, therefore it has fewer chances to land in recipient's spam folder, while using ports such as 25 or 587 might be unsafe, hence can trigger spam filters from the client side.
Port 465 is not open on all SMTP hosts, it sounds like you are experiencing a TCP timeout, or your email class doesn't support SSL. Port 465 requires SSL, not STARTTLS as 587 does.
Also the port you submit through has no impact on the spam folder on the client, once your SMTP server # HostGator get's the email it will relay it to the target server on port 25. The "authenticated email" is just proving you are authorised to relay through the host, it has nothing to do with the content of the email or if it ends up in the spam box.
To avoid spam filtering you need to ensure you have valid SPF records configured, your RDNS is configured and valid in both directions and you DKIM sign your messages.
The best way to handle all this is to run a local SMTP server that you send through that relays to the upstream SMTP server. For example, Postfix with OpenDKIM.
Related
I have used the following PHP code to send email, but when I login to the gmail account after sending an email, the email that has sent is not recorded in the sent mail section of gmail. But emails are successfully delivered each time. I can use the IsSMTP() function in my laptop and in that case sent mails are recorded, but in GoDaddy VPS I can not use IsSMTP() but to use IsMail().
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\SMTP;
use PHPMailer\PHPMailer\Exception;
use PHPMailer\PHPMailer\OAuth;
use PHPMailer\PHPMailer\POP3;
require '../PHPMailer/Exception.php';
require '../PHPMailer/PHPMailer.php';
require '../PHPMailer/SMTP.php';
require '../PHPMailer/OAuth.php';
require '../PHPMailer/POP3.php';
$mail = new PHPMailer(true);
$mail->SMTPDebug = SMTP::DEBUG_SERVER;
$mail->IsMail();
//$mail->IsSMTP(); // if enabled instead of IsMail() an error "can not connect to SMTP" appears.
$mail->Host = 'smtp.gmail.com';
$mail->SMTPAuth = true;
$mail->Username = 'username#gmail.com';
$mail->Password = 'password';
$mail->SMTPSecure = 'ssl';
$mail->Port = 465;
//Recipients
$mail->setFrom('username#gmail.com', 'OFFICE');
$mail->addReplyTo('username#gmail.com', 'OFFICE');
$mail->addBCC("username#gmail.com", "OFFICE");//since sent mails are not saved
$mail->isHTML(true);
$mail->addAddress('to#gmail.com');
$mail->Subject = 'Subject';
$mail->Body = 'Hello';
$mail->AltBody = 'Hello';
$mail->send();
The problem is that Godaddy (and many other VPS providers) block SMTP ports in order to fight spammers.
When you are using $mail->IsMail(), the e-mails will go via GoDaddy's servers completely bypassing your Gmail account.
Now there is another problem as well, Google protects your #gmail.com addresses using various methods (such as SPF), so even if you are able to send the e-mail, it will be most likely marked as SPAM - if delivered at all. Otherwise anyone could send e-mails as you..
I'd highly suggest purchasing a domain (if you dont have one already) and either:
Hosting it in GoDaddys e-mail service and sending it via their SMTP servers (their SMTP servers are allowed)
Use external service which does not rely on SMTP (such as MailGun and their PHP SDK for example, but do your own research for a suitable one)
There might be some other "hacky" ways to still send these e-mails trough Gmail if you really need to, such as using VPN inside VPS or[1] proxying google SMTP externally on some other port which is not blocked. Beware, these methods still require some external service (most likely paid) and might conflict with GoDaddy's and/or Gmail TOS
[1] Apparently most of the VPN providers also block SMTP ports to avoid e-mail spammer flood
So I developed an automated Mailing System through which I send automated e-mails in PHP using the PHPMailer Extension.
First, most of the e-mails I've sent with the PHPMailer dropped into the spam of several clients, a well-known issue. I've checked with my host and we created an SPF record; and the result improved a lot.
Now by coincidence, I've found that some clients still seem to drop messages received via the PHPMailer script into their Spam folder. If I send the same e-mail manually, it doesn't happen, so it seems to be related to PHPMailer; so I must be doing something wrong.
