I have recently run into many problems with multiple hosts attempting to use the mail() function to send an email using PHP. Many hosts are now blocking this method as it is often used to spam. Is there another way I can send mail in my scripts that will be able to be used in a variety of circumstances with a large audience? In other words, a method that is friendly to use on many different servers/hosting setups?

Thanks for any help 🙂

    I have had problems in the past with mail i will agree 100% with bradgrafelman. PHPMailer is the best smtp mailing system out there. Best of all it's free.

      Many hosts are now blocking this method as it is often used to spam.

      This has nothing to do with the mail() function and is more than likely caused by ill formed headers.

        if you use PHPMailer with smtp authentication you have little to no oproblems. Unless you are sending spam, in that case you should be shut down

          Whether your host is blocked has nothing to do with whether you use mail() or not.

          mail() is the right way to send mail in PHP and you should always use it.

          Consult your MTA logs and / or look at the bounces to find out why the messages are being rejected. Specific providers often have their own blacklists.

          If it's a shared machine, ditch it and get a dedicated one, as other users of the machine may be sending spam or leaving vulnerable pages which are being used to send spam themselves.

          If you're on an IP address which looks like a dial-up or dynamically assigned address, leave it and get a proper static IP address.

          Ideally get the reverse DNS to resolve to something nice and sensible like www.example.com or web1.example.com, and ensure that the forward DNS for that host also includes that IP (duuh!).

          Add it to the SPF for your domain.

          Ensure that you never forge any of the from headers and never claim the mail comes "from" one of your users - use a standard "From" address in your domain instead.

          AOL are a special case and will blacklist you even if you never send any spam if some of their idiot users report it as spam. You can apply to be on their whitelist (by IP address of course). This will only be effective if you've done all of the above already, genuinely aren't sending spam from that IP and not TOO many of AOL's idiot users report your legitimate mails as spam.

          Mark

            I don't use mail() either. ever since the start of php 4 i've had many issues (some of which are just me being stupid) but in all cases this worked for me and its stupid simple.

            function send_mail($server,$mailto,$mailfrom,$mailfromname,$subject,$message) {
  $sh = fsockopen($server, 25, $errno,$errstr,15);

  if (!$sh) {
    echo "Failed to connect to $server". $errno . " | " . $errstr;
   } else {
     $verify = fgets($sh, 128);
     if (!eregi("220",$verify)) {
       echo "Verify Error, No connect string recieved | $verify";
     } else {
      fwrite($sh,"HELO $server\r\n");
      fwrite($sh,"MAIL FROM: $mailfrom\r\n");
      fwrite($sh,"RCPT TO: $mailto\r\n");
      fwrite($sh,"DATA\n");
      fwrite($sh,"Subject: $subject\r\n");
      fwrite($sh,"From: $mailfromname <$mailfrom>\r\n\r\n");
      fwrite($sh,"$message\r\n");
      fwrite($sh,".\r\n");
      $verify = fgets($sh,128);
       if (!eregi("250",$verify)) {
        echo "Error: ". $verify;
        } else {
        echo "<div class=\"boxes\">Message Sent!</div>";
        }
      fwrite($sh,"quit\r\n");

  }
   }
  fclose($sh);
}

              The above is daft. Don't write your own SMTP implementation (PHP has one built in!), and don't use SMTP if there is a local MTA available (e.g. if sendmail is working).

              A local MTA is pretty much essential, as this is the only way which mail will get queued correctly if the upstream server (smart host or whatever) is down for any reason.

              Neither PHP's SMTP implementation, nor the above piece of code, have any provision for queueing and retrying in the event of a server failure.

              Mark

                MarkR wrote:

                The above is daft. Don't write your own SMTP implementation (PHP has one built in!), and don't use SMTP if there is a local MTA available (e.g. if sendmail is working).

                A local MTA is pretty much essential, as this is the only way which mail will get queued correctly if the upstream server (smart host or whatever) is down for any reason.

                Neither PHP's SMTP implementation, nor the above piece of code, have any provision for queueing and retrying in the event of a server failure.

                Mark

                I realize i'm new to the forums but what you say is not 100% accurate, i think its a terminology issue.

                By MTA i'm assuming you are talking about mail transport agent which is prety much any SMTP (simple mail transfer protocol NOT send mail to people as some people call it). Sendmail, Postfix, Qmail, IMail and many others all include SMTP servers and are considered a MTA.

                What the script does is connect to port 25 of the specified server (usually would be the domain or server that the script is hosted at). Port 25 is by default the SMTP port for MTA's and sends the RFC commands in correct order (unless i missed something) to send a message.

                the built in PHP command and script above in my mind is more of a Mail Transport Client. Neither the mail() or script above have queing, nor do they really need it. Queuing is handled by the MTA such as sendmail,postfix,imail,qmail, etc.... This is a non issue. If you want queing (like an Outbox) use Thunderbird or Eudora Mail Clients.

