I am using php and mysql. And my site is in flash (full flash site)
I have a website which let users to sign up. The signup process including sending "activation email", click link to activate account.
The first two weeks was fine. Out of around 2000 users, 1800 users are activated. After that, the activated users drop drastically, to about 30%. Example: 1000 users signup, only 300 were activated.
At first, I found the problem is because the email could not be reach to ymail, msn and gmail users. (Most of my subscribers are Ymail (yahoo), hotmail/msn(live) and gmail (gmail)). I tried signup using ymail and hotmail, but i didnt get any activation email. I contacted yahoo and msn, eventually my email can go through now.
However, my signup statistic still showing, the activated users are only about 30%, which very confuse me. I contact my hosting company, ask them the whitelist my IP. And they did it.
I need your advice/help on following questions:
How to check where the problem lies? Is the email not delivered? User receive email but didnt click the activation link?
I am using php mail funstion. and this is my headers:
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";
$headers .= 'From: Admin <\admin#domain.com>' . "\r\n";
$headers .= 'Return-Receipt-To: Bounce <\bounce#domain.com>' . "\r\n";
$headers .= 'Reply-To: Admin <\admin#domain.com>' . "\r\n";
$return_path = "\bounce#domain.com\";
(I hide my domain name, and i add backslashes within emails, cuz if not, the email wont show here, weird)
Is there anything wrong with the headers?
What can I do to improve my registration/signup activation process?
You should pass your return path as "-f" parameter for mail() function:
mail(
$this->recipient,
$subj,
$this->body,
$this->compose_headers(),
'-f ' . Options::obj()->mail->return_path);
Also, for the best results, if the sending server has a public domain name example.com, the return path should be something#example.com.
Anyway, you should definitely check the logs (/var/log/mail*) to know exactly what's going on.
Try using gmail as your smtp server istead of mail server like sendmail from a domain. Using gmail smtp would kinda ensure that your mails are sent on best effort surity. Also Gmail would not be treated as spam unless email id is marked as spam (so try using a one which is safe). To improve singup->activation through put your best bet is to ensure that email is reaching user's inbox.
For safety net you can have a feature in which you allow user to resend the activation link if the first one failed for some reason.
If you are uncomfortable using gmail as smtp, you can sign up ur domain with google apps (but that might require changes in business needs) and you can have admin#domain.com kind of email and still use efficient gmail smtp servers.
There are many libraries out there like phpMAiler which allows to use external smtp servers. Note all data through gmail servers go via SSL or TSL.
Do you have access to the log files of the email server sending out the registration emails? Any bounced emails normally go back to the sending server. By monitoring the log files you can check and see what number of emails (if any) are still getting bounced back.
What kind of access do users have to your web site without an activated email address? Are any features disabled? Are there any incentives to activate or use a real email address?
Your example doesn't show a Date header which is a required field. In my experience some mail handlers reject emails that don't have one (and some just add one with the current date.) If your actual code doesn't have one then try adding one and seeing if it makes a difference.
Search for RFC2822 for information on what is required,
Related
I want to send an email from A to B, with HEADER and CONTENT through gmail.
How to do that by PHP?
I've specified the FROM (from#example.com), but when I receive the email, it's still from my gmail account (abc#gmail.com).
$mail->From = "from#example.com";
$mail->FromName = "Mailer";
$mail->AddAddress("abc12#163.example", "Josh Adams");// name is optional
$mail->AddReplyTo("abc12#qq.example", "Information");
How do I change the FROM part?
The short answer - you can't.
Google rewrites the From and Reply-To headers in messages you send via it's SMTP service to values which relate to your gmail account.
The SMTP feature of gmail isn't intended to be an open or relay service. If it allowed any values for the From header, it would significantly dilute Google's standing with spam services, as there would be no way to verify the credentials of the sender.
You need to consider alternatives. How are you planning to host your script/application/website when it's finished: virtually every hosting solutions (shared/vps/dedicated server) will come pre-configured with an email transfer solution: be it sendmail or postfix on *nix, or IIS on Windows.
