I have a website in which I send a confirmation mail as part of the registration process.
Some time ago, I had some troubles with the mails I sent since I used no headers (PHP mail function).
Once I put some headers, I've gotten more responses from users, but I suspect that not every message reaches its destination.
How can I be sure that the messages reach their destination?
Which are the headers that can be considered a 'must'?
This is the code of my SendMail function
mail($to,
$subject,
$message,
"MIME-Version: 1.0\n".
"Content-type: text/plain; charset=ISO-8859-1; format=flowder\n".
"Content-Transfer-Encoding: 8bit\n".
"Message-Id: <" . md5(uniqid(microtime())) . "#mysite.com>\n".
"Return-Path: <admin#mysite.com>\n".
"X-Mailer: PHP v".phpversion()."\n".
"From: admin# mysite.com");
You should use external library for working with e-mails in php like PhpMailer , SwiftMailer or Zend_Mail. All your problems will go away.
The headers need a white space at the bottom to separate the header from main body.
Tools like Spam Assassin will give you a big mark down for that.
Also you should use \r\n as a line terminator instead of just \n
From PHP.net
Multiple extra headers should be separated with a CRLF (\r\n).
The headers seems quite good to me. The only glitch I see is an extra whitespace in the From header.
I'm sure you already checked it, but just in case ...
"From: admin# mysite.com");
should be (?)
"From: admin#mysite.com");
This is a working mail function I'm using for html mail and variable $return is defined to get error report from mail server in case of fail delivery.
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=iso-8859-1" . "\r\n";
$headers .= 'From: <'.$from.'>' . "\r\n";
$return = '-f'.$from;
#mail($to, $subject, $msg, $headers, $return);
you can see more detail at here sugunan.com
The headers look ok, except for the details pointed by #Eineki. Also if you are using Windows you need to send the $to param in the form "user#mail.com" and not "Username ", because it may cause trouble, due to the way the mail() function is implemented on windows platform, the "to" address may be parsed incorrectly.
You should add a Date: header (its mandatory by RFC5322) and some mail-clients may assume January 1 1970 as an e-mail date if none is given (and it gets lost between all the other old messages).
Related
i have a PHP variable that i construct like:
$msg_gifted='<body style="border:3px solid
black;padding:5rem;width:1000px;margin:auto;margin-top:30px;text-
align:center;">';
$msg_gifted.='<img src="/logo.png">';
$msg_gifted.='<h1>It is a mail </h1>';
$msg_gifted.='<p>From: ';
$msg_gifted.=$_POST["useremail"];
$msg_gifted.='</p>';
$msg_gifted.='<p>Amount: GBP';
$msg_gifted.=$_POST["amount"];
$msg_gifted.='<Some text </p>';
then i am sending this variable with mail
mail($recipient_gifted,$subject_gifted,$msg_gifted,$mailheaders_gifted);
everything works fine.
When i am adding some more staff to the variable then for some reason the mail never arrives
$msg_gifted='<body style="border:3px solid
black;padding:5rem;width:1000px;margin:auto;margin-top:30px;text-
align:center;">';
$msg_gifted.='<img src="/logo.png">';
$msg_gifted.='<h1>It is a mail </h1>';
$msg_gifted.='<p>From: ';
$msg_gifted.=$_POST["useremail"];
$msg_gifted.='</p>';
$msg_gifted.='<p>Amount: GBP';
$msg_gifted.=$_POST["amount"];
$msg_gifted.='<p>Some Text</p>';
$msg_gifted.='<p>';
$msg_gifted.='1000';
$msg_gifted.='</p>';
is there a limit for the variables?
You should consider using something like PHPMailer or SwiftMailer for sending E-Mails.
Most likely you got something wrong with the headers of the E-Mail. It's difficult to get them right, especially, when using mail for the first time.
Also, as far as I know, there's no such thing as a variable limit for mail(), have you already checked your server error logs?
Greetings
Edit:
As I thought it's a header based error.
i figured out it has to do with the headers.
the whole mail headers variable is:
$mailheaders_gifted = "From: " . $support_email . "\r\n";
$mailheaders_gifted .= "Reply-To: ". $support_email . "\r\n";
$mailheaders_gifted .= "MIME-Version: 1.0\r\n";
$mailheaders_gifted .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
I also tried :
"Content-type:text/html;charset=UTF-8" . "\r\n";
I still recommend to use one of the libraries I mentioned above.
