Jump to content
ajetrumpet

strategies to prevent spamming out of PHP emails

Recommended Posts

I have done lots of research on this, and I am trying out numerous method to counter this, which includes using mail() function with various arguments for the header, the PHPMailer class libraries and including a TXT file in my DNS settings with Godaddy.  as far as mail() is concerned, I have this code:

if( empty($errors))
{
    $to = '$myemail';
    $email_subject = "Customer Contact Request Submitted";
    $email_body = "A potential customer has sent you their contact information:\r\n\r\n" .
    	"Name: " . $firstname . " " . $lastname . "\r\n" . 
    	"Email: ". $email . "\r\n" . 
    	"Phone: " . $phone . "\r\n" . 
    	"Products Interested In: " . $products_interested_in . "\r\n" . 
    	"Message: " . $message;
    $headers = "From: no-reply@domain.com\r\nReply-To: $email\r\nReturn-Path: $email\r\n";
    mail($myemail, $email_subject, $email_body, $headers);

    echo "Your contact information has been sent.  A respresentative will contact you shortly.";
} else {
	echo $errors;
	   }

and the message is sent fine, but gmail spams it out every time it's sent regardless of whether it is marked as "not spam" and moved to the inbox.  I have not read anything on what can be put in the header argument to try and prevent the spamming out.   thoughts anyone?   Secondly, I have not yet written the code to call PHPMailer class libraries, but all the experts say it is the most reliable way to send mail.  Is PHPMailer messages known to be spammed out too?   Thirdly, the TXT file I put in my DNS reads the following, per response #2 on this page: https://stackoverflow.com/questions/43241773/prevent-php-mail-sent-going-to-spam-gmail

Type: TXT
Host: mydomain.com
Value: v=spf1 ip4:myIPaddressHere ~all
TTL: Automatic (Godaddy's option for Automatic is "1 hour")

I have to wait another 24 hours to see if that will fix the spamming issue.  Godaddy requires 48 hours for their server to adopt the new settings.  Does this look right to you guys as well?  thanks.

Share this post


Link to post
Share on other sites
6 minutes ago, ajetrumpet said:

I have not read anything on what can be put in the header argument to try and prevent the spamming out.

If there were such a thing, every spammer would be using it.

  • Like 1

Share this post


Link to post
Share on other sites

have you ever used PHPMailer, Barand?  If you have, has a message from it ever been spammed out?

Share this post


Link to post
Share on other sites

I have built apps for clients that use it and used it when testing. I don't send that many emails myself to know if there is a problem. Whether or not it gets thrown into the spam bucket is down to algorithms on the server rather than the software sending the mail. PHPMailer just makes things a lot easier, especially if you want to send attachments etc. (Every notification email that PHPFreaks sends to me ends up in in my spam even though Freaks domain  is in my contacts and I have specified "never block sender". For some reason they must look spammy.)

Share this post


Link to post
Share on other sites

sometimes i get notifications from this place, and sometimes I don't.  and I have gmail.  but gmail is VERY good about treating messages that you deem "legitimate", and drag and drop to the "primary inbox" if the message is found in the inbox's "social" or "promotions" folder.  but specifying a message and pushing the "not spam" button for a message that was spammed out does nothing a lot of times, as with me sending the messages with the mail() function.

Share this post


Link to post
Share on other sites

Your SPF record needs to include the IP address of the server that is sending the email.  From your post it's not clear if that's what you did or not.  Also, if your using some hosting provider such as godaddy, they may have several servers handling mail so you need to either include all their IP's or defer to them.  From what I can put together by skimming "What are the correct GoDaddy SPF Settings?" your SPF entry in DNS should probably look something like:

v=spf1 include:secureserver.net ~all

If you send email from other sources besides godaddy, you'll need to add those sources to the SPF record as well.

Beyond that, do look into using either PHPMailer or Swiftmailer instead.  They will make it easier for you to ensure that messages contain all the proper headers and are formatted correctly.

 

Share this post


Link to post
Share on other sites

thanks kicken.  i'll get back to you about the spf addition.  for the record, when i get the message from the mail() function, it comes from no-reply@mydomain.com via p3plcpnl0398.prod.phx3.secureserver.net.  so I would assume that the DNS entry u recommend would prolly work, given that secureserver.net is in the include string.

Share this post


Link to post
Share on other sites

kicken, this morning I added:

v=spf1 include:secureserver.net ~all

as a line in a text file and put it in my DNS settings.  I have to wait a couple of days for it to be recognized.  i'll let u guy know if it works.  thanks.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.