If you are intent on using gmail then you could:
Setup a dedicated myapp#gmail.com account
If you own the domain you are supposedly sending from, use the free gmail for domains, and setup a myapp#mydomain.example account.
====
Edit June 2015
It was suggested that GMail does allow sending via different addresses. As far as I can tell, this is for sending via the GMail wep app, and utilises your existing external SMTP server, which is not relevant to the original question.
====
Edit Nov 2013
Seeing as this is still getting a trickle of votes. A quick update.
Google have withdrawn their free GMail for domains. There are plenty of other free services around. One of note is Mandrill - a one-to-one email service intended for transactional emails (e.g. ecommerce orders etc.). It's ran by MailChimp, who pretty much know all there is to know about sending email at volume. They also give you 12k/month free, which is rather nice.
This question and correct answer may be relevant:
When using Gmail for SMTP, can you set a different "from" address?
Gmail requires you to validate From addresses before sending mail as that email address. So you need to add a new sender in your personal gmail account and validate it.
Doing so will allow you to authenticate with youremail#gmail.com and send email from from#example.com
Unlike everyone else, I'll take the plunge and make the assumption that by letters you mean emails...
But I'm not sure what you are getting at when you mention that it should include "Headers and Content". Do you want to forward emails? Do you want the emails from A to appear as though they came from B's gmail account in the headers? Are you building some sort of gmail client?
The easiest way to send an email with PHP is with the mail function. This example comes straight from their documentation:
$to = 'nobody#example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#example.com' . "\r\n" .
'Reply-To: webmaster#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
If you want the headers to appear from A's gmail and not to simply change the from/reply to part, you'd have to use gmail as the SMTP server. I don't know if you can set that at the script level.
The answer above are not quite correct.
You are definitely able to specify any senders as long as you own the other email address.
As the help page explains:
On your computer, open Gmail.
In the top right, click Settings.
Click the Accounts and import or Accounts tab.
In the "Send mail as" section, click Add another email address.
Enter your name and the address you want to send from.
Click Next Step and then Send verification.
For school or work accounts, enter the SMTP server (for example, smtp.gmail.com or smtp.yourschool.edu) and the username and password on that account.
Click Add Account.
Once that email is added successfully,
you can send email on the behalf of the new email address in gmail.
Google will not rewrite your from email in this way while you're sending email via Google SMTP.
You need to go to GMAIL settings and add new alias.
You will be asked SMTP information, which is basically useless, since you are using SMTP to send email, BUT the catch is that if your alias is on Google Suite domain it will be added just with simple email confirmation!
Once you have the alias there, you can change "From" header in your SMTP email.
NOTE: You cannot change the "From" address to whatever#dude.example, that's just how Gmail works and is the reason it's trusted.
If the reason you want to use gmail is because you don't want to set up an MTA (the reason you stated in a comment to this answer), you have 2 options:
If the web server is at your
home/work place; use your ISP's
smtp-server
If the web server is at a dedicated
hosting center, ask them what
smtp-server to use.
I appologize, if my questions sound naive, but I have no one to ask. I am new in PHP and right now I am playing with PHP.mail() function.
I am using XAMPP, PHP, SMTP server in our work just to see the functionality.
In C:\xampp\sendmail\sendmail.ini I set
smtp_server=mail.heaven.com
auth_username=fairy
auth_password=nice
I created sendmail.php to send test mail to myself:
<?php
$to = 'fairy#heaven.com';
$subject = 'greetings';
$message = 'if you read this, everything is fine';
$headers = 'From: devil#hell.com';
mail($to, $subject, $message, $headers);
?>
I ran that and received email from devil#hell.com, so actually from me. I could not find out real sender from this message and my attempt to reply failed... because devil#hell.com did not exist, of course.
And now comes, what confuses me. As far as I know, the first step is to provide the real login and the pass (auth_username, auth_password) to the SMTP server. The server knows I exist, it lets me in, so I can send email from my REAL account.
I thought, that SMTP server takes automaticaly all necessary info from my account and wrap it into the email message, so the other people could reply, but obviously not.
