0

I have a contact form on my website that uses the php mail function to send the form contents. Should I be setting the 'from' headers as a valid email address for the websites domain... or is it meant to be the email address of the person filling in the form?... Surely if you use the user's email address, it is going to be considered spam, as the email isn't being sent from a server that serves mail for that user's email address?... Thanks, j

jon
  • 1,429
  • 1
  • 23
  • 40
  • No better place to start than the manual http://php.net/manual/en/function.mail.php – Funk Forty Niner Feb 03 '15 at 16:32
  • *"Surely if you use the user's email address, it is going to be considered spam"* - If you intend on using the person's name instead or nothing at all, that would increase the chances of it being Spam. The server's default "From:" address would be `xxx@yourhost.xxx` instead of `xxx@yourdomain.xxx` – Funk Forty Niner Feb 03 '15 at 16:33
  • Thanks Fred... So should I set the from headers, so that it is the default servers address xxx@yourhost.xxx, seeing as the email is being sent from this server? – jon Feb 03 '15 at 16:37
  • No, you're best using `xxx@yourdomain.xxx` and see this question (and accepted answer) http://stackoverflow.com/q/28264307/ on configuring SPF entries in your DNS. – Funk Forty Niner Feb 03 '15 at 16:39
  • http://stackoverflow.com/questions/9899768/phpmailer-sending-mail-to-spam-in-hotmail-how-to-fix/9899837#9899837 – Ian Wood Feb 03 '15 at 16:40
  • Cool. that's what I thought, however I'd looked at the code in quite a few webform templates, and they were programmed to set the 'from' header as whatever the user inputted in the form, which must be wrong. Thanks. – jon Feb 03 '15 at 16:43
  • Thanks Ian, I will take a look at that. J – jon Feb 03 '15 at 16:45
  • Yes, use the person's e-mail as the "From:" and make sure you're using the FILTER_SANITIZE_EMAIL filter http://php.net/manual/en/filter.filters.sanitize.php - I was confused with something else. – Funk Forty Niner Feb 03 '15 at 16:51
  • You can use like `no-reply@` your domain, and the address doesn't really have to exist. The `no-reply` should clue the recipient in to the fact that is doesn't exist or at least replies won't be read. – developerwjk Feb 03 '15 at 16:51
  • Thanks Fred, but surely this would be considered as spam... if for example the user's email was dave@hotmail.com and I set my 'from' headers as dave@hotmail.com then it would be considered as spam because my server doesn't serve email for hotmail. – jon Feb 03 '15 at 17:00
  • Thanks developerwjk, but the problem isn't with regard to the user not replying but whether the from headers should be set to an email address hosted by the server or not? – jon Feb 03 '15 at 17:03

0 Answers0