I have read lots of questions and answers about this issue on StackOverflow, but none of the ones I've read answered my question specifically.
I do not want to have a mailing list. People tick a box if they want to receive the bulk email. There are no wrong emails because accounts are activated using emails. So no bounce checking. However, I already use PHPMailer (so no issues with headers and such) and add every address to the 'to' field of the email. This means everyone can view all the emails (by reading the email source or hitting "reply to all" in their email client), which will not be desirable by other users. The question is:
1) should I send each email individually, or put all addresses in the 'bcc' field?
2) Won't this make some mailservers mark the email as "spam", no matter how well-structured it is? If so, is there a way to further prevent this (apart from adding the address to some whitelists or setting up domain keys or Unix cron jobs)?
Thanks!
All of the things mentioned here require the user to "subscribe" using a form, and then confirm their email address (like in PHPList). However, I already ask for confirmation when people register, so no sense in asking them again and again. My existing code checks the database; if their "receive-movie-mail" bit is set to 1 (these are gathered using an sql query), an email is sent to them when a new movie is added to the database. So, if you still believe this to be a mailing list (which I think it kind of is, but maybe my definition defies existing software features), I'd like it to have, 1) some way of subscribing users to the list with PHP code (E.G. if the "I want to receive an email every time a movie is uploaded to the database" checkbox is checked, in my form processing code I'll subscribe them), and 2) a way to mail people with PHP (I.E. a function like send_mail_to_list($content) that sends the email to the people I have subscribed, when the "Add Movie" form is submitted). Is there such a mailing list management software?
You should loop over the list of emails and send an individual email for each address:
$mail = new PHPMailer();
$mail->IsSMTP(); // set mailer to use SMTP
$mail->Host = "mail.{domain_name}.com"; // specify main and backup server
$mail->SMTPAuth = true; // turn on SMTP authentication
$mail->Username = "{username}"; // SMTP username
$mail->Password = "{password}"; // SMTP password
$emailFrom = '{email_address}';
$mail->From = $emailFrom;
$mail->IsHTML(true); // set email format to HTML if needed
$emailSubject = '{your subject}';
$emailBody = "Whatever content you are sending.";
$mail->Subject = $emailSubject;
$mail->Body = $emailBody;
foreach($emails => $email) {
$emailTo = $email['email'];
$emailToName = $email['name'];
// send an email to customer
$mail->AddAddress($emailTo, $emailToName);
if(!$mail->Send())
{
echo 'failed';
}
$mail->ClearAddresses();
}
1) should I send each email individually, or put all addresses in the
'bcc' field?
Definitely Individually. Bcc will have your email seen as spam.
2) Won't this make some mailservers mark the email as "spam", no
matter how well-structured it is? If so, is there a way to further
prevent this (apart from adding the address to some whitelists or
setting up domain keys or Unix cron jobs)?
using an SPF record might help. Make sure the reverse-dns to your server is not blacklisted, especially if it's a shared hosting.
I have not done this in php since I know that by default there is no hyper threading in php.
In other languages / frameworks like Ruby or .NET you would send individual emails out together by hyper/multi threading them. This is similar to the *nix cron jobs approach you know of except that it is executed at run time - you create say one thread for every 5 addresses you are sending and then all the threads send out 5 mails one after the other.
Keep in mind that even with this approach the bottle-neck shifts from the application to the mail server you are using. So lets say you are using the inbuilt postgre that ships with apache - it won't handle large volumes since each thread will add load to it.
And of course you should avoid this all together if you can use MailChimp!!
Send each user a separate email, addressed only to them.
Set up DKIM and SPF, or at least create appropriate SPF records. DKIM requires some configuration of the mail server that's actually sending the mail for you, but can help greatly with deliverability, especially to large email providers.
My tip next to others would be: maintain a queue of emails where you can limit delivery rate. Some email providers do not like when you try to deliver thousands of emails to their domain at once.
This should be possible with some MTA's.. But I haven't seen one which is flexible enough to do this. What I used for this was Pear class Mail_Queue + cron job.
Related
phpmailer is working fine and able to use it in various ways, but.... I'm trying to find a way to determine if a valid looking email address actually made it to some destination. I am NOT talking about validating addresses such as...
if (!$mail->validateAddress($email)) {echo 'Not a valid squiloople email pattern';}
This is my setup is using SMTP through gmail...
