PHP mail function.... please check the code.... my mails are going to spam and I am receiving so many unwanted queries?

Question

Please check the following PHP mail function code. Is it correct or not? My mails are going into spam. In the following code, I am getting mail, but mails are landing in spam. If I check original text in gmail then it show dmare fail.

<?php 
$your_email = 'yjangir15@gmail.com';
$errors = '';
$name = '';
$visitor_email = '';
$phone = '';
$user_message = '';
if(isset($_POST['submit']))
{
    $name = $_POST['name'];
    $visitor_email = $_POST['email'];
    $phone = $_POST['phone'];
    $user_message = $_POST['query'];
    ///------------Do Validations-------------
    if(empty($name)||empty($visitor_email)||empty($phone))
    {
        $errors .= "\n Name, Email ID and Phone Number. ";  
    }
    if(IsInjected($visitor_email))
    {
        $errors .= "\n Bad email value!";
    }
    if(empty($_SESSION['6_letters_code'] ) ||
    strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0)
    {
        $errors .= "\n Wrong Captcha Code!!!";
    }
    if(empty($errors))
    {   
        //send the email
        $to = $your_email;
        $subject="New Admission Enquiry";
        $from = $visitor_email;
        $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
        $body ='
  <title>A student $name submitted the admission enquiry</title>
  <h1>A student ' . $name . ' submitted the admission enquiry</h1>
  <p>Here are the Details!</p>
  <table>
    <tr>
      <td><b>Name:</b></td><td>' . $name . '</td>
    </tr>
    <tr>
      <td><b>Email Address:</b></td><td>' . $visitor_email . '</td>
    </tr>
    <tr>
      <td><b>Contact No:</b></td><td>' . $phone . '</td>
    </tr>
    <tr>
      <td valign="top"><b>Query:</b></td><td>' . $user_message . '</td>
    </tr>
    <tr>
      <td><b>IP Address:</b></td><td>' . $ip . '</td>
    </tr>
  </table>
 '; 
        $seprator = md5(time());
        $eol = PHP_EOL;
        $headers = "From: " .($from) . "\r\n";
        $headers .= "Reply-To: ".($from) . "\r\n";
        $headers .= "Return-Path: ".($from) . "\r\n";;
        $headers .= "MIME-Version: 1.0\r\n";
        $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
        $headers .= "X-Priority: 3\r\n";
        $headers .= "X-Mailer: PHP". phpversion() ."\r\n";
        mail($to, $subject, $body, $headers);
        header('Location: thankyou.php');
    }
}
function IsInjected($str)
{
 $injections = array('(\n+)',
          '(\r+)',
          '(\t+)',
          '(%0A+)',
          '(%0D+)',
          '(%08+)',
          '(%09+)'
          );
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str))
{
    return true;
}
else
{
    return false;
}
}
?>

Answer 1

First off, since many of the variables used in your script are user-generated, you should sanitize input variables to avoid malicious code from users.

There can be a lot of reasons why your emails end up in the spam folder. The two most important ones being what email server you are using (proper configuration, sender reputation etc.) and the content of the email. In your case, you are sending an email in html format but your markup is incomplete, lacking html, and body tags to wrap your current markup. Setting a charset in your email markup is also a good idea to ensure correct rendering of characters in the recipient side. Avoid using ISO-8859-1, instead use UTF-8 if possible.

I suggest you check out an email library for sending out these emails instead of the php mail() function. Have a look at the popular PHPMailer library.

There are also cloud based email services like Mailgun to consider as they have good sender reputation from start as compared to setting up an email server of your own.

About the "unwanted queries", you need to provide more details for us to be able to help you there.