I am using PEAR to send mails from our server. However, some email clients (most importantly Gmail) will say "Mail received from nobody#server on behalf of John Doe". What causes this? Is this PHP or the server config itself?
With the headers I set:
$headers["From"] = John Doe<johndoe#example.com>;
$headers["Return-path"] = John Doe<johndoe#example.com>;
$headers["Sender"] = John Doe<johndoe#example.com>;
However, when I look into the e-mail headers of the actual mail that is arrived, I see:
Return-path: <nobody#server>
Received: from nobody by server with local (Exim 4.69)
(envelope-from <nobody#server>)
id 1Thn0Y-0001yy; Tue, 25 Jan 2011 11:48:46 -0600
From: John Doe<johndoe#example.com>
Sender: Nobody <nobody#server>
Date: Tue, 25 Jan 2011 11:48:46 -0600
So except for the FROM field, all other header settings are ignored...! What to do?
What you are seeing is that the envelope headers are being generated by Exim. You will need to change the configuration, or send differently to get around this. With normal sendmail, there are a few simple commandline switches you specify, and I would imagine it is the same with Exim.
Related
I have a cPanel machine hosted for my customers. One customer is being missused, sending spam via a PHP Script. If I look in to my EXIM Mail queue there is a lot of Spam getting sent.
How can I locate the Script sending those mails?
If I go into detail with one mail, the X-PHP-SCRIPT is only "domain.tld/"
Here an Example:
Date:
Tue, 12 Apr 2016 07:00:12 +0000
From:
Stacey Ruiz <stacey_ruiz#domain.tld>
To:
frogleg3354#yahoo.com
Subject:
F$ck me deeply in my m0uth
Content-Transfer-Encoding:
8bit
Content-Type:
multipart/alternative;
boundary="b1_6b6f51ba2d97b6f13cdd28de69a7fce8"
Message-ID:
<6b6f51ba2d97b6f13cdd28de69a7fce8#domain.tld>
MIME-Version:
1.0
Received:
from ctm by cpanel-1.myserver.tld with local (Exim 4.86_1)
(envelope-from <stacey_ruiz#domain.tld>)
id 1apsJ2-0000aK-Fz
for frogleg3354#yahoo.com; Tue, 12 Apr 2016 09:00:12 +0200
X-Mailer:
PHPMailer 5.2.9 (https://github.com/PHPMailer/PHPMailer/)
X-PHP-Script:
domain.tld/ for 127.0.0.1
X-Priority:
3
I obviosly replaced the domain of the customer with "domain.tld".
I changed already all the Passwords for all E-Mail Addresses, User Accounts, deleted all FTP Accounts, made a Virus Check. The customer is using the newest Update of Wordpress (Update 1 week ago). I changed the password there as well. The wordpress page was even ok! No extra user in the Database, that was not supposed to be there... How is it then possible, that a script is getting up to the server? And how can I locate it?
I tried to access the Admin Area and was missspelling the "wp-admin"... I found this:
Can anyone help me?
Cheers!
Niklas
I'd like to load several email saved as txt file and send them with swiftmailer.
Txt files are like this
Received: (qmail 17484 invoked from network); 1 May 2014 03:38:08 -0000
Received: from localhost (localhost [127.0.0.1])
by myserver.example.com.dyndns.org ([192.168.1.2]); 01 May 2014 03:38:08 -0000
Received: from otherserver.example.net ([127.0.0.1])
by localhost ([127.0.0.1])
with SMTP via TCP; 01 May 2014 03:38:08 -0000
Received: (qmail 4822 invoked from network); 1 May 2014 03:38:07 -0000
Received: from blablabla.example.org ([103.123.123.11])
by otherserver.example.net ([123.123.6.152])
with ESMTP via TCP; 01 May 2014 03:38:07 -0000
To: <me#example.com>
Date: Thu, 01 May 2014 12:37:29 +0900
From: <someone#example.org>
Subject: Awesome subject of email
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Fantastic email text
I can't find a from_string method in Swift_Message class. Is parsing txt file and creating a new Swift_Message object with parsed information the only solution?
Unfortunately you might need to do the parsing/repopularing of the info yourself. You can try using: http://www.php.net/manual/en/book.mailparse.php and this (a wrapper around it) https://gist.github.com/vyatri/939427 to avoid having to read it manually. Mail headers can be tricky to get right so try to avoid manual parsing as much as possible and use some standard library to do it (like the mentioned).
