[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 161
  • Last Modified:

php mail() function, mail getting lost on one network and not others

Simplified Version:
I am sending mail using the PHPmailer class. I can get the mail at personal and other email addresses, but I cannot retrieve at my work network email. Most likely firewall blocking or spam filtering. What is wrong?

Detailed Version:
Our work network uses a firewall and advanced spam filtering. I cannot access them directly to get more information. I would have to talk to IT department and take a long time. Hopefully someone has a solution that I can try without more information about the configurations...

I am using PHPmailer class to compose email and send to an email address on our network. The email is coming from our web server outside the network. The class is working because I can get the emails in my yahoo account etc...

My question is... How do I debug this issue? Is there anything I can do to avoid spam filters and try that? the script is set to use the php mail() function to send the mail and not an SMTP client. Although I believe the mail() function opens and closes an SMTP socket for each email. anyways, hope someone can shed light.

  • 2
1 Solution
Without hearing any more than what you've described, my first instinct would be to use sender-id with all your emails, especially if your filtering is based on MS technology.

(explanation of sender-id below - skip it if you're already "in the know")

Sender-id is intended to be like Caller-id, where you know exactly who is sending you an email because of the ip address they use. Now, domain names in the "from" address are fairly easy to fake, especially when using php mail(). So, many spammers would like to pretend to send email from legitimate businesses using the mail() function, and before sender-id had become so widely adopted the tactic was very successful. However, it is not nearly so easy to fake the sending computer's IP address. So, sender-id works by setting up a domain's DNS record to include a line that says basically "This is the IP I send my mail from. If you happen upon any mail that claims to be from me, but originates from a different IP address, please toss it in the rubbish bin and think no more upon it." (I've been reading old-fashioned novels lately and it's showing up in all sorts of weird places)

Now, MS is a huge proponent of sender-id. If you're sending mail from a domain that uses sender-id without also originating from the IP address it says you should, MS (and many others) will filter you into the ether without a second thought. If you're just sending from a domain that doesn't use a sender-id policy, you aren't guaranteed to be filtered, but it becomes a factor against you, which could lead to that happening.

So, what to do about it? Well, if you have access to change your server's DNS record, then just set up a sender-id policy yourself and I'd be willing to bet that it fixed your problem. With php mail() you'll generally have 2 return addresses in your headers. The first is your "reply-to" header, which will be the same for all mail sent that way. The second is your "from" header, which you can (and should) set with the optional "$header" paramater. For best results, make sure that both DNS records (if they're different) are set so that mail from your IP is declared to be genuine.

If you don't have access to change your server's DNS record, find the person who does and bug them to do it.

MS has released a handy little wizard that you can use to create a sender-id policy. You can also to check to make sure you've deployed it correctly. Check out this link: http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

Good luck!
makman24Author Commented:
Ok. The problem was that we do not host mail services on this box but the box thought it was since it has mail services activated. I turned off mail service for our domain on the box and the mail was sent out.


I guess that makes sense. I'm sorry if my answer took you off in a different direction. The points were kind of you, but I don't think I deserved them.

Thank you

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now