While sending an e-mail using php mail() function, the 'From' header can get any random e-mail address and/or name we desire.
However, the 'Reply-To' header seems to receive only the accurate e-mail address, apparently in order let the receiver reply to a valid address.
I was wondering if there is any possible way to show a random email address on the 'Reply-To' header, while making reply email to send to a different one.
Is that possible at all?
Suppose this is our code:
$subject = "Your subject";
$message = "$message";
$headers = 'From: myemail#my_domain.com' . "\r\n" .
'Reply-To: ' . $email;
Here we can clearly see that the From address is different than reply to address, this is what tells the browser from which address has the mail been sent and where to reply to, but you want to mask the address of reply-to... So tell me this, if we mask the reply-to address to another address, then what will happen?
The browser will try to reply to the masked address not the real one... So I believe it is not possible to mask the reply-to address... Because the masked address is not ours, and thus we won't get any reply at all..
Related
This question already has answers here:
PHP mail function doesn't complete sending of e-mail
(31 answers)
Closed 6 years ago.
I'm using a basic script on a 1&1 hosted server:
$recipient = "email#domain.com";
$sender_name = $_POST['name'];
$sender_email = $_POST['email'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$headers = "MIME-Version: 1.0"."\r\n";
$headers .= "Content-type:text/html; charset=UTF-8"."\r\n";
$headers .= "From: {$sender_name} <{$sender_email}>"."\r\n";
$headers .= "Reply-to: {$sender_name} <{$sender_email}>"."\r\n";
mail($recipient, $subject, $message, $headers);
..but for some reason am not receiving any emails, nor any errors as per PHP mail() function not sending email instructs.
I thought this may be a server issue but 1&1 states that it is fully supported. I've also sent emails from this server/hosting before using just a recipient, subject and body and so I'm rather unsure as to why it is not working now!
UPDATE
Sending without headers, i.e.:
mail($recipient, $subject, $message);
..does work, so it would appear to be an issue with using the headers?
There may be many reasons, for example you should study what SPF is.
The $sender_email can't be any address, for example you can't put a gmail address and send emails claiming to be that sender, without any authentication, you aren't allowed to send email on behalf on that address, because I could for example send emails putting your address in the from, pretenting to be you when I'm not (I tried to use simple words)
You should use in the From something ending in #yourdomain.com, and set up SPF to allow your server's IP to send emails for that domain. OR otherwise send emails through SMTP (with PHPmailer, for example, it's very easy)
Errors in header does affect the mail delivery. if you send email with wrong headers, for example, let's say the email of the user is user#email.com and his name is "user user", and you send the email to user#email.com it might cause the email to go in spam or not accepted at all if it doesn't match on server.
Gmail, for one, has a name associated with every email id. if you put a wrong name with the email, there's a chance the email might not show up in inbox or sometimes even spams.
"But in the link I attached the example given uses a 'from' header set by a form input?"
if you want your users to be able to send email to you, best idea would be to use your own email address as the sender email. E.g. if your website is at website.com, configure an email like "contact#website.com" and configure your script to use this as From header, you can send it to your own email at the same domain(website.com) or any other email which you authorize. You can add the users's actual details in the mail. that'll ensure the successful delivery of the email always.
Any idea why the [Enter email] field on this form will only reach me#me.com if the email entered matches me#me.com?
If I put in any other email address than the one listed in $to=, the email doesn't send.
$fieldname = 'images';
if ($_POST){
// we'll begin by assigning the To address and message subject
$to="me#me.com";
$subject="Registration";
$from = "<".stripslashes($_POST['email']).">";
// generate a random string to be used as the boundary marker
$mime_boundary="==Multipart_Boundary_x".md5(mt_rand())."x";
// now we'll build the message headers
$headers = "From: $from\r\n" .
"MIME-Version: 1.0\r\n" .
"Content-Type: multipart/mixed;\r\n" .
" boundary=\"{$mime_boundary}\"\n";
Here's a Pastebin.
You are setting the from header to be the address posted in the form, and the to header to be your email address. Should be reversed if you are trying to send an email to them.
$to="me#me.com";
$subject="Registration";
$from = "<".stripslashes($_POST['email']).">";
If indeed you want the email to appear to come from the address listed in the form, you can't in general do that. You can't send email on behalf of another use (your SMTP server is likely to reject it these days). This is to prevent pfishing attacks (FROM: Someone#ThatYouKnow.com, SUBJECT: What is that password again?).
Send it from an email address that you control. Include the email address from the form as part of the body of the email.
In my website, I have a little contact form that uses PHP to send a mail to my personal e-mail address.
In the form, I ask the user for his e-mail address. If the address exists, the script works perfectly, and will receive the message very quickly. But if the user enters a wrong mail address, I won't never receive it. Is it normal ? Here is a little piece of my script...
/* Prepare Email Subject */
$email_subject = '[CONTACT FORM]' . "\t" . $title;
/* Prepare Email Message */
$email_message .= "Nom: ".clean_string($name)."\n";
$email_message .= "Email: ".clean_string($email)."\n";
$email_message .= "Telephone: ".clean_string($tel)."\n";
$email_message .= "Message: ".clean_string($msg)."\n";
/* Prepare Email Header */
$headers = 'From: '.$email."\r\n".
'Reply-To: '.$email."\r\n" .
'X-Mailer: PHP/' . phpversion();
/* Send Email and redirect */
mail($email_to, $email_subject, $email_message, $headers);
header ('location: /?status=success#contact');
I would like to thank you all for your answers. I am very sorry if the problem isn't clear enough, and I hope my english is understandable (I'm a Frenchy) !