I try to send email from our server using php and Zend_Mail. I use smtp transport. This is confimation email of subscribing. But for some reason email that I send has strange headers and email goes to spam folder (I see them in gmail that receive letter):
Message-Id: <50ee94f7.84fc440a.62dc.ffff9685SMTPIN_ADDED_MISSING#mx.google.com>
Received: (qmail 10943 invoked from network); 10 Jan 2013 10:16:22 -0000
Received: from unknown (HELO searchboxindustries.com) (username#searchboxindustries.com#207.162.215.30)
What does it mean list header "Recieved: from unknown"? Can it make email go to spam? How to avoid this strange header and make email avoid spam folder? Is there any problem with coode or maybe I have some problems with DNS settings of this domain?
Here's code for setting headers:
$mailer->setFrom($params['list_email'], $params['list_from_name']);
$mailer->setReplyTo($params['list_email']);
$mailer->addHeader('Sender', $params['list_email'] . '.searchboxindustries.com');
$mailer->setReturnPath($params['list_email'] . '.searchboxindustries.com');
$mailer->addTo($params['email_address']);
Code to configure transport:
$emailConfig = $this->getOption('email');
$transport = new Zend_Mail_Transport_Smtp($emailConfig['server'], $emailConfig);
Zend_Mail::setDefaultTransport($transport);
Email config from application.ini:
email.name = searchboxindustries.com
email.server = searchboxindustries.com
email.username = user_name
email.password = password
email.auth = plain
email.port = 587
Here are headers of such email:
Delivered-To: gala19612009#gmail.com
Received: by 10.76.94.204 with SMTP id de12csp111150oab;
Fri, 11 Jan 2013 01:58:49 -0800 (PST)
X-Received: by 10.69.0.8 with SMTP id au8mr228881813pbd.58.1357898329423;
Fri, 11 Jan 2013 01:58:49 -0800 (PST)
Return-Path: <opp#mail15.com.searchboxindustries.com>
Received: from smtp1-1.searchboxindustries.com (mta1.searchboxindustries.com. [207.162.215.30])
by mx.google.com with SMTP id d7si4727205paw.95.2013.01.11.01.58.48;
Fri, 11 Jan 2013 01:58:48 -0800 (PST)
Received-SPF: pass (google.com: domain of opp#mail15.com.searchboxindustries.com designates 207.162.215.30 as permitted sender) client-ip=207.162.215.30;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of opp#mail15.com.searchboxindustries.com designates 207.162.215.30 as permitted sender) smtp.mail=opp#mail15.com.searchboxindustries.com
Message-Id: <50efe258.a74b420a.3351.12fcSMTPIN_ADDED_MISSING#mx.google.com>
Received: (qmail 21583 invoked from network); 11 Jan 2013 09:58:48 -0000
Received: from unknown (HELO searchboxindustries.com) (username#searchboxindustries.com#207.162.215.30)
by searchboxindustries.com with SMTP; 11 Jan 2013 09:58:48 -0000
From: Oleg <opp#mail15.com>
Reply-To: opp#mail15.com
Sender: opp#mail15.com.searchboxindustries.com
Return-Path: opp#mail15.com.searchboxindustries.com
To: gala19612009#gmail.com
Subject: List1: Confirm Subscription
Date: Fri, 11 Jan 2013 04:58:48 -0500
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
MIME-Version: 1.0
Spf seems to be ok.
The ip from which email is sent is not blacklisted.
Now there are changes in DNS and I have headers:
Message-Id: <50f41c80.67e3440a.2d32.6aabSMTPIN_ADDED_MISSING#mx.google.com>
Received: (qmail 18457 invoked from network); 14 Jan 2013 14:55:59 -0000
Received: from unknown (HELO smtp1-1.searchboxindustries.com) (username#searchboxindustries.com#207.162.215.30)
by searchboxindustries.com with SMTP; 14 Jan 2013 14:55:59 -0000
We have Reverse DNS set. 207.162.215.30 is resolved to stmp1.searchboxindustries.com. What's the problem then? I wonder what is strange format in brackets in the header Received : from unknow:
username#searchboxindustries.com#207.162.215.30
The Received: from unknown simply means that one SMTP server receiveid it from another which did not provide reverse DNS. Typically each hop from one SMTP server to another adds one Received: header at the top of the message (except qmail, which adds two; this is visible in your example).
