in my web site i have developed a mail function see my code ..
$headers='MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html;charset=iso-8859-1' . "\r\n";
$headers .= 'From:'.$name.' <'.$email.'>' . "\r\n";
$mail_body="";
$mail_body.='<table style="border:1px solid #993300" width="400" cellspacing="3" cellspacing="5">';
$mail_body.='<tr><td style="padding-left:10px; line-height:25px;" >';
$mail_body.='<center><b>Enquiry Information</b></center><br>';
$mail_body.='Name : '.$name.'<br>';
$mail_body.='Email : '.$email.'<br>';
$mail_body.='Phone Number : '.$phno.'<br>';
$mail_body.='Package : '.$package.'<br>';
$mail_body.='Category : '.$category.'<br><br>';
$mail_body.='Vehicle Type : '.$vehicle.'<br><br>';
$mail_body.='Traveling From : '.$travelfrom.'<br><br>';
$mail_body.='Arrival City : '.$arival.'<br><br>';
$mail_body.='Date : '.$date.'<br><br>';
$mail_body.='Adult : '.$adult.'<br><br>';
$mail_body.='Children : '.$children.'<br><br>';
$mail_body.='Food : '.$food.'<br><br>';
$mail_body.='Travel Requirements : '.$requirement.'<br><br>';
$mail_body.='Duration : '.$duration.'<br><br>';
$mail_body.=' promotions : '.$promotion.'<br><br>';
$mail_body.='Addons : '.$addone.'<br><br>';
$mail_body.='Preferred Destinations : '.$destination.'<br><br>';
$mail_body.='</td></tr>';
$mail_body.='</table>';
$mailSend=mail('enquiry#travel.com', "Country Travelmart" , $mail_body, $headers);
if($mailSend){
header("location:success.html");
}else{
header("location:sorry.html");
}
I see success.html page, after the mail function. But the mail is not present in 'enquiry#travel.com. I have changed the mail address to my email address, i got the mail. Then why mail is not sent in 'enquiry#travel.com.
Does any one know this?
Please reply
I think using PHPMailer can help you to increase the chanse of preventing emails as spam.
Junk mail? Email being filtered? Does that server that is sending the Email resolve the travel.com to the same IP as you do?
It is apparent that your PHP code does not have an error in it if it is sending to other Email addresses.
Some mail servers require certain settings to allow you to email, such as a secure SMTP connection to the server which php cannot handle within its native libraries.
Pear has a library you can use to attach SMTP authentication at: http://pear.php.net/package/Mail
Additionally, you might wish to troubleshoot by setting your own email address as the sender - in the event of a bounce-back email, you will then be able to receive it and troubleshoot further.
If the mail is getting through on other accounts and returning success for this account but never showing up, then the problem isn't with the code, it's with your message getting blocked by the destination server.
Possible reasons:
The destination server thinks it's SPAM. This is almost certainly the case. I worked for a cloud spam service, and web developers using PHP mail and other blind transfer agents hated us.
The destination server only allows certain IPs to send (usually a firewall or whitelist). You probably can't fix this unless you know the IT guy for travel.com and buy them a beer.
The destination server rejects messages with specific headers it doesn't understand, aren't set at all, or generally off.
Possible solutions:
The only possible solution that would involve keeping your current code in place would be changing or adding a header to the outgoing message. This is probably not the best fix because:
The headers could be fine and the message is getting blocked for other reasons.
If it is a header, tracking down which one will require getting the message back with the full headers (usually a bounce reply will have them, but not always)
Using PHP's mail function is outdated and not ideal for any kind of mail campaigns (for the reasons your seeing)
Using a 3rd party mail library like Pear's Mail class or PHPMailer (which I use). Be aware, however, that the reason these work more reliably is because you provide the SMTP server details and credentials, the same as you would for Outlook or Thunderbird. PHP's mail function uses the host server's SMTP server to send out, which causes issues like yours, but also doesn't require a password and permission to use. Having said that, it is better to send via a registered and verified address, both because it's less spammy and because your account's SMTP server can vouch for you, so to speak. But I would invest in getting an email account just for using in your PHP scripts, rather than using your personal account. Also, be aware that GMail is a real headache for this purpose, so just skip it if you can.
Dedicated mass mailing accounts, like Amazon SES or MailChimp. The best of both worlds, because they do bulk mailing better than your SMTP server ever will, it's tied to a user account you set up with them, not your actual email address, and most of them provide PHP libraries. The catch: they don't come cheap. The economics of scale to get a good Return on Investment is tons of emails daily.