I do not understand, why can I add misleading information so easily. It seems me, I can use my account to generate fake emails to molest my colleagues daily. I was not able to find out, who actually was the real sender.
Is this information stored anywhere? Is it possible for a client to see, who sent email or is it totally dependent on the From: header in PHP.mail() function?
Thanx for clarification
It is the way SMTP protocol is made.
You're telling the recipient who you're supposed to be, and how it can answer you. There is no central repository of who controls a email domain, or an email user.
It can check by itself, by implementing security mechanism, such as what gmail is doing using DKIM. You can't impersonate a gmail email.
See https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail for more information.
I am asking this question just because I am curious and probably it is a really dumb and very well known thing but I couldn't find an answer online:
Today I was helping a friend with his website. He asked me to prepare an html e-mail template that he can send via his website (e.g. www.myfriendswebsite.com) with phpmailer. I prepared it and tested in my domain/server by putting his e-mail address (e.g. info#myfriend.com) in "from" part. I sent an e-mail to my personal e-mail address (e.g. myname#hotmail.com) via my website (e.g. www.mywebsite.com) and when I received the e-mail I realized I don't even see my domain's name or e-mail address (e.g. info#mydomain.com); instead I see my friend's e-mail address (info#myfriend.com). When I hit "reply" it replies to my friend's address; it looks like it has been sent from my friend's website directly. Of course; if I pull up the raw source I see the details of where I received the e-mail but what prevents someone else using my e-mail address and spam people? I am pretty sure this is another way of spamming and hacking people's accounts but is there a way to prevent that? It scared me a little and I didn't know where else to turn but Stackoverflow :)
For one, you should not send emails whereby the From: is populated by user supplied data; use the Reply-To: header for such purposes.
The reason you shouldn't do that is because inbox services, such as Google Mail, Yahoo, etc. use the Sender Policy Framework (SPF) to determine whether the mail server that sent the message is authorized to send on a domain's behalf; you would risk messages sent from your server to get recognized as spam and not delivered.
So, to answer your question, even though it's possible to masquerade anyone's email address, it's getting increasingly more difficult to get those messages delivered due to improving spam filters and black lists, and doing so can even get your mail server blacklisted.
what prevents someone else using my e-mail address and spam people?
Nothing. Imagine a postcard, what prevents someone else using your address and send postcards out into the world? Nothing.
The same is for email, the postcard of the internet.
Editing your headers like this will/should fix the problem.
$headers = 'From: info#myfriend.com' . "\r\n";
$headers .= 'Reply-To: info#myfriend.com' . "\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
in my web site i have developed a mail function see my code ..
$headers='MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html;charset=iso-8859-1' . "\r\n";
$headers .= 'From:'.$name.' <'.$email.'>' . "\r\n";
$mail_body="";
$mail_body.='<table style="border:1px solid #993300" width="400" cellspacing="3" cellspacing="5">';
$mail_body.='<tr><td style="padding-left:10px; line-height:25px;" >';
$mail_body.='<center><b>Enquiry Information</b></center><br>';
$mail_body.='Name : '.$name.'<br>';
$mail_body.='Email : '.$email.'<br>';
$mail_body.='Phone Number : '.$phno.'<br>';
$mail_body.='Package : '.$package.'<br>';
$mail_body.='Category : '.$category.'<br><br>';
$mail_body.='Vehicle Type : '.$vehicle.'<br><br>';
$mail_body.='Traveling From : '.$travelfrom.'<br><br>';
$mail_body.='Arrival City : '.$arival.'<br><br>';
$mail_body.='Date : '.$date.'<br><br>';
$mail_body.='Adult : '.$adult.'<br><br>';
$mail_body.='Children : '.$children.'<br><br>';
$mail_body.='Food : '.$food.'<br><br>';
$mail_body.='Travel Requirements : '.$requirement.'<br><br>';
$mail_body.='Duration : '.$duration.'<br><br>';
$mail_body.=' promotions : '.$promotion.'<br><br>';
$mail_body.='Addons : '.$addone.'<br><br>';
$mail_body.='Preferred Destinations : '.$destination.'<br><br>';
$mail_body.='</td></tr>';
$mail_body.='</table>';
$mailSend=mail('enquiry#travel.com', "Country Travelmart" , $mail_body, $headers);
if($mailSend){
header("location:success.html");
}else{
header("location:sorry.html");
}
I see success.html page, after the mail function. But the mail is not present in 'enquiry#travel.com. I have changed the mail address to my email address, i got the mail. Then why mail is not sent in 'enquiry#travel.com.