Following from the PHP Docs for the mail function could solve the problem:
Note:
If messages are not received, try using a LF (\n) only. Some Unix mail
transfer agents (most notably » qmail) replace LF by CRLF
automatically (which leads to doubling CR if CRLF is used). This
should be a last resort, as it does not comply with » RFC 2822.
I finally managed to solve this. it was not a problem of how to setup the variable, but how to setup the headers.
i needed to edit my headers like:
$mailheaders_gifted[] = 'MIME-Version: 1.0';
$mailheaders_gifted[] = 'Content-type: text/html; charset=iso-8859-1';
$mailheaders_gifted[] = 'From: My Web Site <mymail#example.com>';
then the mail function should be:
mail($recipient_gifted,$subject_gifted,$msg_gifted,implode("\r\n",$mailheaders_gifted));
The following headers are sent using PHP's mail() function:
$emailheaders = "From: " . $sender . "\n";
$emailheaders .= "Return-Path: " . $sender . "\n";
$emailheaders .= "MIME-Version: 1.0\n";
$emailheaders .= "Content-type: text/html; charset=UTF-8\r\n";
mail($email, $subject, $body, $emailheaders);
It works fine, except Return-Path: is reset to nobody#server.com, or at least this is what shows up when viewing extended headers for emails received using the above headers. Naturally this means that bounce emails are not received.
Does Apache reset the headers, and in this case why, or am I using mail() incorrectly?
What can I do to prevent this from happening. Using mail()'s fifth parameter (e.g. -f sender#server.com) is out of the question as PHP is in safe mode and the provider will not change that. I suppose that there isn't some way to allow the fifth parameter for certain users despite safe mode being on.
The server is running Apache 2.2.3 and PHP version 5.1.6.
The server's Mail Transfer Agent (MTA) is overriding the return-path. For example if using Exim:
Set the return-path in the /etc/exim/exim.conf configuration file:
return_path = sender#example.com
If you don't have access to the server config or the mail() fifth parameter then there's probably nothing you can do.
You are splitting the headers using \n but according to PHP it should be \r\n (see Which line break in php mail header, \r\n or \n?).
Perhaps thats the reason why the header isnt send correctly.
I am trying to send new system generated password using mail() in php. The thing is I am able to send it to yahoo but when I use gmail or hotmail I dont receive any emails although the function returns true. Following is the function:
if(mail($to,$subject,$body))
{
return true;
}
else
{
return false;
}
It probably ends up in the spam folder look there. If its there make sure your email headers are perfect.
You could look into librairies for what you want to achieve. Zend_Mail has everything you could need to connect to gmail and others.
If you are getting the mail successfully through yahoo, you should also post the headers that are coming through from yahoo here in the question. My bet is you will need to include a "from field" also to get through on hotmail, gmail, etc...
Your problem might be the antispam filters. E-mails sent from PHP are usually marked as spam by the mail servers and end up deleted or in the spam can.
You can Google for "php mail spam" to get some hints of how to work around this issue.
Maybe you're on a shared server and the IP is banned/blocked due to spamming by other users (websites) of your server.
Try adding SPF records.
Ensure that your envelope-FROM (a.k.a. return path) is set to a valid email address that you have access to. If you're not seeing the message in the spam folders, it should be getting bounced; the bounce message may offer a clue as to why the mail is not getting through.
I would try to include your own headers in your mail function
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "Date: ". date('r'). " \r\n";
$headers .= "Return-Path:youremail#domain.com\r\n";
$headers .= "Errors-To:youremail#domain.com\r\n";
$headers .= "From:youremail#domain.com <youremail#domain.com>\r\n";
$headers .= "Reply-to:youremail#domain.com \r\n";
$headers .= "Organization: YourOrg \r\n";
$headers .= "X-Sender:youremail#domain.com \r\n";
$headers .= "X-Priority: 3 \r\n";
$headers .= "X-MSMail-Priority: Normal \r\n";
$headers .= "X-Mailer: PHP/" . phpversion();
mail($to,$subject,$body,$headers);
Try checking if your mailserver ip is blacklisted anywhere?
http://www.mxtoolbox.com/blacklists.aspx
If not, try harder with the headers that are being sent with the mail.