My recommendation is to go with a free and respected mailer library and pay (if you aren't already) for a new email address just for the site to send mail. When it gets to the point where you're sending more emails than your mail server can handle in a day, look at a mass mailer service.
Related
I want to send an email from A to B, with HEADER and CONTENT through gmail.
How to do that by PHP?
I've specified the FROM (from#example.com), but when I receive the email, it's still from my gmail account (abc#gmail.com).
$mail->From = "from#example.com";
$mail->FromName = "Mailer";
$mail->AddAddress("abc12#163.example", "Josh Adams");// name is optional
$mail->AddReplyTo("abc12#qq.example", "Information");
How do I change the FROM part?
The short answer - you can't.
Google rewrites the From and Reply-To headers in messages you send via it's SMTP service to values which relate to your gmail account.
The SMTP feature of gmail isn't intended to be an open or relay service. If it allowed any values for the From header, it would significantly dilute Google's standing with spam services, as there would be no way to verify the credentials of the sender.
You need to consider alternatives. How are you planning to host your script/application/website when it's finished: virtually every hosting solutions (shared/vps/dedicated server) will come pre-configured with an email transfer solution: be it sendmail or postfix on *nix, or IIS on Windows.
If you are intent on using gmail then you could:
Setup a dedicated myapp#gmail.com account
If you own the domain you are supposedly sending from, use the free gmail for domains, and setup a myapp#mydomain.example account.
====
Edit June 2015
It was suggested that GMail does allow sending via different addresses. As far as I can tell, this is for sending via the GMail wep app, and utilises your existing external SMTP server, which is not relevant to the original question.
====
Edit Nov 2013
Seeing as this is still getting a trickle of votes. A quick update.
Google have withdrawn their free GMail for domains. There are plenty of other free services around. One of note is Mandrill - a one-to-one email service intended for transactional emails (e.g. ecommerce orders etc.). It's ran by MailChimp, who pretty much know all there is to know about sending email at volume. They also give you 12k/month free, which is rather nice.
This question and correct answer may be relevant:
When using Gmail for SMTP, can you set a different "from" address?
Gmail requires you to validate From addresses before sending mail as that email address. So you need to add a new sender in your personal gmail account and validate it.
Doing so will allow you to authenticate with youremail#gmail.com and send email from from#example.com
Unlike everyone else, I'll take the plunge and make the assumption that by letters you mean emails...
But I'm not sure what you are getting at when you mention that it should include "Headers and Content". Do you want to forward emails? Do you want the emails from A to appear as though they came from B's gmail account in the headers? Are you building some sort of gmail client?
The easiest way to send an email with PHP is with the mail function. This example comes straight from their documentation:
$to = 'nobody#example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#example.com' . "\r\n" .
'Reply-To: webmaster#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
If you want the headers to appear from A's gmail and not to simply change the from/reply to part, you'd have to use gmail as the SMTP server. I don't know if you can set that at the script level.
The answer above are not quite correct.
You are definitely able to specify any senders as long as you own the other email address.
As the help page explains:
On your computer, open Gmail.
In the top right, click Settings.
Click the Accounts and import or Accounts tab.
In the "Send mail as" section, click Add another email address.
Enter your name and the address you want to send from.
Click Next Step and then Send verification.
For school or work accounts, enter the SMTP server (for example, smtp.gmail.com or smtp.yourschool.edu) and the username and password on that account.
Click Add Account.
Once that email is added successfully,
you can send email on the behalf of the new email address in gmail.
Google will not rewrite your from email in this way while you're sending email via Google SMTP.
You need to go to GMAIL settings and add new alias.
You will be asked SMTP information, which is basically useless, since you are using SMTP to send email, BUT the catch is that if your alias is on Google Suite domain it will be added just with simple email confirmation!
Once you have the alias there, you can change "From" header in your SMTP email.
NOTE: You cannot change the "From" address to whatever#dude.example, that's just how Gmail works and is the reason it's trusted.
If the reason you want to use gmail is because you don't want to set up an MTA (the reason you stated in a comment to this answer), you have 2 options:
If the web server is at your
home/work place; use your ISP's
smtp-server
If the web server is at a dedicated
hosting center, ask them what
smtp-server to use.
I have a web app which needs to send emails to clients 'From' staff email addresses. What's the best way to prevent my messages from being flagged as spam?
