Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 493
  • Last Modified:

PHP and SMTP Sending Email

What's the best method of sending mail while using SMTP credentials?

I have a cron job that checks the database for certain flags if the requirements are met then it will send an email out.  Just sending mail with the normal method in PHP all my mail goes to spam.  I figured if I used smtp credentials it's more likely to be inbox'd?
Nathan Riley
Nathan Riley
  • 3
  • 2
  • 2
  • +2
3 Solutions
Dave BaldwinFixer of ProblemsCommented:
No, that's not true.  Email is a mess and many places are blocking many different things.  If your email is going thru and getting put in spam, you need to get the person receiving it to white list the email address so it gets put in the inbox.
Dave is right.  Even with perfect headers, and a correctly configured mailserver you can still end up in the spam folder if the receiving user is fully locked down, or if at some point the IP you are using got dropped into a blocked list.

The only way to insure your mail ends up in the inbox is if the user whitelists you.

Nathan RileyFounder/CTOAuthor Commented:
Hmm...that will be tough since the users register on the site and then receive email.  

So using SMTP credentials versus regular PHP mail has no benefit then?
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Dave BaldwinFixer of ProblemsCommented:
No, none.  That does not change the 'user' or IP address that is sending the email which is what the receiver sees.  It is better to send from an email address that does exist so it can be checked by the receiving email server.
Nathan RileyFounder/CTOAuthor Commented:
Got it, well the mail will be sent from the server that the domain and website reside on as well.  So they will share the same IP address.

Do you have any tips on the correct way to setup headers and such with PHP mail to get a better chance of inboxing?
Dave BaldwinFixer of ProblemsCommented:
Here is my PHP email demo with appropriate headers.  Save as "Email.php" so it can post to itself.  Change '$toText' to your own email address.  While bad formatting could be a problem, even 'perfect' formatting won't get you into the 'inbox' because that is not what they usually check.  An email from a 'new' address has a very high probability of going into the 'Spam' folder because the email address won't be in the address book.

# some settings of POST vars
if (!isset($_POST['submit']))  $submit = ''; else $submit = $_POST['submit'];
if (!isset($_POST['subjectText'])) $subjectText = ''; else $subjectText = $_POST['subjectText'];
if (!isset($_POST['msgText'])) $msgText = ''; else $msgText = $_POST['msgText'];
if (!isset($_POST['ccText'])) $ccText = ''; else $ccText = $_POST['ccText'];
if (!isset($_POST['bccText'])) $bccText = ''; else $bccText = $_POST['bccText'];
if (!isset($_POST['nameText'])) $nameText = ''; else $nameText = $_POST['nameText'];
if (!isset($_POST['fromText'])) $fromText = ''; else $fromText = $_POST['fromText'];

if ($submit == "") {
    $title="Test Email Page";
else {
	if($fromText === "") die("No name!");
	$title="Test Email Page";
  $announce="Your Message has been Sent!";
	$header = "From: ".$fromText."\r\n";
//	$header .= "Cc: ".$ccText."\n";
	$header .= "Reply-To : ".$fromText."\r\n";
	$header .= "Return-Path : ".$fromText."\r\n";
	$header .= "X-Mailer: PHP\r\n";
	$header .= "MIME-Version: 1.0\r\n";
	$header .= "Content-Type: text/plain; charset=iso-8859-1\r\n";
//	ini_set(sendmail_from,$fromText);  
	mail($toText, $subjectText, $msgText, $header, '-f'.$fromText);
//	ini_restore(sendmail_from);
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title><?php echo($title)?></title>
<style type="text/css">
A:link { color: #999999; }
A:visited { color: #999999; }
A:hover {color: #0099ff;}
<script type="text/javascript">
function check()
var at=document.getElementById("fromText").value.indexOf("@");
var eml=document.getElementById("fromText").value;
var nam=document.getElementById("nameText").value;
var alerttxt="";
var submitOK="true";

if (eml.length < 5 || at == -1)
    alerttxt=alerttxt+"Please enter a valid e-mail address!\r\n";
    //return false;
if (nam.length < 3)
    alerttxt=alerttxt+"Please enter your name.\r\n";
    //return false;
if (submitOK=="false")
    return false;

// -->

<body bgcolor="#ddeedd">
<div align="center">
<table border="0" cellpadding="0" cellspacing="0" summary="" width="580">
<tr><td align="center">

if ($submit != "") {
   	echo ("To: ".$toText."<br>\r\nSubject: ".$subjectText."<br>\r\n".$msgText."<br>\r\n".$header);

<p><b><font color="#000000" size="5">Test Email</font></b></p>
<font size="4" color="#000000">

<form method="POST" action="Email.php" onsubmit="return check();">
    <p><font size="3"><b>Name: <input type="text" name="nameText" id="nameText" size="46"></b></font></p>
    <p><font size="3"><b>Email: <input type="text" name="fromText" id="fromText" size="46"></b></font></p>
    <input type="hidden" name="subjectText" value="Web Mail">
    <p><font face="Arial" size="3"><b>Message Text:</b></font></p>
    <p><font face="Arial" size="3"><b><textarea rows="6" name="msgText" cols="60"></textarea></b></font></p>
    <p><font size="3"><b><input type="submit" value="submit" name="submit" style="font-family: Arial; font-size: 12pt; font-weight: bold"></b></font></p>
    <input type="hidden" name="state" value="1">
  <b><font face="Arial" size="4" color="#e00000"><?php echo($announce)?></font></b><br><br>



Open in new window

One of the things I do is let the user know that they should check the spam folder if they do not see the confirmation email in their inbox.  I also ask them to whitelist the address in the confirmation email and on the confirmation page.

Ray PaseurCommented:
Ask them to check a box on the registration form that says, "I have whitelisted the email address "xxx@YYY.org" and if they check the box, there is some chance that they will actually whitelist the address.

Send them a registration confirmation email along these lines:

Make sure your SPF records are correct.

Monitor the blacklists to make sure nobody in your block of IP addresses has done something foolish.

Be sure to use a From and Reply-To address that are monitored.  A sure sign of spam is a From address that bounces a message.

Avoid the "spammy" words like "free" "get rich" "viagra" and the like.

Comply with the Can Spam act.

Send a plain text version of anything you send in HTML.

Use "spam checkers" (Google 'em).

Avoid attachments.  Send links instead.

I would try those things first, and see if that helps.  Email is always a thankless battle.  It has been since 2003 when spam was first used to send viruses to unsuspecting clients.  Since then automated email has been relatively unwelcome unless it was very well known to the general public.  Getting a new toehold may take you some time.
This is something that happens so often that I wrote an article dedicated to this specific topic:


While the article is geared more towards commercial mail senders, the same principles apply to everyone. For your situations, I'd just skip the first 3 items and start with point #4 and onward.

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now