I need a set of mail headers to attach to my mail() function in PHP. I send emails with HTML in them, and sometimes services like Yahoo Mail block them. Therefore I need to make sure that I am at least providing the right headers.
My code:
// To send HTML mail, the 'Content-type' header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'From: MyCompany <welcome#mycompany.com>' . "\r\n";
Is there anything else I should add?
$headers = "From: testsite <mail#testsite.com>\n";
$headers .= "Cc: testsite <mail#testsite.com>\n";
$headers .= "X-Sender: testsite <mail#testsite.com>\n";
$headers .= 'X-Mailer: PHP/' . phpversion();
$headers .= "X-Priority: 1\n"; // Urgent message!
$headers .= "Return-Path: mail#testsite.com\n"; // Return path for errors
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=iso-8859-1\n";
Most MUA's insert a lot of extra headers; however, here is sort of the bare minimum you can expect.
To:
Subject:
Date:
MIME-Version:
Content-type:
If you using HTML, then you should probably be using multipart messages--but it's not strictly necessary.
When defining if a sender is a possible spammer, many services check if the domain of the sender looks like a dialup user.
Quote from Wikipedia:
One e-mail anti-spam technique:
checking the domain names in the rDNS
to see if they are likely from dialup
users, dynamically assigned addresses,
or other inexpensive internet
services. Owners of such IP addresses
typically assign them generic rDNS
names such as
"1-2-3-4-dynamic-ip.example.com."
Since the vast majority, but by no
means all, of e-mail that originates
from these computers is spam, many
spam filters refuse e-mail with such
rDNS names.
Did the mail really come from 'mycompany.com'? I've had problems with some mail services blocking if it didn't really come from the SMTP server that the mail says it does.
A way around this, for me, was making the from to be automail#mydomainnaim.com and adding a reply-to, being the person who sent the mail using my system.
PHP 7.2+ solution
In current versions of PHP it is possible to pass an array of headers to mail() (as mentioned in the PHP docs), so the code could look a little cleaner. (Sablefoste mentioned this in their comment on the current top answer.)
In case anybody is interested, it could look like this:
$headers = [
'From' => 'testsite <mail#testsite.com>',
'Cc' => 'testsite <mail#testsite.com>',
'X-Sender' => 'testsite <mail#testsite.com>',
'X-Mailer' => 'PHP/' . phpversion(),
'X-Priority' => '1',
'Return-Path' => 'mail#testsite.com',
'MIME-Version' => '1.0',
'Content-Type' => 'text/html; charset=iso-8859-1'
];
mail('recipient#host.com', 'My subject', 'My message', $headers);
The RFCs for both IMF and MIME define the minimal set of headers, so this would be a good place to start.
For IMF, look here: https://www.rfc-editor.org/rfc/rfc5322#section-3.6
For MIME, look here: https://www.rfc-editor.org/rfc/rfc2045#section-3
The link below could be of some use defining the mandatory headers as:
Date:
The date the message was originated/written.
From:
The person "responsible" for the message.
I am trying to send an email from a site I am building, but it ends up in the yahoo spam folder. It is the email that sends credentials. What can I do to legitimize it?
$header = "From: site <sales#site.com>\r\n";
$header .= "To: $name <$email>\r\n";
$header .= "Subject: $subject\r\n";
$header .= "Reply-To: site <sales#site.com>" . "\r\n";
$header .= "MIME-VERSION: 1.0\r\n";
$header .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$phpversion = phpversion();
$header .= "X-Mailer: PHP v$phpversion\r\n";
mail($email,$subject,$body,$header);
Don't use HTML in your email.
Send it via a legitimate mail server with a static IP and reverse-DNS (PTR) that points to the machine's real host name (and matches a forward lookup).
Include a Message-ID (or ensure that the local mailer adds one for you).
Run your email through SpamAssassin and see which bad-scoring rules it matches. Avoid matching them.