The configs / code I'm currently using are / is :
$mail->isSMTP();
$mail->SMTPAuth = true;
$mail->Host = $host; // verified with my host
$mail->Port = 465;
$mail->Username = 'mymail#mydomain.com'; // verified with my host
$mail->Password = 'mypassword'; // verified with my host
$mail->SMTPSecure = 'ssl';
$mail->SMTPAutoTLS = true;
$mail->setFrom( 'mymail#mydomain.com', 'This is the Header of the E-Mail' );
$mail->addAddress( 'recipientsmail#hisdomain.com', '' );
$mail->isHTML( true );
$mail->Subject = 'This is the Subject of the E-Mail';
$mail->CharSet = 'UTF-8';
$mail->Body = 'HTML Content of the E-Mail';
$mail->send();
$mail->SmtpClose();
Please note that my hosting provider does not support any DKIM signature authentication; and I've also verified the correct reverse DNS lookup with my provider.
What am I missing folks?
I interestingly came about this post here; which writes that "IANA has reassigned a new service to this port [465], and it should no longer be used for SMTP communications."
The article recommends the use of tls and port 587 should be the default approach. Is this maybe the issue; or am I missing something out on PHPMailer? I just wanna be sure before switching anything, as I'm not at all an expert in the area of e-mails.. And well, I've never heard about this port issue.
Whether mail ends up in spam is very difficult to control. Implementing SPF and DKIM can help, but still provide no guarantees. If it was easy to bypass spam filters, spammers would do it, and they would not be spam filters! There's an article in the PHPMailer wiki about avoiding spam filters that you may find helpful. The headers in a received message will often tell you why a message has been put in the spam folder, for example listing the spamassassin rules it matched.
You say it works "manually", but is that sending from the same place (e.g. on your local machine)? You can get the raw text of messages sent through each route and compare them to see what's different (other than obvious things like message IDs).
That MailGun article is outdated. Since then, RFC8314 has not only "undeprecated" port 465, it's now recommended as the default because it eliminates a possible attack vector in the pre-encryption stage that SMTP+STARTTLS uses on port 587. Unfortunately it also makes it harder to debug from PHP, and denies the chance to do opportunistic encryption when encryption is not requested explicitly, so it's not the default in PHPMailer (yet).
I have a website hosted on server A. I use Cloudflare services, so I can not send mails to my users from the same server. I have server B for mail sending. Installed Exim and configured it as follows:
internet site, mail is sent and received directly using SMTP
Machines to relay mail for: [IP address of the server A]
On serevr A I use Phpmailer to send mail:
$mail->IsSMTP();
$mail->SMTPAuth = false;
$mail->SMTPSecure = "";
$mail->Host = "IP address of server B";
$mail->Port = 25;
$mail->Username = "";
$mail->Password = "";
Unfortunately, it doe snot work. Tried to change $mail->SMTPAuth to "true" but it does not help.
SMTP Error: Could not connect to SMTP host.
You've not posted much info to go on, but it's likely that outbound traffic to port 25 is blocked - see if you can telnet serverb 25 from server A. Normally you can't send out (relay) through port 25 anyway, but use an external authenticated submission host on port 587 instead. You should try reading the troubleshooting guide which covers all kinds of connection issues.
After setting up SPF Record i still am here to verify why i cannot recieve this email to hotmail account. I am able to send it to gmail with no issues. Please confirm if the code is correct, and SPF record is correct:
<?php
require_once 'PHPmailer/class.phpmailer.php';
$mail = new PHPMailer();
$body = "Thankyou for your Purchase. <br/><br/> Here is your Policy! You are now Protected during your Travels.";
$mail->AddAddress('$payer_email');
$mail->From = "noreply#example.com";
$mail->FromName = "Name";
$mail->Subject = "Thankyou for Your Purchase";
$mail->MsgHTML($body);
$mail->AddAttachment("tosend/xxx.pdf");
if(!$mail->Send()) {
echo "There was an error sending the message";
$sql = "UPDATE purchases SET policy_sent = 'Not Sent' WHERE id = '$lastid' ";
$stmt = $mysqli->query($sql);
$mysqli->close();
exit;
}
echo "Message was sent successfully";
$sql = "UPDATE purchases SET policy_sent = 'Sent', email_to = '$payer_email' WHERE id = '$lastid'";
$stmt = $mysqli->query($sql);
$mysqli->close();
?>
Here is the SPF:
v=spf1 a mx include:secureserver.net ~all
Are all these correctly configured?
Use SMTP Auth, then Hotmail wouldn't complain anymore. Anonymous mails are considered as spam by almost all receiving servers.
