Signup with email authentication, only 30% are activated?

Question

I am using php and mysql. And my site is in flash (full flash site)

I have a website which let users to sign up. The signup process including sending "activation email", click link to activate account.

The first two weeks was fine. Out of around 2000 users, 1800 users are activated. After that, the activated users drop drastically, to about 30%. Example: 1000 users signup, only 300 were activated.

At first, I found the problem is because the email could not be reach to ymail, msn and gmail users. (Most of my subscribers are Ymail (yahoo), hotmail/msn(live) and gmail (gmail)). I tried signup using ymail and hotmail, but i didnt get any activation email. I contacted yahoo and msn, eventually my email can go through now.

However, my signup statistic still showing, the activated users are only about 30%, which very confuse me. I contact my hosting company, ask them the whitelist my IP. And they did it.

I need your advice/help on following questions:

How to check where the problem lies? Is the email not delivered? User receive email but didnt click the activation link?

I am using php mail funstion. and this is my headers:

  $headers = 'MIME-Version: 1.0' . "\r\n";

  $headers .= 'Content-type: text/html; charset=UTF-8' . "\r\n";

  $headers .= 'From: Admin <\admin@domain.com>' . "\r\n";

  $headers .= 'Return-Receipt-To: Bounce <\bounce@domain.com>' . "\r\n";

  $headers .= 'Reply-To: Admin <\admin@domain.com>' . "\r\n";

  $return_path = "\bounce@domain.com\";

(I hide my domain name, and i add backslashes within emails, cuz if not, the email wont show here, weird)

Is there anything wrong with the headers?

What can I do to improve my registration/signup activation process?

Ivan Krechetov · Accepted Answer · 2009-12-07T07:28:41.153

1

You should pass your return path as "-f" parameter for mail() function:

mail(
    $this->recipient,
    $subj,
    $this->body,
    $this->compose_headers(),
    '-f ' . Options::obj()->mail->return_path);

Also, for the best results, if the sending server has a public domain name example.com, the return path should be something@example.com.

Anyway, you should definitely check the logs (/var/log/mail*) to know exactly what's going on.

edited Dec 07 '09 at 07:28

answered Dec 07 '09 at 07:20

Ivan Krechetov

18,802
8
49
60

Hi Ivan, this is my send script: mail($toUser,$subject,$body,$headers, "-f".$return_path) I am using php mail() – mysqllearner Dec 07 '09 at 07:23
Is there any difference? Should I paste all my send mail code here?? – mysqllearner Dec 07 '09 at 07:24
-f, and that reverse DNS search-ability (something@example.com from example .com) makes a huge difference, from my experience. – Ivan Krechetov Dec 07 '09 at 07:27
hmm.. Based on Dipen answer, if i use phpmailer or swiftmailer and google smtp, will it solve the problem? – mysqllearner Dec 07 '09 at 07:41
I see. I cant find the log files, I am using plesk. "Does your return path host match the DNS name of the server you send mail from?" you mean the domain name? My DNS is www.xxxabc.com, return-path is bounce@xxxabc.com, i think its the same? Sorry i need to protect my domain name. I am new to this stuff. – mysqllearner Dec 07 '09 at 08:15
Yes, that's what I mean. Sir, you should really get to the logs. Otherwise you may loose a loooot of time trying to guess what the problem is. – Ivan Krechetov Dec 07 '09 at 08:18
BTW, did you check the return-path inbox for the bounced messages? – Ivan Krechetov Dec 07 '09 at 08:20
@ivan: I am looking for that log files now :( yeah, i did check the return-path inbox. it does return the receipt, indicate the emails have sent to particular emails address. – mysqllearner Dec 07 '09 at 08:27
This is 1 of the return email I received: This is a receipt for the mail you sent to at 11/28/2009 10:54 AM This receipt verifies that the message has been displayed on the recipient's computer at 11/28/2009 4:03 PM – mysqllearner Dec 07 '09 at 08:28
Another problem we had once was too many bad addresses at a certain domain. So, if you bomb Gmail with invalid addresses too much, they may block you completely. That will be in the logs. – Ivan Krechetov Dec 07 '09 at 08:32
I found the log folder, inside have lots of sub folders. HTTPMAIL, IMAP, LS, MTA, POP, POPC, SF, SMTP. I am reading the MTA logs files, is it correct? – mysqllearner Dec 07 '09 at 08:54
@Ivan: I found this errors. RCPT RCPT TO: 503 This mail server requires authentication when attempting to send to a non-local e-mail address. Please check your mail client settings or contact your administrator to verify that the domain or address is defined for this server. – mysqllearner Dec 08 '09 at 07:33
This means your SMTP server requires authentication (username and password) to send messages outside. Check your mailer configuration. – Ivan Krechetov Dec 08 '09 at 07:38
Weird. I disabled the "authentication". Never mind, i go and check again – mysqllearner Dec 08 '09 at 07:58

score 1 · Answer 2 · answered Dec 07 '09 at 07:24

Try using gmail as your smtp server istead of mail server like sendmail from a domain. Using gmail smtp would kinda ensure that your mails are sent on best effort surity. Also Gmail would not be treated as spam unless email id is marked as spam (so try using a one which is safe). To improve singup->activation through put your best bet is to ensure that email is reaching user's inbox.

For safety net you can have a feature in which you allow user to resend the activation link if the first one failed for some reason.

If you are uncomfortable using gmail as smtp, you can sign up ur domain with google apps (but that might require changes in business needs) and you can have admin@domain.com kind of email and still use efficient gmail smtp servers.

There are many libraries out there like phpMAiler which allows to use external smtp servers. Note all data through gmail servers go via SSL or TSL.

Is it legal to use Gmail smtp?? I heard of phpmailer and I am comparing it to swiftmailer now. Resend activation link might sound a good idea, but if its cant go through their mailbox, its no use to spam clicking it right? I mean, it just wont go through (well, this is what I though), unless I am wrong :( — mysqllearner, Dec 07 '09 at 07:38

score 0 · Answer 3 · answered Dec 07 '09 at 07:22

0

Do you have access to the log files of the email server sending out the registration emails? Any bounced emails normally go back to the sending server. By monitoring the log files you can check and see what number of emails (if any) are still getting bounced back.

What kind of access do users have to your web site without an activated email address? Are any features disabled? Are there any incentives to activate or use a real email address?

answered Dec 07 '09 at 07:22

leepowers

37,828
23
98
129

@pygorex1: I dont have the log files. Where can I get it? Basically, until the user account is activated, there is nothing much that user can do. – mysqllearner Dec 07 '09 at 07:35
You would need to ask your hosting provider about accessing the log files. – leepowers Dec 07 '09 at 07:44
Asked, but i think need to wait 24 hours to response. I am using plesk, any idea of where the file is located? – mysqllearner Dec 07 '09 at 08:17

score 0 · Answer 4 · answered Dec 07 '09 at 07:48

Your example doesn't show a Date header which is a required field. In my experience some mail handlers reject emails that don't have one (and some just add one with the current date.) If your actual code doesn't have one then try adding one and seeing if it makes a difference.

Search for RFC2822 for information on what is required,

Signup with email authentication, only 30% are activated?

4 Answers4

Linked