For instance, if I own charles#gmail.com, I'd like to be able to send mail "From" that address with PHP in my App, without getting the "This message may not have been sent by...." message.
Right now I'm just using the mail() function within PHP, with Headers for the From, Return Path, and X-Mailer variables.
I'm generally pretty confused by everything I've read so far about SPF and DKIM, so I appreciate any advice. Thanks.
This is a very lengthy subject with lots of things to consider.
The most important rule is to not use HTML and to send only correct mails that people want, and that the recipients do not flag as spam theirselves.
For instance, if I own
charles#gmail.com, I'd like to be able
to send mail "From" that address with
PHP in my App, without getting the
"This message may not have been sent
by...." message.
If you own a gmail address you could just sent the messages via gmail's SMTP service, but keep in mind that gmail has a 500 email sent limit. Below is a topic describing how to use gmail's SMTP server with the popular PHPMailer.
Right now I'm just using the mail()
function within PHP, with Headers for
the From, Return Path, and X-Mailer
variables.
Outsourcing this is probably the way to go using for example:
http://sendgrid.com/
We also offer a Free Plan with 200
Email Credits per day.
To read pricing visit http://sendgrid.com/pricing.html
http://elasticemail.com/
No monthly committments, no minimums,
no limits. Just pay for what you use
at $0.001 / email or less.
http://aws.amazon.com/ses/
Email messages are charged at $0.10
per thousand.
http://aws.amazon.com/ses/pricing/
http://www.cloudsmtp.com/
http://postmarkapp.com/
Just to name a few which are very cheap to use without any hassle/setup.
If instead of using the mail() function, you use an SMTP mailer such as the PEAR mailer package then you can send the mail using google's own SMTP servers. This will require you to provide the correct credentials to the google account you wish to send from. This should avoid the issue you are having.
One of the first things you need to ensure is that the email "From:..." really is from your server e.g your_mailings#yourcompany.com and it must exist and be a valid email on the server where the script works. You should try setting the sendmail user at the top of your script (assumes Linux server):
ini_set('sendmail_from', 'your_email#your_server.com');
Then you add a "Reply-To:" header and use your staff addresses perhaps and recipients will at least seem to have got an email that can be replied to. Without that you probably won't even get as far as being spam, you will get blocked on the way there.
This thread shows some of that and note the comments on PHPMailer - it is a good way to handle mailing and I have found it more successful than simple mail();
PHP mail form isn't working
Im using PHP's mail() function to send some emails. But all my mails land automaticly in the trash box. Is there a way of preventing this? If so, where should i read to learn more about it.
Would you recommend me using PHPmailer?
Best of regards,
Alexander
TL;DR: There's no magic bullet. Just because you can learn how to form an email in PHP, does not guarantee it is routed to someone's mailbox, or even accepted. Success is based on reputation, not any single fix.
I am (edit: was) a mail server engineer, have written SpamAssassin rules, and have deep-dived issues for customers sending or receiving email.
The recipient's mail server scans your email, looking for attributes and "historical problems" (lack of mail agent, coming from your webserver IP, etc). These get "points". The total number of points is compared, and the recipient's server may do one or more of the following:
List item
refused during SMTP,
routed to Spam folder,
routed to Inbox, but tagged "SPAM"
blackholed (accepted, then mysteriously lost).
"Points" (score) only means something to a particular anti-spam solution. There is no public test. Fix ALL the problems you can, and success goes up.
*The #1 issue is: do not send email directly to the recipient's SMTP server. This network space sends 99.9% spam. It costs money to scan email, so a good email admin will block or refuse such connections.
The "fix" for your source IP is: Use an SMTP Gateway. The gateway can be our ISP mailserver, or a commercial service. Check first with their terms of service. They may prohibit sending emails using an authenticated web form, since these are so frequently abused ("someone hacked me" is not an excuse).
If you have email hosting, do the following: create a mailbox called for example 'website-notification#websitedomain.com'. Call it what you like. Now you want your PHP script to send the email -through- that address, using Authenticated SMTP. I'll leave the process of learning how to use Authenticated SMTP from PHP as a learning exercise for you -- there are many tutorials online).
Once you send emails through your valid SMTP server, the mail is seen as "originating" from your SMTP gateway. It's not seen as coming from your script. But this isn't the end of the story
As someone else noted, Be sure you are not missing display headers such as To: From: Subject: and Date:. Strictly speaking these headers are NOT "required" in email handshaking, but in practical terms no reputable email software omits them. Also, Date must be in the standard date format, or some spam filters will flag it.
