PDA

View Full Version : Sending CC's to outside domains via PHP



edicola12
01-02-2006, 01:58 PM
Situation: Any user of my site can click on a "contact us" type of link and through a form (and PHP code) send messages to officers etc. I want the sender of the message to also receive a CC of what they send as a courtesy. Note: the PHP code that sends the message is being executed by a legit vodahost domain form and submit program. I hope I'm being clear here.

Results:
* the vodahost domain (my website's email) GETS the form mail ok
* the vodahost domain (my website's email) forwards a copy to alternate mail as set up in voda ok
* sending email address the user gave gets the auto reply from my domain ok
* sending email address for the CC of the message:
- if to something like msn, hotmail, or yahoo it gets routed to JUNK or BULK mail until owner of that account sets spam to allow all from voda, nido.us.com, etc.
- if AOL it gets tossed or lost in the ether... and AOL cannot be trained to let it through (at least I have not been able to train it without destroying all my protection)

Problem: ISP email systems do not like something (and AOL especially doesn't like it). I suspect it has something to do with the mechanism that produces "Return-path: <nobody@voda2.vodahost.com (https://voda2.vodahost.com:2096/3rdparty/squirrelmail/src/compose.php?send_to=nobody%40voda2.vodahost.com)>" Note: I have NO problem with mail sent to AOL or others IF an account holder on my domain signs on to the domain (e.g. via Squirrel mail or Outlook) .. and sends mail using their voda domain account. Again this problem is NOT that situation.

Request: how do I get this form generalized "contact us" mail authenticated so it does not look like forged spam on the CC's?

Here's an example message:

To:site.mgr@nido.us.com, Subject:This is a testFrom:edicola12******.com http://us.i1.yimg.com/us.yimg.com/i/us/pim/el/abook_add_1.gifAdd to Address Book (javascript:document.frmAddAddrs.submit()) http://us.i1.yimg.com/us.yimg.com/i/nt/ic/ut/bsc/txtmess12_1.gifAdd Mobile Alert (http://us.f350.mail.yahoo.com/ym/ShowLetter?MsgId=8364_0_22_1527_247_0_32_-1_0_oSOYkYn4Ur6Rg9WuJfSMZ.S0.uvayXRfGrM2uUrhW6pLq2 uukR1Nv9F1YGpKoNPKd9wZvAg3p8tOZWQdmmCe5cWfCGUNtxPG wLgBt3cFMcDaX5JruHq7G9zGAfalHLGAeGGNUP9sfTsD463EQX FxhpLjfR20ozA1Cw3VQd#)CC:edicola12******.comDate:M on, 02 Jan 2006 06:31:56 -0600
From: edicola12******.com (http://us.f350.mail.yahoo.com/ym/Compose?To=edicola12******.com&YY=80784&order=down&sort=date&pos=0&view=a&head=b) should receive a auto reply confirmation from site.mgr@nido.us.com (http://us.f350.mail.yahoo.com/ym/Compose?To=site.mgr@nido.us.com&YY=80784&order=down&sort=date&pos=0&view=a&head=b)cc: edicola12******.com (edicola12******.com) should recieve a copy of this msgAutoforward from site.mgr@nido.us.com (http://us.f350.mail.yahoo.com/ym/Compose?To=site.mgr@nido.us.com&YY=80784&order=down&sort=date&pos=0&view=a&head=b) to edicola12@msn.com (http://us.f350.mail.yahoo.com/ym/Compose?To=edicola12@msn.com&YY=80784&order=down&sort=date&pos=0&view=a&head=b) should occurSent By: Webmaster Test

Here's the example's header:

Return-path: <nobody@voda2.vodahost.com (https://voda2.vodahost.com:2096/3rdparty/squirrelmail/src/compose.php?send_to=nobody%40voda2.vodahost.com)>
Envelope-to: site.mgr@nido.us.com (https://voda2.vodahost.com:2096/3rdparty/squirrelmail/src/compose.php?send_to=site.mgr%40nido.us.com)
Delivery-date: Mon, 02 Jan 2006 06:31:57 -0600
Received: from edicola by voda2.vodahost.com with local-bsmtp (Exim 4.52)
id 1EtOqy-0008Nv-VO
for site.mgr@nido.us.com (https://voda2.vodahost.com:2096/3rdparty/squirrelmail/src/compose.php?send_to=site.mgr%40nido.us.com); Mon, 02 Jan 2006 06:31:57 -0600
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on voda2.vodahost.com
X-Spam-Level: *
X-Spam-Status: No, score=1.8 required=5.0 tests=FORGED_YAHOO_RCVD,
MAILTO_TO_SPAM_ADDR,NO_REAL_NAME,NO_RELAYS autolearn=no version=3.1.0
Received: from nobody by voda2.vodahost.com with local (Exim 4.52)
id 1EtOqy-0008Nq-KY; Mon, 02 Jan 2006 06:31:56 -0600
To: site.mgr@nido.us.com (https://voda2.vodahost.com:2096/3rdparty/squirrelmail/src/compose.php?send_to=site.mgr%40nido.us.com),
Subject: This is a test
From: edicola12******.com (https://voda2.vodahost.com:2096/3rdparty/squirrelmail/src/compose.php?send_to=edicola12%40yahoo.com)
Cc: edicola12******.com (https://voda2.vodahost.com:2096/3rdparty/squirrelmail/src/compose.php?send_to=edicola12%40yahoo.com)
Reply-To: edicola12******.com (https://voda2.vodahost.com:2096/3rdparty/squirrelmail/src/compose.php?send_to=edicola12%40yahoo.com)
X-Mailer: PHP/4.4.1
Message-Id: <E1EtOqy-0008Nq-KY@voda2.vodahost.com>
Date: Mon, 02 Jan 2006 06:31:56 -0600

VodaHost
01-02-2006, 03:52 PM
Here is the problem.....Email systems today use something called a fraud score
and they breakdown all incoming emails into two categories....

1) SMTP mail
2) PHP mail

SMTP mail gets a very low fraud score and "most of the time" does not get
rerouted to junk mail or spam folders...for two reason...SMTP mail has more
traceble headers, therefore it is easier to track and most SMTP mail comes
from email clients like outlook, outlook express, thunderbird, etc...

PHP mail gets a very high fraud score because it by passes the ISP's spam
safe guards...the headers can easily be manipulated and it is much easier
to send out in bulk.

Almost all PHP mail will go straight to the junk mail or spam folder unless the
receiver has white listed the sender.

So in a nut shell...send out your mail with smtp authenication or do what
we did and contact all the major email provicers, Yahoo, AOL, MSN, etc..
and get your domain white listed.

edicola12
01-02-2006, 04:18 PM
Thank you very much for your detailed response and wishing you all the best in 2006

Yes whitelist had to be done on AOL just to receive normal SMTP mail from my nido.us.com voda account!!! I did that a couple months ago or so ... AOL is very particular about how the reverse address is set up and since I am too novice to get voda or the planet (the planet btw admitted it is set up nido.us.com quasi right on their part) to make changes -- AOL finally relented and whitelisted it ... However this apparently has no positive effect in the situation I'm describing..

In any case unless there is a way of teaching me without undue pain how to turn on a mail server (something like signon under the covers as legit site.mgr@nido.us.com.. so email is not really sent out as php mail but as normal account mail) I'll let you go ...

The sender will receive a confirmation and eventually a response from the person contacted... they'll have to live with that ... or if they are regular users and they have yahoo, hotmail, or the like ... teach their account to accept our "nobody" mail

Thanks -- and I LOVE VODAHOST !!!