PHP generated emails marked as spam

[new b.]

Hello

 

Attempts to email lost passwords to users via PHP script on the website result in them emails being marked as spam by postfix/spamassassin combo running on the same server.

 

Not sure where else to ask for help. Thought you PHP guys might shed some light.

 

thanks

[PFMaBiSmAd]

So, do any other php generated emails work?

 

What is your php code that generates the lost password email and what is your php code that generates, for example, the sign up activation link email? xxxxxx out any sensitive information but don't change any of the actual syntax being used.

[new b.]

Well this one below and another test script both produce same result. Emails dispatched from this machine by using PHP mail() function will arrive as attachments with spam score > 5. I read it is purpose implemented in spamassassin to prevent PHP script spammers however it does backlash on me.

 

To answer your second part of the question, site does not have sign up activation email. Only lost passwords are getting emailed. I am not the a programmer myself, just trying to fix couple of things left out by other guy.

 

 

<?php

if ($accessLevel != $alNUser)	$pg->Goto('./');

include_once "./lib/mail/class.smtp.php";
include_once "./lib/mail/class.phpmailer.php";	//  For sending mail

$title		= 'Forgot password?';
$mainmenu	= getMenu($menu, $accessLevel, 'Search');

$login	= $pg->getReq('login');
$email	= $pg->getReq('email');


if(empty($login))	$error = ERR_EMPTY_FIELD.': Login';
if(empty($error)&&(empty($email))) $error = ERR_EMPTY_FIELD.': E-mail';
if(empty($error)&&(!isEmailValid($email))) $error = ERR_WRONG_EMAIL;


if (empty($error))
{
$usrInfo = $db->query('SELECT * FROM users WHERE login="'.forDB($login).'" AND email="'.forDB($email).'"');

if ($db->length!=1)
	$error = ERR_WRONG_REMIND;
else {
	$usrInfo = $usrInfo[0];

	$newPass = genPassword();
	$db->exec('UPDATE users SET password=PASSWORD("'.forDB($newPass).'") WHERE login="'.forDB($login).'" AND email="'.forDB($email).'"');


	$tpl = new Template;
	$tpl->assign('newpass',	$newPass);
	$message = $tpl->apply('./tpls/auth/mail.remind.htm');

	$mailer = new PHPMailer;
	$mailer->isHTML(true);
	$mailer->Host     = 'localhost';
	$mailer->Mailer   = 'smtp';
	$mailer->SMTPAuth = true;
	$mailer->Sender   = SNDR_HOST;
	$mailer->From     = SNDR_HOST;
	$mailer->FromName = 'Password Reminder';
	$mailer->CharSet  = 'UTF-8';

	$mailer->Subject  = 'Your new password';
	$mailer->Body     = $message;
	$mailer->ClearAddresses();
	$mailer->AddAddress($usrInfo['email'], $usrInfo['firstname'].' '.$usrInfo['lastname']);
	$mailer->Send();

	$tpl = new Template;
	$content = $tpl->apply('./tpls/auth/rem.ok.htm');
}
}

if (!empty($error))
{
$tpl = new Template;
    $tpl->assign('login',	$login);
    $tpl->assign('email',	$email);
    $content = $tpl->apply('./tpls/auth/remind.htm');
}

$tplSrc		= './tpls/base.no.tabs.htm';

?>

 

Let me know if you need 'include' files as well.

 

Many thanks

[new b.]

bump.

[Tonic-_-]

Usually with mail servers & spam checking it depends on the email address that is generating & sending the email to the users. If the domain seems odd then it won't send directly to the inbox, this is kind of something you would have to check in with on mail sites that do spam listing & blacklisting for domains & IP Addresses.