This topic is not to be confused with "envelope headers" (the hidden stuff in the SMTP handshaking), which also can also impact your score. Using an SMTP Gateway usually takes care of this (since the recipient's mailserver will handshake with your gateway host).
Your FROM address must be VALID. Do not use a fake domain. Do not use your domain name with a fake mailbox name. Some anti-spam software will do a "Sender Verify" to test if the From address is bogus or fake (oversimplified: they'll try sending a reply and see if you would accept it or not).
The #1 mistake is setting your from address as "noreply#yourdomain.com", and not creating that mailbox. When that happens, everyone's "Sender Verify" on your email fails, and you look like a spammer covering their tracks.
If your domain DNS has an SPF record, be 100% sure it lists every IP that might send email for your domain. This is a technical topic. Having a valid, correct SPF record helps your deliverability a little bit. But if you misunderstand and create a bad (incorrect) SPF record, you will be worse off. Take your time to understand before using this.
If you have a business with a real address or PO box, don't use "Domain Registration Privacy" or "Domain Proxy" services if you can avoid it. When this was written (2011) It used to be very true that anonymizing services could get your mail blocked, or "tagged spam". This is less true today, but it's still worth considering.
Know the IP address of your mailserver, and regularly check that it is not "blacklisted" at SpamCop, SpamHaus, or the Barracuda spam blacklists. Google for more. There are monitoring services, and scripts which can alert you. But if you get on these lists, it means there is something else happening you were not monitoring for...
As said, no simple answer. :)
I suppose you mean thrash box at the receiver's end. So basically the receiving email server is regarding it as spam. This can happen if:
1) The IP you are sending from is already blacklisted for spamming (happens often in shared hosting)
2) The IP and domain are relatively new and unknown.
(Note that many times, newsletters from well established sites also end up in spam).
If its your dedicated IP, then setting RDNS for the IP, to match the domain name will very likely solve the issue. Another usual practice is to alert the receiver (if she is subscribing on your website) to check their thrash/spam folder and whitelist your email address in their mail account.
regards,
JP
JP's answer is partly correct but it also could be your header's in the email i know from experience this sends stuff to the spam folder try the following;
set the emails to your domain something like no-reply or a valid reply.
$to = 'nobody#example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#example.com' . "\r\n" .
'Reply-To: webmaster#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
This probably has something to do with your mail client and spam settings configuration. Try opening account on gmail.com and sending email there, if it's OK you know it is your mail server/client problem. If it's not, post your PHP code and full email headers of the email you've got.
This happens because many a times, headers are missing / if its a well known email server domain key signature is not present, or something like that. If you already have a separate email server, you should check out if you can use the PHP Pear Mail package to send email using your email server, rather than directly via mail function. That's what I find convenient, as its much more flexible.
I am using phpmailer to send email. I need to know how to hide or mask sender email address
You can specify any sender email address anyway, since SMTP by itself does not place any requirements on sender email addresses.
If the actual SMTP server you use places restrictions on email addresses (e.g. corporate servers which do not allow sender emails outside of the company domain) there's no way around that, unless of course you can influence the mail server configuration.
Update:
You say in a comment that you want to use gmail to send email where the sender's address is not a gmail address. There is no way to do that.
This is a rare situation you have here... if you do not have a mail server you can still tell PHPMailer to send from a different address just set the From attribute of the PHPMailer object to the address you want. But Wait! if your server doesn't exists, the client can't verify the account and then your mail will more likely be deleted (moved to spam in the more benevolent scenario). If you are trying to mimic third party mail, I'll help you no futher.
Note: Your mail server may be valid but clients are still unable to verify it, and thus you are getting mails delivered to spam or deleted. Check "Must Read" to below to have some inside on how to solve this.
On the other hand, if you already have a mail server, then tell PHPMailer you want to use it, set the Host and Port attributes to your domain name and port respectively. The same if you want to use an account form a different server, remember to set the attributes Username and Password correctly, you may also need to set SMTPAuth = true; and SMTPSecure = 'ssl'; depending on the server. [Note: Username and From may differ]
Now, if you want to use an account from Gmail, you could easily set an alias in Gmail to send as another account [Go to Settings-> Accounts And Import -> Send mail as -> (click) Send Mail From Another Address], that can be the case if you have a mail server but you cannot afford to have it online, you will need to start your server so you can receive the confirmation code Gmail generates to verify your account. Check recommended read for PHP side configuration details.