$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = "mail.yourdomain.com"; // sets the SMTP server
$mail->Port = 26; // set the SMTP port
$mail->Username = "yourname#yourdomain"; // SMTP account username
$mail->Password = "yourpassword"; // SMTP account password
But ofc. depending on whether you have control over your SMTP or not, you should make sure, that basic stuff like reverse-dns-lookup is setup properly
Due to the discussion in the comments, I want to add a little bit more information about my thinking about why SMTP Auth will fix this:
IF you are using PHPMailer without the definition of an SMTP-Server, PHPMailer will operate in mail mode, which will just call the mail() function of php.
The mail-function itself will use the smtp-settings configured in the PHP-INI file, or the default values, which are listed here: http://php.net/manual/en/mail.configuration.php
defaults:
SMTP = "localhost"
smtp_port = "25"
Since the OP has configured a local mail server (or why would he setup MX-records?), php will now connect to this SMTP-Server without Authentication. The Server will accept the message and send it to the next server.
(Same applies if unix' sendmail is used)
Each Server in the chain and especially the receiving server can now see, that a private SMTP has been used and no Authentication has been provided.
That is already Spam-Score over 9000 because with a setting like that (theoretically) everyone could use that server to send mails!
Restrictions like only from localhost are ofc. not known by other servers, therefore that SMTP is considered to be an Open Mail Relay http://en.wikipedia.org/wiki/Open_mail_relay
Switching PHPMailer to SMTP-Auth (EVEN if still the local SMTP Server is used) will add This information to the Entry created by the server when forwarding the mail. The Entry will look like this:
Received: from SERVER1 ([xxx.xxx.xxx.xx]) by mydomain.de with ESMTPA
The trailing A after ESMTPA now tells the receiving Server, that Server1 has used a valid user account on mydomain.de to start the sending-attempt, which means that the SMTP-Server knows the origin of the mail and could provide information about the sender.
Still, the local SMTP-Server is not a known one, so in this case it might end up beeing greylisted and checked on various RBLs, which shouldn't be any problem in this case.
If the (local) SMTP-Server now passes ALL checks (Reverse-DNS Lookup, Greylisting, RBLs and what not) - the mail has a good chance to be successfully delivered, even if no remote smtp is used, because the server could be successfully authenticated as well as the sender using that server. (Otherwise no company could setup own servers)
So, using SMTP-Auth (Or any other authentication method) will also have an impact, even if no remote-SMTP Server is used.
Authenticated Mails are not a guarantee for not beeing considered as spam - but unauthenticated Mails are definitly ranked higher in the Spam-Score of common systems.
Had the same issue. I have checked the whole script 30 times. Each setting each . and , Checked and rechecked dns records dkim and spf 100 times.
Nothing worked.
I e-mailed hotmail/outlook/live about the issue. I didn't expect any help but within a few hours the problem was solved.
It wasn't in the script. Hotmail just blocks any e-mail that is sent trough most webpages. Even if your spam reputation is fine. They have placed the server's ip on a whitelist and the problem was solved.
They can change it back if they detect bad behavior. There's a limit for sending e-mail. If your server has a bad reputation they aren't likely to add the server to their whitelist. This can be an issue on shared hosting packages. Someone else on the same server where you host your website can f up the servers reputation.
Have you tested on a live server? If yes, what error did you get?
Have you enabled your phpmailer's debug to know what errors it has? If you are not using SMTP you can test with this
$mail->do_debug = true;
If you are using SMTP then use
$mail->SMTPDebug = true;
What output did you get from your debugger? You get a clue to where your problem is coming from from there.
I also suppose #dognose's answer by asking you to better use SMTP. That way your email passes through an authentication which would help indicate your identity was confirmed.
$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = "mail.yourdomain.com"; // sets the SMTP server
$mail->Port = 26; // set the SMTP port
$mail->Username = "yourname#yourdomain"; // SMTP account username
$mail->Password = "yourpassword"; // SMTP account password
If $mail->Port = 26; doesn't work you can try $mail->Port = 25;.
The SPF currently being published by your DNS is invalid because you have three records!:
# dig +short txt immortalinsurance.com
"v=spf1 a mx include:smtp.secureserver.net ~all"
"v=spf1 mx mx:v=spf1 a mx include:secureserver.net ~all include:secureserver.net -all"
"\"v=spf1 a\""
The first one is valid; You should delete the second two.
The content of this record is correct for your domain if you are sending mail from 182.50.130.73. The 'mx' stanza is not strictly necessary since it points at secureserver.net anyway, but it may save DNS lookups on receiving servers.
Before you start sending email using mail() or SMTP, make sure you create valid sender email account in your cpanel.