If you are concerned about the lack of reverse DNS, and if 207.162.215.30 is yours, then perhaps you can convince your ISP to provide reverse DNS for it. Many ISPs refuse (if you are on a "consumer" broadband plan), or will require a different hosting contract with you in order to offer this service. ("Reverse DNS" means that when somebody queries DNS for "what's the DNS name of 207.162.215.30" the answer would be "searchboxindustries.com" or perhaps another host name, but not "unknown".)
The reverse DNS lookup is usually performed based on the TCP headers, not on the text of the message. If the SMTP server receives a connection from 123.45.67.89 then it will perform reverse DNS for that address, and put the results in the Received: header it adds. In other words, the contents of your message headers or envelope headers do not affect this outcome at all.
Recipients can do whatever they want with these headers. It is unlikely that this header alone (the presence of this header, or the absence of reverse DNS information evident from the contents of it) would be sufficient for somebody to classify your message as spam, but there is really no way to control what the recipient does with this information.
If anything, your question is an indication that perhaps you should be looking at a professional service to send out these messages on your behalf, for a fee.
My server requires an extra (php.)ini setting, might that solve your issue?
ini_set('sendmail_from', 'enterAValidEmailAddr#yourDomainHere');
Try the following options to find where the problem is:
Does the email has body? I believe there is email body.
For isolating the problem, you can try it using another alternative SMTP (for example: gmail smtp).
Alternatively, you can use PHP mail directly without smtp.
Here is the situation.
I have both an SMTP server which accepts only authentication.
I also have a VPS with no SMTP server, so the PHP on that VPS sends emails using PEAR to the SMTP server for sending.
For some reason emails are getting classified as Spam always.
Can someone take a look at the following headers and give me a pointer to why this might be happening?
Some stuff has been *'d out for security.
I'm new to VPS stuff so I guess I might have some dodgy config somewhere, so I need some advice on this one.
Thanks guys!
Microsoft Mail Internet Headers Version 2.0
Received: from moutng.k*****.de ([212.227.17.8]) by ***** with Microsoft SMTPSVC(6.0.3790.4675);
Sat, 12 Feb 2011 11:30:09 +0000
Received: from localhost (*****.onlinehome-server.info [*****])
by mrelayeu.k*****.de (node=mreu1) with ESMTP (Nemesis)
id 0Lm8JB-1QNpTc29Yn-00a9O2; Sat, 12 Feb 2011 12:30:09 +0100
From: Logeek <log#*****.com>
To: A King <aking#*****.co.uk>
Subject: Hi!
Message-Id: <0Lm8JB-1QNpTc29Yn-00a9O2#mrelayeu.k*****.de>
Date: Sat, 12 Feb 2011 12:30:09 +0100
X-Provags-ID: *****
Return-Path: log#*****.com
X-OriginalArrivalTime: 12 Feb 2011 11:30:09.0931 (UTC) FILETIME=[34CC45B0:01CBCAA8]
Ok I'm not really good at email headers but if an Email is sent from and address in which the domain is not equal to the domain the email was sent from for example: a message sent by admin#thispage.com from the server otherpage.com will get marked as spam: When using a SMTP server smtp.thispage.com as a local user on that server for example admin#thispage.com the message will be sent from this server and the email wil not be marked as spam. But when sending it as user admin#thispage.com from a different domain using PEAR the message will normally be marked as spam.
First of all, I want to thank you for your time. I'm having a hard time getting my head around this problem.
With reference to this thread we've dediced to implement PHPMailer. This however worked fine untill we've dediced to change the IP adress of the Exim deamon running on the system. Now, Hotmail and GMail both mark us as spam although we've got correct rDNS etc. We've also taken part in the Microsoft Sender ID and Junk Email Reporting program, but that still won't help us.
You can see an output of the php script running here(http://koopte.be/mailtest/test/examples/test.php).