Does any one know this?
Please reply
I think using PHPMailer can help you to increase the chanse of preventing emails as spam.
Junk mail? Email being filtered? Does that server that is sending the Email resolve the travel.com to the same IP as you do?
It is apparent that your PHP code does not have an error in it if it is sending to other Email addresses.
Some mail servers require certain settings to allow you to email, such as a secure SMTP connection to the server which php cannot handle within its native libraries.
Pear has a library you can use to attach SMTP authentication at: http://pear.php.net/package/Mail
Additionally, you might wish to troubleshoot by setting your own email address as the sender - in the event of a bounce-back email, you will then be able to receive it and troubleshoot further.
If the mail is getting through on other accounts and returning success for this account but never showing up, then the problem isn't with the code, it's with your message getting blocked by the destination server.
Possible reasons:
The destination server thinks it's SPAM. This is almost certainly the case. I worked for a cloud spam service, and web developers using PHP mail and other blind transfer agents hated us.
The destination server only allows certain IPs to send (usually a firewall or whitelist). You probably can't fix this unless you know the IT guy for travel.com and buy them a beer.
The destination server rejects messages with specific headers it doesn't understand, aren't set at all, or generally off.
Possible solutions:
The only possible solution that would involve keeping your current code in place would be changing or adding a header to the outgoing message. This is probably not the best fix because:
The headers could be fine and the message is getting blocked for other reasons.
If it is a header, tracking down which one will require getting the message back with the full headers (usually a bounce reply will have them, but not always)
Using PHP's mail function is outdated and not ideal for any kind of mail campaigns (for the reasons your seeing)
Using a 3rd party mail library like Pear's Mail class or PHPMailer (which I use). Be aware, however, that the reason these work more reliably is because you provide the SMTP server details and credentials, the same as you would for Outlook or Thunderbird. PHP's mail function uses the host server's SMTP server to send out, which causes issues like yours, but also doesn't require a password and permission to use. Having said that, it is better to send via a registered and verified address, both because it's less spammy and because your account's SMTP server can vouch for you, so to speak. But I would invest in getting an email account just for using in your PHP scripts, rather than using your personal account. Also, be aware that GMail is a real headache for this purpose, so just skip it if you can.
Dedicated mass mailing accounts, like Amazon SES or MailChimp. The best of both worlds, because they do bulk mailing better than your SMTP server ever will, it's tied to a user account you set up with them, not your actual email address, and most of them provide PHP libraries. The catch: they don't come cheap. The economics of scale to get a good Return on Investment is tons of emails daily.
My recommendation is to go with a free and respected mailer library and pay (if you aren't already) for a new email address just for the site to send mail. When it gets to the point where you're sending more emails than your mail server can handle in a day, look at a mass mailer service.
Im using PHP's mail() function to send some emails. But all my mails land automaticly in the trash box. Is there a way of preventing this? If so, where should i read to learn more about it.
Would you recommend me using PHPmailer?
Best of regards,
Alexander
TL;DR: There's no magic bullet. Just because you can learn how to form an email in PHP, does not guarantee it is routed to someone's mailbox, or even accepted. Success is based on reputation, not any single fix.
I am (edit: was) a mail server engineer, have written SpamAssassin rules, and have deep-dived issues for customers sending or receiving email.
The recipient's mail server scans your email, looking for attributes and "historical problems" (lack of mail agent, coming from your webserver IP, etc). These get "points". The total number of points is compared, and the recipient's server may do one or more of the following:
List item
refused during SMTP,
routed to Spam folder,
routed to Inbox, but tagged "SPAM"
blackholed (accepted, then mysteriously lost).