For those who don't understand what is my problem :
In my script, I put the user's mail adress in the mail header.
If the user gives me a valid e-mail, then I will receive the message, otherwise I won't.
Don't worry about the variables, this is just the last part of my script, but I verify all of them.
When I said "only if the address exists", I really wanted to mean that apparently, if the address is not registered, or if the domain does not exists, it does not work.
Before sending the mail, I verify if the address is "valid" by applying a Regex test.
And if I enter, for example : abcde#aeaefa.fr I won't receive the mail. That's why it is weird, the mail address format is good.
blue112, I am going to create a postmaster address, and use it to send these mails.
You shouldn't use the user's mail to send a mail.
It's bad practice. You are kind of usurping it's identity
If user uses, for instance, a gmail, and you're setting it to gmail, gmail won't trust you because he knows it never sends the email
They are great chances the email falls in spam box
The best way to go is a use a "valid" and trusted email to use in the "from" header field.
Also, about your script, you can wrap the `mail``function in a if to know if everything went fine during the sending.
if (mail($email_to, $email_subject, $email_message, $headers))
{
header ('location: /?status=success#contact');
}
else
{
echo "Sending mail failed";
}
This provides you no garentee that the mail succesfully arrived, however.
Since you most likely can't actually do anything useful with the email if they have entered an invalid address, you should check that the email address is valid, there are varying degrees of annoyance for the user that you can go through to get this information to be valid:
Using a regex to match the email address
Asking the user to confirm their email, this captures mistypes (some annoyance)
Ask the user to register first before they can use the contact form (big annoyance)
You could also make your mail have static From and Reply-To addresses that you own, and include the users entered email address in the actual body of the message, this ensures you actually get the email even though they may have given your contact form a rubbish email address.
I have created a contact form using mail function, everything just fine but there is a problem by sending mail from yahoo to gmail!
any email to any email is good(even from gmail to yahoo).
But when the email goes from yahoo to gmail, it dose not work!
Like this:
mail("myemail#gmail.com",$subject,$message,"From :myemail#yahoo.com");
This dose not work!
how to fix this?
whole code:
<?php
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= "From: ".$email;
$subject=$form_name." - ".$subject;
$message=nl2br($message);
$message=$message."<br /><br /><br />".$name."<br />".$phone."<br />".$web;
$message = wordwrap($message, 70, "\r\n");
if(mail($send_to,$subject,$message,$headers)){
echo "<p class='success'><span></span> ".$success."</p>";
}
else{
echo "<p class='error'><span></span> there was a problem, please try again</p>";
};
?>
Most likely this is failing due to a security check - your server is not associated with Yahoo.com, thus when the origin IP address of the e-mail is checked against the domain of the sender e-mail address, it fails and the e-mail is blocked. Only some e-mail providers do this level of checking.
If your goal is to have your yahoo e-mail address show as the reply to address, try setting it using the reply-to: header instead of the from: header. See the PHP mail() docs for more specifics. Use the appropriate or default from address of your domain or server. This will give you the best results as far as making sure your e-mails actually get delivered.
When your mail server is sending an email, the DNS SPF record is checked to ensure that your server is allowed to send emails where from address is set to yahoo.com or gmail.com. If there is no SPF records which tells that your server is allowed to send emails for yahoo.com domain, this means that your server is maybe sending a SPAM. This way, some mail servers can reject emails received from your server.
I've just solved the same problem by moving the sender email address from the "from" header to the "reply-to" header.
Set From with something like "no-answer#yourmail.com"
Set Reply-to (add a line in your code) with the sender email address.
Gmail will no longer filtrate the mail, considering it's a transparent behavior and then not a spam attempt.
Though the problem occurs only with Yahoo/Gmail…
On my website I have a contact form, where the user can report bugs or submit feature requests. The form contains a subject and message.
I want the form to email me directly, either with PHPMailer or with PHP's built-in mail function.
The issue here is when generating the email, the sender has to be an address I own, not the actual user's email address. The reason for this is obvious, since we shouldn't be allowed to impersonate other people. However I want to be able to email my users back directly from my inbox, which I can't do since I can't use their address to email myself in the script.
What is the best way to construct the contact form then?
The only workaround I can think of is to insert the message + sender address into a database, and then read it manually from there....an epic hassle.
I would be grateful for any suggestions.
Set the Reply-To e-mail header, so you'll get something like this:
<?php
$headers = 'From: you#example.com' . "\r\n";
// Set the sender address as Reply-to below
$headers .= 'Reply-To: sender#example.com' . "\r\n";
mail('you#example.com', 'Subject here', 'The message goes here', $headers);
?>
This way you will be the sender, but when you hit the reply button in your mail client, it will default to reply to the address listed in the Reply-To header.
Why does the center have to be an address you own?
SMTP won't prohibit you from providing the email your user provides as the sender. As long as the SMTP server allows you to relay from it, it will take any value for sender and recipient.
Another option would be to make a sender email up (contact-form#yourdomain.com) and set the Reply-To field to your user's email address.
You can use the code below to receive an email from an address you own but when you reply it'll go to the user's email
<?php
$to = 'youremail#yourdomain.com';
$subject = 'the subject';
$message = 'message';
$headers = 'From: youremail#yourdomain.com' . "\r\n" .
'Reply-To: user#useremail.com' . "\r\n" .
mail($to, $subject, $message, $headers);
?>