$mail->isSMTP();
$mail->SMTPAuth = true;
$mail->SMTPDebug = 0;
$mail->isHTML(true);
$mail->Host = 'smtp.gmail.com';
$mail->Username = "XXXl#gmail.com";
$mail->Password = "XXX";
$mail->SMTPSecure = 'ssl';
$mail->Port = 465;
If the email address looks like a duck and quacks like a duck then...
$result = $mail->send(); Will Always return true!
var_dump($mail->send()); // Also returns Boolean
Is there a way to test if the email was actually received somewhere? Or is this strictly a one-way shout-out through google's SMTP gmail servers???
Any tips, tricks, or pointers would be appreciated.
$mail->send() will not always return true. It returns true if the part of the sending process it was involved with works. So if you send to an unknown address, but do so via gmail, gmail's servers don't know whether the address exists or not at the time, so it will be accepted and bounced later. If you were sending to a gmail address when sending through gmail, then it would fail immediately.
If an account does not exist at all, most servers (including gmail) will still give a 5.1.1 "Unknown user" response, and that will be reported correctly by PHPMailer if you send by SMTP directly to the recipient's supposed mail server (but not if you send via an intermediate server (like gmail) or using mail()). PHPMailer doesn't have built-in support for doing that, but doing it yourself only involves a call to getmxrr and setting Host manually. Also you won't need to use authentication if you send that way.
You can do various things like check if a domain exists at all - if it doesn't, mail delivery won't work. Some servers will accept all addresses and send bounces later (e.g. if they have a spam filter with a long processing queue), but if you get rejected up-front, it's a pretty sure indication that the address doesn't exist.
You need to look into bounce handling too which will allow you to remove addresses that looked ok but later proved not to be, which is an entirely separate thing from anything that PHPMailer does. I will warn you now - bounce handling is extremely unpleasant!
You should also send using tls on port 587, not ssl on 465; see the gmail example provided with PHPMailer.
The only reliable way to confirm delivery is to get the recipient to answer. Tracking pixels don't work very well, or at all, and delivery receipts are often disallowed. Bounced emails only identify dead mailboxes that generate a non-delivery report - not all do - and won't identify a mailbox that's active but ignored. If the people you are emailing want something from you, don't give it to them until they've confirmed their address by responding to an email.
You can ask for a receipt but the user has a choice and most people like me will not let it acknowledge receipt. All you can do is to make sure all your headers are correct and monitor the bounced emails.
Yes this can be done by - Using imap to read the bounced mail notification that gmail mailer-daemon sends back for undelivered mail and then parsing out the bogus address. Using that you can go back to your database and clean it up. My login/registration system will not require a valid email for basic access, but for elevated privileges it will. I'll just make an admin class function that processes privilege requests and also does database cleanup for basic accounts so there will be no lag-time for new user registration.
Thanks to all that had a look and contributed!!! Now that I'm about done I'll have a look at getmxrr and see if that is better, but still plan to expand imap to automate email proxy account maintenance(deleteing, moving, ect...).
The solution I found was :
1) To save a copy of the email in a mysql database with an ID.
2) Make sure the email is signed with the domain in 1024
3) Add a img to the email requesting an image from a PHP file like https://www.example.com/img.php?id=emailid with the email ID instead of emailid
4) In img.php get the email ID and update the corresponding entry of your database with the time and date and render a base64 image.
So now you can know when the email is open and the time and date.
Try this:
if ( !PHPMailer::ValidateAddress($email) )
or
if ( !$mail->validateAddress($email) )
This is a redundant question.
I am using phpmailer codeigniter library in sending email. I can send and recieve email however when I received it, it is marked as spam.
I think this info can be useful:
public $Mailer = 'mail';
public $Hostname = 'http://www.fhi365.com/';
public $Host = 'smtp.gmail.com';
public $Port = 465;
public $SMTPSecure = "ssl";
public $SMTPAuth = true;
What are the steps I need to do to solve this?
Thanks for help
This is not the issue of sending through server email servers.
For an email to be considered "safe" it has to meet A LOT of criteria, which, without full access to the server, I don't think can be configured.
First of all, you need to have DKIM and SPF key signatures that are actually valid. They are needed for the email service provider to be sure that you aren't a scam.
Next, you from email and domain (from email is what is before the #, and domain is what is after the #) have to be safe. Which means that when you send emails, people actually open your letter. Because let's say I set up a simple php email sending script and send some inappropriate pictures or some evil-evil programs. That is why ESP by default put your email into spam. That's why on most websites on registration, you are asked to check your spam folder. The website's domain does not have enough "positive" reputation to be considered trusted by the major ESP. If one person moves your letter from spam to inbox, you get a small reputation boost - but you need a lot of it.