"Points" (score) only means something to a particular anti-spam solution. There is no public test. Fix ALL the problems you can, and success goes up.
*The #1 issue is: do not send email directly to the recipient's SMTP server. This network space sends 99.9% spam. It costs money to scan email, so a good email admin will block or refuse such connections.
The "fix" for your source IP is: Use an SMTP Gateway. The gateway can be our ISP mailserver, or a commercial service. Check first with their terms of service. They may prohibit sending emails using an authenticated web form, since these are so frequently abused ("someone hacked me" is not an excuse).
If you have email hosting, do the following: create a mailbox called for example 'website-notification#websitedomain.com'. Call it what you like. Now you want your PHP script to send the email -through- that address, using Authenticated SMTP. I'll leave the process of learning how to use Authenticated SMTP from PHP as a learning exercise for you -- there are many tutorials online).
Once you send emails through your valid SMTP server, the mail is seen as "originating" from your SMTP gateway. It's not seen as coming from your script. But this isn't the end of the story
As someone else noted, Be sure you are not missing display headers such as To: From: Subject: and Date:. Strictly speaking these headers are NOT "required" in email handshaking, but in practical terms no reputable email software omits them. Also, Date must be in the standard date format, or some spam filters will flag it.
This topic is not to be confused with "envelope headers" (the hidden stuff in the SMTP handshaking), which also can also impact your score. Using an SMTP Gateway usually takes care of this (since the recipient's mailserver will handshake with your gateway host).
Your FROM address must be VALID. Do not use a fake domain. Do not use your domain name with a fake mailbox name. Some anti-spam software will do a "Sender Verify" to test if the From address is bogus or fake (oversimplified: they'll try sending a reply and see if you would accept it or not).
The #1 mistake is setting your from address as "noreply#yourdomain.com", and not creating that mailbox. When that happens, everyone's "Sender Verify" on your email fails, and you look like a spammer covering their tracks.
If your domain DNS has an SPF record, be 100% sure it lists every IP that might send email for your domain. This is a technical topic. Having a valid, correct SPF record helps your deliverability a little bit. But if you misunderstand and create a bad (incorrect) SPF record, you will be worse off. Take your time to understand before using this.
If you have a business with a real address or PO box, don't use "Domain Registration Privacy" or "Domain Proxy" services if you can avoid it. When this was written (2011) It used to be very true that anonymizing services could get your mail blocked, or "tagged spam". This is less true today, but it's still worth considering.
Know the IP address of your mailserver, and regularly check that it is not "blacklisted" at SpamCop, SpamHaus, or the Barracuda spam blacklists. Google for more. There are monitoring services, and scripts which can alert you. But if you get on these lists, it means there is something else happening you were not monitoring for...
As said, no simple answer. :)
I suppose you mean thrash box at the receiver's end. So basically the receiving email server is regarding it as spam. This can happen if:
1) The IP you are sending from is already blacklisted for spamming (happens often in shared hosting)
2) The IP and domain are relatively new and unknown.
(Note that many times, newsletters from well established sites also end up in spam).
If its your dedicated IP, then setting RDNS for the IP, to match the domain name will very likely solve the issue. Another usual practice is to alert the receiver (if she is subscribing on your website) to check their thrash/spam folder and whitelist your email address in their mail account.
regards,
JP
JP's answer is partly correct but it also could be your header's in the email i know from experience this sends stuff to the spam folder try the following;
set the emails to your domain something like no-reply or a valid reply.
$to = 'nobody#example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#example.com' . "\r\n" .
'Reply-To: webmaster#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
This probably has something to do with your mail client and spam settings configuration. Try opening account on gmail.com and sending email there, if it's OK you know it is your mail server/client problem. If it's not, post your PHP code and full email headers of the email you've got.
This happens because many a times, headers are missing / if its a well known email server domain key signature is not present, or something like that. If you already have a separate email server, you should check out if you can use the PHP Pear Mail package to send email using your email server, rather than directly via mail function. That's what I find convenient, as its much more flexible.