                Any mail you send with any client does what the above script does ( in essense ) at some point regardless of what mail client you use only using sockets you have complete control over what is being sent and recieved.

                use what works or what you like best, mail, the script above, PHPMailer what have you, dosn't matter to me as long as you do it for the right reasons, it works and does not leave people open to spam 🙂

                  The problem I have, is that your code is simply a SMTP implementation. This is unnecessary in the extreme, as :

                  1. On Unix mail() invokes sendmail (or other MTA) so you don't need to speak SMTP yourself
                  2. On win32, mail() speaks SMTP itself anyway.

                  Both approaches have the advantage of requiring less code, and have better error checking than the above fragment.

                  Moreover, the commonly used approach of sending via SMTP to your ISP's mail relay, is basically flawed, as this machine could legitimiately be down while your web site was up, resulting in:
                  a) Logn delay for the user while it tries to connect to a dead SMTP server
                  b) No mail sent

                  Using a local MTA is the right thing to do, as it will queue it locally- so even if the smart host is down it will be sent later.

                  Mark

                    i had an issue where i would send mail using mail() and it would return true (meaning it had been accepted into the mail queue) and it NEVER got sent. Actually, it would get sent if the destination email was a domain hosted by my local mail server.

                    post is here:
                    http://www.phpbuilder.com/board/showthread.php?t=10326755

                    The solution (at least what is working right now) has been phpmailer. i'm not certain, but i believe this is basically just an SMTP client...a more elaborate version of what redrage has done.

                    it's working. i'm assuming that if the mail server is down, then a timeout can occur and return an error to the user which would at least let them know something was wrong.

                    in the case of my local machine returning a result of TRUE for a call to mail() and then watching the mail log very clearly REJECT the mail, i have basically lost my faith in mail() and the MTA (whatever the hell that is).

                    Is redrage's approach really so bad?

                      MarkR wrote:

                      Moreover, the commonly used approach of sending via SMTP to your ISP's mail relay, is basically flawed, as this machine could legitimiately be down while your web site was up, resulting in:
                      a) Logn delay for the user while it tries to connect to a dead SMTP server
                      b) No mail sent

                      Using a local MTA is the right thing to do, as it will queue it locally- so even if the smart host is down it will be sent later.
                      Mark

                      By ISP i ment your web host or server where the page is stored. Generally thats what one would use. the message itself will not get queued until it hits the sendmail deamon (untill it goes through SMTP a server) anyway so this is still a non issue. Basically what I did was skip the middle man (the sendmail wrapper) but it still uses the local MTA assuming you use your server/domain as the $server var.

                      another nice thing about using sockets to connect to smtp, you can change the server var as well. What if your local mta is down? If you do not have control of your server or if you cannot fix it right away, you can just change the server var to a different one assuming you have access to another relay.

                      You are 100% correct about the error checking. I only checked for Connection and the final verify code. Unless the script screws up and sends the info in the wrong order those are the only 2 that matter. but there should be more.

                      I do assume people have their own server(s) either dedicated or co-located, and i shouldn't, most people don't.

                      I have no problem with people using mail() but if there are issues, it is nice to have other options.

                        I think what MarkR was sayins is that when php uses mail() to send mail that the mechanism that does so has an additional layer of buffering between your web server and whatever mail server is involved.

                        If your mail servre is down, then the MTA might be able to 'take orders' for mail to be sent and would be happy to cue up your mail once the mail server comes back up.

                        I don't know this to be true, but don't mind speculating 😉

                        BAD NEWS: Just was ordered today by my hosting provider to NOT USE phpmailer because it is considered vulnerable to hackers.

                          So look for some free SMTP class for PHP on Google or something.

                          I'd never heard of a big ordeal about vulernabilities in PHPMailer.

                            you could always use imap_mail() too

                            there are many options 🙂

                            If the web/mail server is down the last thing i would be worried about is if my mail script still functions lol.

                              i had my sysadmin watching mail logs yesterday as i tested mail vs. phpmailer. apparently the particular server i was developing on didn't have reverse DNS. A number of domains were rejecting mail because they could verify the server was what it claimed to be.

                              I think this would still be a problem with imap_mail.

                                nope, no PTR recrod and most places will not accept your mail regardless how it is sent

                                  well the phpmailer mail was getting through because it was routed through the legit mail server (with proper reverse DNS). In fact, it went straight to the inbox without being filtered into the junk mail folder!

                                  That said, i hear rumors that it can be used as an open relay somehow.