Also, some mail headers from GMail:
Delivered-To: myemail#gmail.com
Received: by 10.227.133.10 with SMTP id d10cs153720wbt;
Sun, 17 Oct 2010 02:44:10 -0700 (PDT)
Received: by 10.227.37.8 with SMTP id v8mr3118896wbd.37.1287308647612;
Sun, 17 Oct 2010 02:44:07 -0700 (PDT)
Return-Path:
Received: from drt01.dco.fusa.be ([81.95.119.6])
by mx.google.com with ESMTP id ep1si12575868wbb.6.2010.10.17.02.44.06;
Sun, 17 Oct 2010 02:44:07 -0700 (PDT)
Received-SPF: neutral (google.com: 81.95.119.6 is neither permitted nor denied by best guess record for domain of admin#drt01.dco.fusa.be) client-ip=81.95.119.6;
Authentication-Results: mx.google.com; spf=neutral (google.com: 81.95.119.6 is neither permitted nor denied by best guess record for domain of admin#drt01.dco.fusa.be) smtp.mail=admin#drt01.dco.fusa.be
Received: from admin by drt01.dco.fusa.be with local (Exim 4.69)
(envelope-from )
id 1P7Pmg-0001qb-Gg
for myemail#gmail.com; Sun, 17 Oct 2010 11:44:06 +0200
To:
Subject: Koopte.be
X-PHP-Script: www.koopte.be/mailtest/test/examples/test_smtp_advanced_no_auth.php for 84.31.105.128
Date: Sun, 17 Oct 2010 11:44:06 +0200
From: "Koopte.be"
Reply-to: "Koopte.be"
Message-ID:
X-Priority: 3
X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_f102f7049d61084cf6a8ef51cf0e57bc"
Sender:
Our log shows the following, which seems OK to me:
2010-10-17 02:33:30 1P7HBn-0000l7-Ro => email F=<admin#drt01.dco.fusa.be> R=lookuphost T=remote_smtp S=1475 H=gmail-smtp-in.l.google.com [209.85.227.27] C="250 2.0.0 OK 1287275610 v32si21774961weq.142"
Thank you for your time!
Edit: rDNS is being fixed as we speak.
rDNS is set now, come on guys, what am I missing?
Google reports this in the headers:
Received-SPF: neutral (google.com: 81.95.119.6 is neither permitted nor denied by best guess record for domain of admin#drt01.dco.fusa.be) client-ip=81.95.119.6;
But my SPF is this:
domainname. TXT "v=spf1 a mx ip4:81.95.119.6 ~all"
You should setup an SPF record for your domain. Google is only returning neutral on your SPF check.
First, I would suggest using Swiftmailer over PHPMailer. But regardless, your issue isn't what software you are using to send your email. You should head over to http://mxtoolbox.com/ and see what it says about your email domain. You should have the correct reverse DNS setup, in addition to making sure you have a SPF record setup in your DNS.
It seems your reverse DNS is not setup correctly, at least not for koopte.be.
It is also possible that if the new IP address has been previously blacklisted by Google or Hotmail or any of the third parties they use (even before it was owned by you), the blacklist is still in effect.
In addition to mxtoolbox.com, I'd also checkout Spamhaus's lookup (http://www.spamhaus.org/lookup.lasso). Many providers use their XBL, PBL, and DBL advisories to maintain a blacklist.
You may want to look into DKMS/DomainKeys (and Microsoft/Hotmail has their own thing as well that is similar but different for Hotmail :P)
Spam issue because of following reasons
1)Shared hosting
If you are using shared hosting, PHP is not the solutions for this issue.try to contact your server providers.Some time your hosted IP treated as spam.Try to change the hosting providers, It may work fine.
2) More Links in your e-mail body
3 )Partial header(Always use reply-to,Ref Ans:TrentonMcManus)
4) Bulk E-Mailing
5) Spam Reporting(number of people who have clicked on your link as spam)
6) The message not to be too short or too long.
7) Sending From Blacklisted IP(hosting, and SMTP server) )
It may be new your IP address has been previously blacklisted by Google or Hotmail You can check Blacklisted ip or not from the site from here
8)Verifying sender IP
Sender Policy Framework (SPF) is an email validation system designed to prevent email spam by detecting email spoofing, a common vulnerability, by verifying sender IP addresses.
Perhaps PHP not solutions for this. You can do Following things in php coding
1)Always use the from/reply to address
2)Add unsubscribe link in body
3)Avoid spam keywords.
4)The message not to be too short or too long.
5)Text version is better than HTML