2

Using CI's email library, I have the following code to send a pw to a user:

$email_html_message         =   '<html><body>'.
                                        'Your password is '.$password.'<br>'.
                                        '<a href="'.  base_url().'">Login to MySite</a>'.
                                        '</body></html>';


        $config['charset']  =   'iso-8859-1';
        $config['mailtype'] =   'html';
        $this->email->initialize($config);

        $this->email->from('ray@MySite.com', 'MySite Admin');
        $this->email->to($user_email);
        $this->email->subject('Your MySite Login');
        $this->email->message($email_html_message);
        $this->email->send();

I tested this code on two accounts: Gmail and my ISP's smtp email account.

Both tests sent an email, but here's the problem:

If I click reply through gmail, the Reply TO address is the address the e-mail was sent to:

enter image description here

This does not happen when I click reply through Windows Mail (e.g. my smtp account).

Here is the "original message" with headers from gmail:

Delivered-To: ray023@gmail.com
Received: by 10.114.17.8 with SMTP id k8csp412473ldd;
        Wed, 31 Oct 2012 07:27:06 -0700 (PDT)
Received: by 10.220.142.79 with SMTP id p15mr18061226vcu.71.1351693626443;
        Wed, 31 Oct 2012 07:27:06 -0700 (PDT)
Return-Path: <bounce-cgi-moo.ray023@yourhostingaccount.com>
Received: from mailout12.yourhostingaccount.com (mailout12.yourhostingaccount.com. [65.254.253.98])
        by mx.google.com with ESMTP id p5si2963631vcv.55.2012.10.31.07.27.05;
        Wed, 31 Oct 2012 07:27:05 -0700 (PDT)
Received-SPF: pass (google.com: domain of bounce-cgi-moo.ray023@yourhostingaccount.com designates 65.254.253.98 as permitted sender) client-ip=65.254.253.98;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of bounce-cgi-moo.ray023@yourhostingaccount.com designates 65.254.253.98 as permitted sender) smtp.mail=bounce-cgi-moo.ray023@yourhostingaccount.com
Received: from mailscan13.yourhostingaccount.com ([10.1.15.13] helo=mailscan13.yourhostingaccount.com)
    by mailout12.yourhostingaccount.com with esmtp (Exim)
    id 1TTZG5-0005Lf-Dt
    for ray023@gmail.com; Wed, 31 Oct 2012 10:27:05 -0400
Received: from impout01.yourhostingaccount.com ([10.1.55.1] helo=impout01.yourhostingaccount.com)
    by mailscan13.yourhostingaccount.com with esmtp (Exim)
    id 1TTZG2-0007KY-GM
    for ray023@gmail.com; Wed, 31 Oct 2012 10:27:02 -0400
Received: from cgi1703.yourhostingaccount.com ([10.1.12.150])
    by impout01.yourhostingaccount.com with NO UCE
    id HqT21k00s3EEVBe01qT2XN; Wed, 31 Oct 2012 10:27:02 -0400
X-Authority-Analysis: v=2.0 cv=IICA+3TG c=1 sm=1 a=0bVzInp0yugA:10
 a=UT1nndvi2uwA:10 a=e1QP36Bl1McA:10 a=Gm7PUgscJ9MA:10 a=jPJDawAOAc8A:10
 a=mM4-eZ0ns8IA:10 a=PgEUWBzPAAAA:8 a=2RTERvT5bsMA:10 a=t2MNXjrCa7SdDSCJ3MYA:9
 a=wPNLvfGTeEIA:10 a=_W_S_7VecoQA:10 a=MvC2+Uy32Q89d9+Fzzoamg==:117
X-EN-OrigOutIP: 10.1.12.150
X-EN-IMPSID: HqT21k00s3EEVBe01qT2XN
Received: from moo.ray023 by cgi1703.yourhostingaccount.com with local (Exim)
    id 1TTZFR-0003Hw-20
    for ray023@gmail.com; Wed, 31 Oct 2012 10:26:25 -0400
X-EN-Info: U=moo.ray023 P=/index.php
X-EN-CGIUser: moo.ray023
X-EN-CGIPath: /index.php
X-EN-OrigIP: 173.191.128.136
To: ray023@gmail.com
Subject: =?iso-8859-1?Q?Your_MySite_Login?=
X-PHP-Originating-Script: 3651509:Email.php
User-Agent: CodeIgniter
Date: Wed, 31 Oct 2012 10:26:24 -0400
From: "MySite Admin" <ray@MySite.com>
Reply-To: "ray@MySite.com" <ray@MySite.com>
X-Sender: ray@MySite.com
X-Mailer: CodeIgniter
X-Priority: 3 (Normal)
Message-ID: <5091351101295@MySite.com>
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="B_ALT_50913511012dd"
X-EN-Timestamp: Wed, 31 Oct 2012 10:26:25 -0400
Sender:  "MySite Admin" <ray@MySite.com>

This is a multi-part message in MIME format.
Your email application may not support this format.

--B_ALT_50913511012dd
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

Your password is Login to MySite


--B_ALT_50913511012dd
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

<html><body>Your password is <br><a href=3D"http://MySite.com/">Logi=
n to MySite</a></body></html>

--B_ALT_50913511012dd--

Any idea on how to fix this with gmail?

ray
  • 8,521
  • 7
  • 44
  • 58
  • All the headers look to be set properly, there is no reason gmail should be using that address for a reply. Does this happen consistently for other addresses as well? Also, don't send plaintext passwords through email. It is very poor security practice. – Sammitch Oct 31 '12 at 14:53
  • @Sammitch I only have two "users" on the site and they are both me. I understand the security issue with the pw but taking it one step a time. If I get beyond a single user, I'll code a more secure pw reset. – ray Oct 31 '12 at 14:58
  • As far as I know, this is enforced by Google to prevent abuse. In other words, you can't change it. – Repox Oct 31 '12 at 15:05
  • @repox That's a peculiar security measure. Gmail team: "We will allow these types of e-mails to show up in the InBox (not spam) and allow the user to see the reply address; but, to prevent abuse, when they click reply, it'll show the user's own Gmail account." – ray Oct 31 '12 at 16:41
  • @ray023 try Googling for the difference between the Return-Path and From header. – Repox Oct 31 '12 at 21:44
  • @Repox Why would I do that? What nugget of info are you pushing me to learn? That comment was so generic it was not helpful at all. It's ok, though. I found the answer on my own. – ray Nov 01 '12 at 02:45
  • @ray023 Great - by some Googling or did the answer just fall down from the sky and accidentally end up in your lap? – Repox Nov 01 '12 at 10:00
  • @Repox I have yet to have an answer fall from the sky. It was [just the right web query](http://tinyurl.com/gmailReplyTo) that pointed me to the answer for this unusual Use Case. – ray Nov 01 '12 at 19:46

1 Answers1

2

After testing a Yahoo mail account and a separate Gmail account (both which worked btw), I found the problem was specifically with my gmail account only.

After searching a little, I found a good question on SO that pointed me to this article (special note made in bold):

I have experienced the same issue with a PHP contact form which sends mail to my Gmail account. If the "From" address is either the same as the "To" address, or is configured in GMail Settings as one of the 'Send As...' accounts, Gmail replies to the "To" address instead of the "Reply-To" address. An easy workaround is to specify a non-Gmail "From" address. Now it works and Gmail properly respects the "Reply-To" address. There is no doubt at all in my mind that this is a bug in Gmail.

The part is bold is how my Gmail is set up.

Community
  • 1
  • 1
ray
  • 8,521
  • 7
  • 44
  • 58