Next, is the sender. The IP of the sender also has to be trusted. If you are sending from a PC IP that is known for spamming, even if you have all the previous criteria all set up, it will still be spam box for you all the time. That is called domain warming. You need reputation for your IP as well.
There are also minor things such as email content (if it looks like a casual letter, you have more chances of getting into inbox), the amount of styling and pictures you have in there.
Bottom line - don't bother a lot with getting your email to inbox. If the user KNOWS he is getting your letter in the email, he will get it out of the spam folder. Just notify the user about the email and you will be set.
I have a web app which needs to send emails to clients 'From' staff email addresses. What's the best way to prevent my messages from being flagged as spam?
For instance, if I own charles#gmail.com, I'd like to be able to send mail "From" that address with PHP in my App, without getting the "This message may not have been sent by...." message.
Right now I'm just using the mail() function within PHP, with Headers for the From, Return Path, and X-Mailer variables.
I'm generally pretty confused by everything I've read so far about SPF and DKIM, so I appreciate any advice. Thanks.
This is a very lengthy subject with lots of things to consider.
The most important rule is to not use HTML and to send only correct mails that people want, and that the recipients do not flag as spam theirselves.
For instance, if I own
charles#gmail.com, I'd like to be able
to send mail "From" that address with
PHP in my App, without getting the
"This message may not have been sent
by...." message.
If you own a gmail address you could just sent the messages via gmail's SMTP service, but keep in mind that gmail has a 500 email sent limit. Below is a topic describing how to use gmail's SMTP server with the popular PHPMailer.
Right now I'm just using the mail()
function within PHP, with Headers for
the From, Return Path, and X-Mailer
variables.
Outsourcing this is probably the way to go using for example:
http://sendgrid.com/
We also offer a Free Plan with 200
Email Credits per day.
To read pricing visit http://sendgrid.com/pricing.html
http://elasticemail.com/
No monthly committments, no minimums,
no limits. Just pay for what you use
at $0.001 / email or less.
http://aws.amazon.com/ses/
Email messages are charged at $0.10
per thousand.
http://aws.amazon.com/ses/pricing/
http://www.cloudsmtp.com/
http://postmarkapp.com/
Just to name a few which are very cheap to use without any hassle/setup.
If instead of using the mail() function, you use an SMTP mailer such as the PEAR mailer package then you can send the mail using google's own SMTP servers. This will require you to provide the correct credentials to the google account you wish to send from. This should avoid the issue you are having.
One of the first things you need to ensure is that the email "From:..." really is from your server e.g your_mailings#yourcompany.com and it must exist and be a valid email on the server where the script works. You should try setting the sendmail user at the top of your script (assumes Linux server):
ini_set('sendmail_from', 'your_email#your_server.com');
Then you add a "Reply-To:" header and use your staff addresses perhaps and recipients will at least seem to have got an email that can be replied to. Without that you probably won't even get as far as being spam, you will get blocked on the way there.
This thread shows some of that and note the comments on PHPMailer - it is a good way to handle mailing and I have found it more successful than simple mail();
PHP mail form isn't working
I am trying to use Swift Mailer to send an email to a client on her website. The problem is, I do not know her username/password email information, and I do not want to use mine.
Is there a way to use SMTP with Swift Mailer, and not define a username, password, or email host? Kinda how the mail function will allow you to use anything for the to/from addresses.
This is what I have for one of our scripts and I believe it does exactly that.
$message = Swift_Message::newInstance()
//Give the message a subject
->setSubject('Webinar Registration')
//Set the From address with an associative array
->setFrom(array('FROM EMAIL ADDRESS' => 'FROM NAME'))
//Set the To addresses with an associative array
->setTo(array('TO EMAIL ADDRESS'))
//Give it a body
->setBody('My Message')
//And optionally an alternative body
//->addPart('<q>Here is the message itself</q>', 'text/html')
;
//Create the Transport
$transport = Swift_SmtpTransport::newInstance('127.0.0.1', 25);
//Create the Mailer using your created Transport
$mailer = Swift_Mailer::newInstance($transport);
//Send the message
$result = $mailer->send($message);
This was probably copy-pasted and slightly modified from the Swift mailer documentation. All we're doing is connecting to SMTP on localhost.
