My website example1.com is hosted on host.example2.com and when I send an email message via PHP mail() function from example1.com. It always has a 'via' host.example2.com stamp in Gmail when people receive the message.
I found this: http://support.google.com/mail/bin/answer.py?hl=en&ctx=mail&answer=1311182
Seems I need to:
Use an SPF record - which I have done, and it's now correctly showing
"Received-SPF: pass" in the email header.
Sign my messages by DKIM3 to be authenticated as truly from example1.com
And I scoured through http://www.dkim.org/ to find nothing about how to do it in PHP.
Any idea how I can use DKIM3 for my email messages sent via PHP mail()? Thanks!
http://php-dkim.sourceforge.net/ seems to be a PHP implementation of DKIM. The download contains a PHP library and detailed documentation.
Note that Gmail may not immediate stop displaying the "via" thing even if you implement DKIM. Google seems to use other heuristics to decide when to show "via" and when not to show it, and they're rather reluctant to disclose exactly what you need to do. But DKIM will go a long way toward assuring Google that you're not a spammer.
Related
I'm using Mandrill to send E-Mails in my PHP Project and integrated it via the API. So far so good E-Mails go out and arrive their recipient, but something bothers me about the missing SPF and DKIM entries.
When the E-Mails are opened in outlook the "on behalf of" issue occurs (FAQ from mandrills KB). But I can't fix this, since too many of our customers do not have the necessary skills/ access-rights to create a SPF entry for their domain, so we learned to live with that.
We verified our own domain at mandrill to use it as custom sending-domain to get rid of the
from: reallyLongString#mandrillapp.com on behalf of customerName#customerDomain.com
and exchange it with
from: mailbot#ourDomain.com on behalf of customerName#customerDomain.com
but somehow I can't get this to work!
I cannot find an option to set "mailbot" as sender. Even worse, Mandrill makes up a phantasy e-mail-address consisting of customerName#ourDomain.com. If some customer gets the idea to send to this address we've got a disaster upcoming. Also the API does not specify anything like that in the "Messages"-Section.
How can I configure mandrill to send E-Mails with a from-field appearing in outlook like this:
mailbot#ourDomain.com on behalf of customerName#customerDomain.com
? Really cannot find anything in the docs or the web. Thanks in advance!
As Sanuel Jackson already indicated, there is no way to do this WITHOUT doing the whole certification process of creating a SPF entry.
Also confirmed by Mandrill support (which was quite fast AND competent in responding)
I'm now sending with a proper reply-to address and hope, that our customer's customers ignore the funky e-mail adresses... In case they do mind them, our customers are free to engage us regarding a SPF-entry ;-)
I would like to find out all e-mails that have been received by our mail server from a particular IP address, contained in the Message Headers.
It is a static IP, and I have found some already by manual means, but I am trying to find a way to either do this programatically, perhaps using a PHP script with full access on my mail server, or perhaps there is a function within cPanel itself which will do this?
How would one go about searching all e-mail headers for this IP?
You may want to have a look at procmail. It's a tool that can be used to process email messages as they arrive to your mailbox. You can specify the processing on the email message based on any field in the message header. In your case, you would be considering the "Received:" field which displays the IP address upstream email server.
Although procmail is generally used for processing email as it arrives, it is also possible to use it to process existing mail stored in mailboxes if you can cat and pipe the messages from the mailbox to procmail.
There is a simple example in the link below that explains the basics of using procmail.
Howto filter and forward e-mail with procmail: example
I notice that a lot of websites like Facebook and GitHub allow you to reply to an email notification which then posts the reply back to the application using a unique Reply-To address. How does this work on the back-end? I searched a lot but, only found that people were using unique Reply-To addresses. That's understandable but, what do they use to receive these emails? Do these companies set up email servers? I am trying to build this using PHP.
A common method is to set unique message ID's in the outgoing email and then looking at the In-Reply-To header to see which email this was in reply to. That lets you match up your server application's messaging system to emails. For example, if you send an email that represents a help desk ticket with ID 1234, the Message-ID could be something like
ticket-1234#myserver
Then, in email clients that work nicely (I'm looking at you Android), when you hit Reply, the reply has the header In-Reply-To: ticket-1234#mysever. You can go further by adding security tokens to ensure people can't forge messages (e.g. ticket-1234-hf29e9f2gf2e9fh29f#myserver). That security token is generated on the server when you send your first message and is then confirmed in the reply.