Use DomainKeys Identified Mail to digitally sign your messages.
I just successfully tried the following from my Yahoo! Web Hosting account:
$email = "me#site.com";
$subject = "Simple test";
$body = "Simple test";
$header = "From: site \r\n";
$header .= "To: $name \r\n";
$header .= "Subject: $subject\r\n";
$header .= "Reply-To: site " . "\r\n";
$header .= "MIME-VERSION: 1.0\r\n";
$header .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$phpversion = phpversion();
$header .= "X-Mailer: PHP v$phpversion\r\n";
mail($email,$subject,$body,$header);
However, you have some duplication in your header you should only need to do the following:
$email = "me#site.com";
$subject = "Simple test";
$body = "Simple test";
$header = "From: site \r\n";
$header .= "MIME-VERSION: 1.0\r\n";
$header .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$phpversion = phpversion();
$header .= "X-Mailer: PHP v$phpversion\r\n";
mail($email,$subject,$body,$header);
In addition to Ted Percival's suggestions, you could try using PHPMailer to create the emails for you rather than manually building the headers. I've used this class extensively and not had any trouble with email being rejected as spam by Yahoo, or anyone else.
There is also the possibility that 'sendmail' (which is underneath the PHP mail() function) needs extra parameters. If you have a problem with return headers (such as Return-Path) not being set with what you set them to be, you may need to use the fifth mail() parameter. Example:
mail('recipient#domain.com', 'Subject', $mail_body, $headers, " -f sender#domain.com");
There is some further evidence that true vanilla sendmail may have problem with this! Hopefully you have 'postfix' as PHP's underlying mail() support on your target server.
In addition to Ted Percival's suggestions, make sure that the IP address the email is coming from is a legitimate source for email according to the SPF record of site.com. If site.com doesn't have an SPF record, adding one (which allows the IP address in question, of course) may help get the emails past spam filters.
And if absolutely do need to use HTML in your email, make sure that you also include a plain text version as well; you'd use the content type of "multipart/alternative" instead of "text/html".
Ted's suggestions are good, as are Tim's, but the only way I've ever been able to reliably get email through to Yahoo/Hotmail/etc is to use the PEAR email classes. Try those & (assuming your server is OK) I can pretty much guarantee it'll work.
Ted and Tim have excellent suggestions. As does Shabbyrobe. We use PHPMailer and don't have any problems with spam filters.
One thing to note is that many spam filters will count NOT having a text version against you if you are using a MIME format. You could add all of the headers and the text version yourself, or just let PHPMailer or the PEAR mail library take care of that for you. Having a text version may or may not help, but it is good practice and user friendly.
I realize that your code sample is just that - a sample, but it is worth saying: Do not ever just drop user provided data into your mail headers. Make sure you validate that it is data you expect. It is trivial to turn a php mail script into an open relay, and nobody wants that.
Check rfc 822 and rfc 2045 for email format. I find python's Email class really easy to work with. I assume php's PEAR does the same (according to earlier mails). Also the header and the body are separated by a "\r\n\r\n", not sure if your code automatically inserts that, but you can try appending that to the header.
I dont think that DK/SPF might be necessary (since there are lots of webservers out there without DK/SPF support). There can be alot of factors that might be causing it to get blocked(atleast 10K different criterions and methods.. p0f,greylisting,greylisting, blacklisting etc etc). Make sure that your email is properly formatted(this makes a BIG difference). Look into libraries that generate the complete header for you.. that way you have least chances of making any mistake.
Adding a SPF record is very easy. You should try.
This one is for dreamhost plus googlemail
You should also ad you webserver ip address (in my case, the line before googlemail)
The last line tells the server to do a soft reject (mark as spam but don't delete) I'm using it instead of "-" (delete) because google documentation says so :-)
It's a TXT record
v=spf1
ip4:64.111.100.0/24 ip4:66.33.201.0/24 ip4:66.33.216.0/24
ip4:208.97.132.0/24 ip4:208.97.187.0/24 ip4:208.113.200.0/24 ip4:208.113.244.0/24
ip4:208.97.132.74 ip4:67.205.36.71
include:aspmx.googlemail.com
mx ~all
Hope it helps