Edit: Looking at comments on the original post, I do have to wonder about triggering spam filters. We haven't really had a problem with it... one, maybe two users have complained about not receiving e-mails. If there's any good documentation on this kind of stuff and ways to avoid these problems, I'd love to have a link to it. I think we just have the default IIS SMTP server running on our machine as set up by our provider.
Another Edit: Ah, if this is going on to someone else's website, we don't know exactly how they're set up. I wonder if you could create an account with some other e-mail provider (assuming it's not against their terms of use.) Maybe I jumped the gun with my post, sorry.
In order to do this right you have to use a real email address and send it from a server that is properly configured. Otherwise your mail will end up in their spam box.
Just have your client set up an email address called support#whateverthedomainis.com which would be for this. If for whatever silly reason they can't do that then set up a mail address at gmail or some other free email provider and send it through their mail server.
There is a LOT that goes into properly configuring a mail server in todays world. From blacklist management, reverse dns configuration, SPF setup, etc. Point is providers are getting more finicky every day and if you want to see your application work long term then you'll need to do this right.
Hope that helps.
I am using phpmailer to send email. I need to know how to hide or mask sender email address
You can specify any sender email address anyway, since SMTP by itself does not place any requirements on sender email addresses.
If the actual SMTP server you use places restrictions on email addresses (e.g. corporate servers which do not allow sender emails outside of the company domain) there's no way around that, unless of course you can influence the mail server configuration.
Update:
You say in a comment that you want to use gmail to send email where the sender's address is not a gmail address. There is no way to do that.
This is a rare situation you have here... if you do not have a mail server you can still tell PHPMailer to send from a different address just set the From attribute of the PHPMailer object to the address you want. But Wait! if your server doesn't exists, the client can't verify the account and then your mail will more likely be deleted (moved to spam in the more benevolent scenario). If you are trying to mimic third party mail, I'll help you no futher.
Note: Your mail server may be valid but clients are still unable to verify it, and thus you are getting mails delivered to spam or deleted. Check "Must Read" to below to have some inside on how to solve this.
On the other hand, if you already have a mail server, then tell PHPMailer you want to use it, set the Host and Port attributes to your domain name and port respectively. The same if you want to use an account form a different server, remember to set the attributes Username and Password correctly, you may also need to set SMTPAuth = true; and SMTPSecure = 'ssl'; depending on the server. [Note: Username and From may differ]
Now, if you want to use an account from Gmail, you could easily set an alias in Gmail to send as another account [Go to Settings-> Accounts And Import -> Send mail as -> (click) Send Mail From Another Address], that can be the case if you have a mail server but you cannot afford to have it online, you will need to start your server so you can receive the confirmation code Gmail generates to verify your account. Check recommended read for PHP side configuration details.
Lastly if for some rare circunstancies you can't tell PHPMailer to use your mail server, but you do in fact have one, and that one is able to recieve the mail... you can use AddReplyTo('me#example.com', 'My Name'); Most clients will understand that any reply to the message must be (unless explicitly defined by the user) directed to "me#example.com" in this case.
Disclaimer: I take no responsibility of any harm result of the use of the method I mention here, such as (but not limited to) your mail account getting banned.
Must read:
Coding Horror on sending mail via code
Recommended read: PHPMailer Tutorial (old version)
No need (neither a good way) to hide or mask whatsoever.
I assume you already know how to use the class you are talking about.
You probably have some variable for sending email, like
var $From = "someguy#whatever.com";
you can type whatever you want into that email address. Gmail dont care what email things is sent from.
And no, this dosent sound very legit.
One more thing: Gmail requires a gmail account to relay mails. Its no problem, it wont be visible.
You want to "show the company email address as sender" but you "didn't (sic) have any email server"?
Can anyone actually send you email at your company email address? If so, use that server which is hosting your email to send out from.
If you don't really have a company email address, then I suggest you get a gmail address like companyname#gmail.com and just send from that. Otherwise the email will appear as spam to a great many of your recipients.
Now, if the people you are about to send an email to actually signed up to be on your mailing list then you can use a third party application like Constant Contact to do your broadcasts from.
If they haven't, then I suggest you not send an email at all.
in mail headers you can have both a Sender: and a From: header which in most mail clients is displayed as either just the From or in some cases Sender on behalf of From, using this way is a nice and clean way to be able to send From a different mail address then the actual Sender mail server
This is highly illegal.
var $From = "someguy#whatever.com";
Is the only option your have for trying to hide email address. But no matter what your email will be inscribed with IP. Someone who knows what they are doing will still be able to trace the email back to the source.