So I'm not having much luck finding information on how to send email with custom From header without being potentially marked as spam (for email spoofing).
The reason we want to do this is we run a server for many client's websites, but we don't host their emails is most cases.
We wish to send enquiry emails from the websites using their preferred address (e.g. sales#mycompany.com) so that their customers can reply to the email.
At the moment we're using a Google Apps email address and changing the Reply-To header, but this is ignored by Outlook almost all the time (not sure why).
In most cases we have access to the DNS records, so is it as simple as adding our server's IP address to the domain's SPF record?
Or should we look at a third-party solution for this?
Thanks in advance!
Yes you need to add SPF records to the DNS TXT record.
So if you want to send an E-mail as user#foo.bar from IP address 192.168.3.4 you need to create (if you are not the admin of foo.bar) a DNS TXT record/s for foo.bar as such
v=spf1 +ip4:192.168.3.4 -all
This tells the remote server that the foo.bar domain sends legitimate email from 192.168.3.4 and that all other sources are only pretending to be foo.bar.
Note that the IP can be either ip4 or ip6.
Related
We have a problem using PHP mail on a shared hosting server on 1and1.com
We use SPF entries in our TXT DNS settings which include the email servers we use also confirm that outgoing emails are sent from our domain email addresses.
The scenario is: We have a button feature that allows site users to send a personal email from their email address to a client email address.
The problem is: These emails either bounce or end up in SPAM because they do not pass the SPF test.
Although I realize that we can solve the problem with a dedicated server, I was hoping someone had a solution or a way that we could solve the problem and still remain on shared hosting.
Thanks!
I am in the process of having a web app built. And it will link into other people's websites.
It's purpose is to be a login to a portal which will manage their customers and data.
My app will at some point send an email to their customers acting upon the clients interest.
My concern is that we won't be hosting our clients emails.
So my question is can I get my web server web app to email the customers of my clients using their email domain name?
I think all I would need is the mail server and email account details.
I think I'll be using phpemailer unless anyone can recommend anything else? Is it even possible?
I'm just looking for answers or documentation ton help me setup configure if anyone knows of any.
Thanks in advance
As Barmar says, if your clients include your servers address in their spf records (and only use SPF for protection) then your mail server can send messages with a from address with the clients domain.
However, there another schemes, DKIM, which requires a private key issued by the client. To confuse things further, there is a scheme combining DKIM and SPF called DMARC.
Multiplexing the schemes and client keys via your own MTA is a formidably complex task. While #Barmar usually gives good advice, in this case I think a recommendation to simply ask the clients to include your domain in their SPF is not the best approach.
There are a lot of different choices:
a link back to the clients MTA (for clients whom operate their own MX) which would need to support SMTPS and SMTP authentication. Possibly even vpn support
the spf based model (for those not using DMARC or DKIM)
sending emails from your MTA but with a a masqueraded text part in the email address, e.g.
From: "a_user#yourclient.com" <a_user_yourclient#yourdomain.com>
...but with a Reply-to header pointing to the clients address, although this may impact your IPR
just use the clients email as the from address for those without any protection scheme
It would be straightforward to handle the initial routing of the email within your applications code, but you are going to need developers who really understand how email works in practice.
I would recommend you to use mailgun... Mailgun is simple to implement, you can send 10000 emails for free every month (see below) and you can send emails in behalf of clients domains. You need to add new domains to mailgun account and verify them like it's described in the documentation (see below).
Official SDK for php
https://github.com/mailgun/mailgun-php
Domain verification documentation https://documentation.mailgun.com/en/latest/quickstart-sending.html#verify-your-domain
Pricing plan if you need to send more than 10k per month..
https://www.mailgun.com/pricing
Here are some options:
If your client provides you with an account in their email environment, then you can send using those credentials. Assuming your client has a properly configured mail environment (SPF and/or DKIM and/or DMARC), then everything should be good.
You can send from your email server directly, but your client's SPF records should include your server's IP address(es) if you don't want the email to go to spam. (Though it's possible the email will not go to spam depending on a lot of voodoo related to spam filtering and IP reputation)
You could have your client setup a DKIM DNS entry with a public key that you generate. Then you could have your server sign the message using DKIM and send it on behalf of the client.
I need your help! I have a code in PHP for sending emails (PHPMailer version 5.2.7). Send email from PHP, I use this method usually.
I explain me...
The mails sent go directly to SPAM folder to Hotmail, Gmail...
I have my own server with two domains (unique IP for two domains). In the domain1 the mails sent correctly (PHPMailer 5.2.7) and go directly to de inbox folder. In the domain2 the mails sent correctly but mails go directly to SPAM folder (PHPMailer 5.2.7)!!
Which is the difference between domain1 and domain2?? Have the same ip...
I can do mailings to domain2 not reach the spam folder?
P.D.: Shipping method in PHPMailer is SMTP with user and pass verified.
There could be multiple factors that results in mail getting routed to spam folder. I don't think, it is anything to do with PHPmailer. It is something to do with your IP reputation, complaints, activity, user engagement and some other factors.
One reason could be, that your mail server uses only one ip to send from.
Maybe the the reverse lookup from that ip resolves to your domain1.
Also related are dkim and spf records.
I am using PHP to send emails using mail.
Now I am sending it with a from address being my domain. This works fine when sending from any email address # said domain (such as abc#domain.com, fff#domain.com), but their is 1 certain address that just doesnt work.
When I send it from the email reports#domain.com (which is an email account that exists), the error logs look fine, but the email never arrives. Not in spam or anything.
Why would it be that a certain from email address is failing? I'm not sure if this is a problem with sendmail or PHP.
I've checked the settings of the reports email account and they all look the same as every other account that does work so im not sure where to start looking.
Please check your Reverse DNS, SPF and Domain Keys of your mail server and your domain
Utilize the followings #
Debouncer
MXToolBox
intoDNS
We have three domains hosted on one dedicated server each with its own dedicated IP.
Domain A - Has the server primary IP address (default server IP)
Domain B - Has its own IP address
Domain C - has its own IP address
If an email goes out from Domain B then it uses the Domain A IP address in outgoing and this makes emails from Domain B using PHP go straight to spam box of Gmail etc.
Is there any way to change the source IP depending on where the email originates from in PHP? What should we change to fix this?
This is nothing to do with PHP.
No you can't spoof addresses in the way you suggest - but the reason that emails are being classified as spam is because you've only got Host A published in your SPF. Just add the others to the permitted senders list:
"v=spf1 a:hostA.example.com a:hostB.example.com a:hostC.example.com"
C.
You're not giving any details about your server setup so this can't really be answered. PHP can, however, use a SMTP server of your liking. The easiest way to set this up is a tool like PHPMailer.
If you can't change the IP you're sending from, you need to change domain B's MX record making Domain A (or its IP) the mail server for that domain. I'm pretty sure spam filters like Google mail look for the MX record only. Of course, you would have to have both E-Mail sending and receiving facilities on Domain A for this to work.
PHP is usually set up to drop mail onto the localhost MTA, which will always send it on from its own bound IP address. So, no.
To reduce the chances of being marked as spam because your mail comes from an address that doesn't tie up with the DNS records (MX or fallback A) for a domain, add an SPF record to the DNS for all the domains saying that mail from the sending IP address is fine.