i am working on a project and i have to send mails. I noticed, that it was possible to set "From" to any email address without any kind of authentication (like password). Why is that possible and is this not a lack of security?
Sending a mail from my private domain as the "Sender" was possible and this mail was not marked as spam by the client..
Is it possible to prevent sending mails from the domain?
Yes, email headers can be #microsoft.com for example, but microsoft must have a SPF record on it, to indicate that your server is authorized to send messages with their domain. So, if you don't have authorization, it will be marked as spam by most email clients or you will be advised than message is fake .
Related
I want to know if using PHPmailer functions to send HTML or plain emails
would be not considered as SPAM by mail servers if it would originate
from the domain with the same name.
For example :
sending email with PHPmailer as "info#mydomain.com"
originating from "mydomain.com" domain (as opposed to say GMail server or other mail servers).
I have a "password lost" system that sends emails to people using my website/portal
and so far i tested the function with my GMail account. I wonder that when I will move
to new hosting, linux box, and configure the domain on that box, and add a mail account and use PHPMailer locally, with that mail account, maybe it would be totally cleaner and will not go in SPAM folders when I sent mails.
Let me know your thoughts about it,
and if this really works
thanks,
Your mails originating from yourdomain.com sent as info#yourdomain.com will not be marked with "using domain yoursharedhostingdomain.com" in gmail, so mails shouldn`t drop in the spam folder for that reason.
With Gmail here i mean e-mail client, not using gmail account as a sender.
I have an app where i'm sending emails on certain events, but when i used my gmail account, i never receive the emails and they are not in my spam folder. When i send them to my work email, i receive them instantaneously.
What do i need to do to get the emails through to google?
I'm using the standard codeigniter email configs (which i think uses sendmail).
I'm using google apps for business and i have the MX records setup that google provides.
Do i need anything else? Also, i'm using subdomains in my app, does that affect what i may need to setup?
EDIT
When i use smtp like this example Sending email with gmail smtp with codeigniter email library, the page never seems to come back. It eventually just timesout.
The only plausible explanation for this behaviour is a SPF Check failure. SPF or Sender Policy Framework is a new technology that allows easy detection of spam. Gmail honours SPF unless you manually mark those emails as not spam. Regardless of this, if you have received emails on another address then they must have reached Gmail too. Check your spam thoroughly, as Gmail does not discard emails even on very high spam suspicion rather they end up in the Spam folder.
You can set up a SPF that allows your webserver to send emails which will result in Gmail accepting emails sent by your webserver as authentic. See http://www.mydigitallife.info/how-to-set-up-and-create-sender-policy-framework-spf-domain-dns-txt-record-with-wizard/ and a wizard from Microsoft.
You will probably see, that at some point in the future, you'll get them all appearing in Gmail. Google is most likely seeing if the sender is spam, and holding those messages. I've experienced that before setting up dev servers. I would suggest using a transactional email service, like Mandrill or SendGrid. You'll find you get a lot of info from those services that you forgo if you simply send an email through PHP.
The Filter Theory The other possibility is that the poster has a filter set up on their GMail account that is filtering out the emails.
I would make sure that you are sending the required header information as well. Have you tried registering a new gmail account and sending it to that user?
I am sending email using mail() function from my CentOS server. I am able to send using anyone's name without any authentication. For example, I am able to send email using my email address (abc#gmail.com -- say), my friend's email address (xyz#gmail.com -- say) or any other email address (billgates#microsoft.com -- say).
When someone receives my email from PHP code, it looks exactly like it was sent from the email address that I wanted to send from. I am using this PHP class for sending emails.
My question: How to prevent an email to be automatically marked as spam by the email service provider of the receiver (Gmail, Hotmail, MSN, Yahoo etc.)?
As of now, I have only option for sending email using mail() function only. My authentication code is not working.
Note: I am not going to do any spamming. My web application going to send emails to users who are creating new accounts on my website. And hence, I don't want email from my server to be automatically marked as SPAM by their email service provider (Gmail, MSN, Hotmail, Yahoo etc). I don't want my email to go directly to their SPAM folder instead of their Inbox.
You should use the domain name of your website as E-mail address e.g. noreply#mydomain.com. Because some mail servers will do a dns lookup for the domain stated in your e-mail address or even a reverse dns lookup. Since gmail.com does not resolve to the IP of your webserver the e-mail may get marked as spam. There are many other factors for an e-mail to become spam.
For example HTML formatted mails (especially when containing external images) are more likely to get marked as spam than plain text mails.
Also make sure to use proper Mail headers for your mail, they may also be validated by the remote mail server.
I'm using PHP mailer to as part of an enquiry form that I'm building for a client. One thing I've noticed in testing is that when I use my yahoo account as the FROM and my gmail as the to it works fine for a while but then it starts rejecting, I'm assuming because gmail is smart enough to know that the email isn't actually coming from Yahoo.
What is the best solution to this? I could use the email from the person who has actually filled in the form to show as the FROM address but I'm worried that this may eventually cause the same problem anyway? I could also send it from an email on the domain that its sending from but will that stop it from appearing as spam or black listing that email?
Any help or guidance would be great?
You are getting tagged as a spammer because you are sending the same message over and over. Set up your own mail server without a spam filter while developing if this is a problem.
You are not Yahoo -- don't pretend to be them! Set the From field to an address at the domain that's sending the mail (e.g, if your domain was example.com, send from something like inquiries#example.com or noreply#example.com).
This is probably related to SPF records. mail() will most likely try and send the mail directly to the server(s) identified by the MX record of the recipient domain, and because you are not sending from an IP address that is recognised as one of Yahoo's, Google will reject the email. If you are on *nix, you may be able to configure your system's sendmail program to relay via Yahoo. This is not an option on Windows (I don't think) because Windows has no sendmail and PHP will send the mail itself.
If you want a cross-platform solution you can use something like PEAR::Mail to relay the message through Yahoo's SMTP servers - this should resolve the problem as long as the SPF record is the source of the problem.
If your email is getting flagged as spam because of the content of the message, the only solution is to change the content of the message.
We have a client that can't receive emails from a dedicated server using PHP mail because when their SPAM server does an MX record lookup for the IP it can't find one (so it bounces the email).
This is because the mail exchange is on a different server completely. The client said that they have an IP address that bypasses the SPAM blocker.
So I'm wondering if PHP mail can send an email to a specific IP?
Does your server not qualify as a mail sender by their spam filter? Because I'm guessing that they can receive mail from other people.
So I think you need to look at the setup of your server so it complies with their qualifications (like a reversible name for example, or whatever other rules they require from an email sender)
Because with PHP (and other languages) you just send the email, there are tools that send an email through another server that is qualified to send emails, but usually you use the server itself.
For example, you can use the Zend Mail library to send through another SMTP server.
The answer is yes. However, how the mail() call in PHP actually sends the mail is totally dependent on how your system is set up, so any problems you're having sending mail won't be resolved in your PHP code, they'll be in your mail set up.
Generally, you should be able to address a piece of email to "user#192.168.1.1" and have it arrive successfully.
There's a good article about some of your mailer settings here.