This normally works but can cause real headaches when email clients don't behave as they should!
This is how GitLab manages emails by using an identifier in the email address itself and catching it when the user replies. Although it is not relevant to any scripting language like PHP and uses server configs, this is what backend servers do to support reply by email functionality.
You have to set up a mail server to receive mail answers.
SIEVE filters on a IMAP server could be use to make some actions when a certain filter is detected.
But you can't only use PHP to make that type of system.
I have a web app which needs to send emails to clients 'From' staff email addresses. What's the best way to prevent my messages from being flagged as spam?
For instance, if I own charles#gmail.com, I'd like to be able to send mail "From" that address with PHP in my App, without getting the "This message may not have been sent by...." message.
Right now I'm just using the mail() function within PHP, with Headers for the From, Return Path, and X-Mailer variables.
I'm generally pretty confused by everything I've read so far about SPF and DKIM, so I appreciate any advice. Thanks.
This is a very lengthy subject with lots of things to consider.
The most important rule is to not use HTML and to send only correct mails that people want, and that the recipients do not flag as spam theirselves.
For instance, if I own
charles#gmail.com, I'd like to be able
to send mail "From" that address with
PHP in my App, without getting the
"This message may not have been sent
by...." message.
If you own a gmail address you could just sent the messages via gmail's SMTP service, but keep in mind that gmail has a 500 email sent limit. Below is a topic describing how to use gmail's SMTP server with the popular PHPMailer.
Right now I'm just using the mail()
function within PHP, with Headers for
the From, Return Path, and X-Mailer
variables.
Outsourcing this is probably the way to go using for example:
http://sendgrid.com/
We also offer a Free Plan with 200
Email Credits per day.
To read pricing visit http://sendgrid.com/pricing.html
http://elasticemail.com/
No monthly committments, no minimums,
no limits. Just pay for what you use
at $0.001 / email or less.
http://aws.amazon.com/ses/
Email messages are charged at $0.10
per thousand.
http://aws.amazon.com/ses/pricing/
http://www.cloudsmtp.com/
http://postmarkapp.com/
Just to name a few which are very cheap to use without any hassle/setup.
If instead of using the mail() function, you use an SMTP mailer such as the PEAR mailer package then you can send the mail using google's own SMTP servers. This will require you to provide the correct credentials to the google account you wish to send from. This should avoid the issue you are having.
One of the first things you need to ensure is that the email "From:..." really is from your server e.g your_mailings#yourcompany.com and it must exist and be a valid email on the server where the script works. You should try setting the sendmail user at the top of your script (assumes Linux server):
ini_set('sendmail_from', 'your_email#your_server.com');
Then you add a "Reply-To:" header and use your staff addresses perhaps and recipients will at least seem to have got an email that can be replied to. Without that you probably won't even get as far as being spam, you will get blocked on the way there.
This thread shows some of that and note the comments on PHPMailer - it is a good way to handle mailing and I have found it more successful than simple mail();
PHP mail form isn't working
I have a PHP website that send a validation code when a new account is created.
My problem is since few months, a lot of those email goes in the spam folder.
I thought of a solution that is to use an "external service" to send my email instead of simply sending it via the mail function in PHP.
Question : 1) What external service should I use (I guess it would requires to have an API)?
Try using your ISP's or company's server as a relay. Use a sending address which exists, so that validation can be done on it, and bounces sent back to it. You may want to setup a separate domain for verification such as verification.example.com. You could then send the validation message from application#verification.example.com. Replace application and example as appropriate.
You may also want to look at https://serverfault.com/questions/241189/email-delivery-management-grievances#241260.
Have a look at this documentation from Google. It involves your network support including reverse lookup and Domain keys to be present. I think most of the email servers would have similar requisites.
Many times, when using the builtin mail function, the configuration isn't set up to help prevent this from happening. The reason is the Received header is set to an internal IP address, like 192.168.x.x which is used as an indicator to most spam filters. You may want to try finding a simple SMTP class that connects remotely so the headers get set properly.