From = "noreply#immortalinsurance.com";
This is very important if not all emails you send will be tagged as SPAM and goes to junk.
Once this is done, you must setup domainkeys and SPF records. Having a dedicated IP instead of using shared given by your hosts will also help with the delivery.
Finally check your mail with all three major email providers such as Hotmail, Yahoo and Gmail.
You will probably have to break down the exact reason why step by step. I know for a fact Hotmail is using a rules based spam filter (which is quite strict) and Gmail uses more like a self-learning system, which could explain why Gmail accepts your message and Hotmail doesn't.
The following you can check though:
A spf-record only works on the domain the spf record is added and only works for mail sent from ips/domains defined in that spf. Therefore make sure your code is executed from a server that exists in your spf.
Using SMTP as proposed above can increase derliverability (but it really depends on the receivers' spam filter). If you're testing on a local server though, you can use SMTP to send the mails trough a mail server defined in the spf. Otherwise
If the mailserver you are using is an open relay, than that could (and probably would) be a reason to add extra spam points. Thus make sure you're using a closed relay (e.g. the mailserver you're using doesn't allow mails to be sent unauthenticated users)
Check if the mailserver you're sending from isn't on any blacklist (http://mxtoolbox.com/blacklists.aspx offers a great tool);
Use the message headers in Gmail to find out if Gmail sees any reason to add spam points to your message (Howto: https://support.google.com/mail/answer/22454?hl=en). There you can find if your spf works (by searching for 'spf=pass'). This might also work for Hotmail if your mail would be delevered into the spam folder.
One of the many rules spamfilter apply are keyword checking (which I think your mail contains a few off), the amount of text and such. Make sure the overall quality of your message is good;
PHPMailer uses php's mail function by default. You can change this to sendmail ($mail->isSendmail();, probaly doesn't work on Windows if sendmail is not set up properly) or perhaps check the settings of your php.ini what mailserver is used (use ini_set('SMTP', 'yourhost.com'); to override, but this only works on Windows as far is I know).
The user of the connection data $mail->Username must be the same as the $ mail->From, otherwise hotmail rejects the email or marks it as spam.
Also, if the email has images, it can also be marked as spam.
In summary, for everything to be perfect, send email without images and that the From is the same as the Username.
I have opened the port 465 on my server:
iptables -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
iptables-save | sudo tee /etc/sysconfig/iptables
service iptables restart
And I can see the port is ACCEPT when I run iptables -L -n
But still when I try to send mail:
$mail = new PHPMailer ();
$mail->IsSMTP ();
$mail->SMTPDebug = 1;
$mail->SMTPAuth = true;
$mail->SMTPSecure = 'ssl';
$mail->Host = 'smtp.gmail.com';
$mail->Port = 465;
$mail->Username = "gmailusername";
$mail->Password = "gmailpassword";
$mail->SetFrom ( $from, $title );
$mail->Subject = $subject;
$mail->Body = $body;
$mail->AddAddress ( $to );
$mail->Send();
I get the following error:
SMTP -> ERROR: Failed to connect to server: Connection timed out (110)
<br />The following From address failed: gmailusername : Called Mail() without being connected
Any help would be appreciated!
Turns out, digitalocean had blocked sending emails for new users. Contacted them and now it's working. Hope this helps someone.
please go through http://aldrin.aquisap.info/2012/08/26/wp-mail-smtp-in-wordpress-hosted-by-bluehost/ or SMTP ERROR: Failed to connect to server: Connection timed out (110) with PHPMailer and Outlook SMTP.. i guess this is related to your error.
Google's SMTP server requires authentication, so here's how to set it up:
SMTP server (i.e., outgoing mail): smtp.gmail.com
SMTP username: Your full Gmail or Google Apps email address (e.g. example#gmail.com
or example#yourdomain.com)
SMTP password: Your Gmail or Google Apps email password
SMTP port: 465
SMTP TLS/SSL required: yes
In order to store a copy of outgoing emails in your Gmail or Google Apps Sent
folder, log into your Gmail or Google Apps email Settings and:
Click on the Forwarding/IMAP tab and scroll down to the IMAP Access
section: IMAP must be enabled in order for emails to be properly
copied to your sent folder.
Sending Limits
Google limits the amount of mail a user can send, via its portable SMTP server. This limit restricts the number of messages sent per day to 99 emails; and the restriction is automatically removed within 24 hours after the limit was reached.
Source: How To Use Google's SMTP Server