Lastly if for some rare circunstancies you can't tell PHPMailer to use your mail server, but you do in fact have one, and that one is able to recieve the mail... you can use AddReplyTo('me#example.com', 'My Name'); Most clients will understand that any reply to the message must be (unless explicitly defined by the user) directed to "me#example.com" in this case.
Disclaimer: I take no responsibility of any harm result of the use of the method I mention here, such as (but not limited to) your mail account getting banned.
Must read:
Coding Horror on sending mail via code
Recommended read: PHPMailer Tutorial (old version)
No need (neither a good way) to hide or mask whatsoever.
I assume you already know how to use the class you are talking about.
You probably have some variable for sending email, like
var $From = "someguy#whatever.com";
you can type whatever you want into that email address. Gmail dont care what email things is sent from.
And no, this dosent sound very legit.
One more thing: Gmail requires a gmail account to relay mails. Its no problem, it wont be visible.
You want to "show the company email address as sender" but you "didn't (sic) have any email server"?
Can anyone actually send you email at your company email address? If so, use that server which is hosting your email to send out from.
If you don't really have a company email address, then I suggest you get a gmail address like companyname#gmail.com and just send from that. Otherwise the email will appear as spam to a great many of your recipients.
Now, if the people you are about to send an email to actually signed up to be on your mailing list then you can use a third party application like Constant Contact to do your broadcasts from.
If they haven't, then I suggest you not send an email at all.
in mail headers you can have both a Sender: and a From: header which in most mail clients is displayed as either just the From or in some cases Sender on behalf of From, using this way is a nice and clean way to be able to send From a different mail address then the actual Sender mail server
This is highly illegal.
var $From = "someguy#whatever.com";
Is the only option your have for trying to hide email address. But no matter what your email will be inscribed with IP. Someone who knows what they are doing will still be able to trace the email back to the source.
I have a website, example.com hosted at godaddy. I was just messing around with PHP's mail function and uploaded the following to my website at example.com:
mail( "someone#yahoo.com", "test", "test message", "From: someone#gmail.com" );
Why does this work? I mean, it shouldn't, right? The "From" address domain isn't "#example.com". Yet, when I check my email at someone#yahoo.com, I get the message from someone#gmail.com... How is it that I'm able to (potentially) send an email from anyone's email account without their password?
This is possible, as in, you can put into the E-Mail headers whatever you want, including a totally arbitrary sender address. You are right, though, security-conscious providers will usually configure their outgoing mail services in a way that allows only sender addresses residing on the server the mail gets sent from; but they don't have to.
Also, on the receiving end, messages where the sender address belongs to a domain that is not associated with the sending mail server very often end up in the Spam folder.
It's (as you already know) very bad practice to make use of this. As to whether the provider is at fault - it could be anything from a sign of trust (if you are the only user on the server, or one of select few clients) to carelessness. You may have reason to complain because if one of your web hosting neighbours misuses this to send spam, the server's IP address might get blacklisted, causing any E-Mail coming from it (legit or not) to get caught in spam filters.
it's because of email format specification.
have a look at the email's header specification, you might refer to the http://en.wikipedia.org/wiki/Email#Header_fields
that is the reason why one should never trust the "from" information once you receive an email.
This is why systems like Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) have been introduced.
SPF allows admins to define where email for a particular domain is supposed to originate. In your example, and assuming that SPF records were set up, the records would show that the Go Daddy host from which the mail was sent was not an authorised sender for the gmail.com domain. A (Yahoo) mail server that receives that mail and does SPF validation would probably reject the mail.
DKIM uses digital signatures to allow a sending mail server to show that an email came from the domain it says it came from. In your example, you wouldn't be able to sign your email and make it look like it really came from Gmail, because you don't have their key.
Both these systems require proper SPF/DKIM records to be set up, and also require that the mail server that handles the email for its recipient actually performs the validation.
So don't worry: this problem is being worked on :-)
Whether you should be able to do this is basically a matter of who you ask. The email RFC states that you should. Best practice for hosting and ISP says you shouldn't.
So seen from PHP point of view. Yes you should
Edit:
And btw you're not sending the mail from somebody's account your simply stating that you email is something differrent from what's actually true. Which is basically the same as introducing yourself to a stranger as, let's say "Bill Clinton". If the receiver is paying attention they'll know it's wrong. In the real world because you don't look like him and in the email world you can simply test if the sending server is allowed to rely from that specific domain.