Skip to content
Advertisement

How can i get the correct “from” emailaddress, using PHPMailer and Google Apps?

I use a simple PHPMailer form to allow the users of my website to contact me through a contact form. I use my google apps account to send the mail. In the script i set the emailaccount the user provides me as the “from address”.

Until a few weeks ago, this went well. From Google Apps i could click on reply to send a reply to the user contacting me.

However, recently, without changing anything in my code, when i click on reply, i send an email to myself. Is this something Google changed in its policy? Or did i maybe do something wrong incidentally?

This is the output i get. I use info@kynero.nl to send and use jaapklok@gmail.com as customer account. However, when i open the mail i receive in info@kynero.nl and click on reply, i send an email to info@kynero.nl instead of jaapklok@gmail.com

2019-02-06 20:34:31 SERVER -> CLIENT: 220 smtp.gmail.com ESMTP x38sm6269222edx.24 - gsmtp
2019-02-06 20:34:31 CLIENT -> SERVER: EHLO www.kynero.nl
2019-02-06 20:34:31 SERVER -> CLIENT: 250-smtp.gmail.com at your service, [2a0b:7280:200:0:4d0:baff:fe00:d8e]250-SIZE 35882577250-8BITMIME250-STARTTLS250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8
2019-02-06 20:34:31 CLIENT -> SERVER: STARTTLS
2019-02-06 20:34:31 SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
2019-02-06 20:34:31 CLIENT -> SERVER: EHLO www.kynero.nl
2019-02-06 20:34:31 SERVER -> CLIENT: 250-smtp.gmail.com at your service, [2a0b:7280:200:0:4d0:baff:fe00:d8e]250-SIZE 35882577250-8BITMIME250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8
2019-02-06 20:34:31 CLIENT -> SERVER: AUTH LOGIN
2019-02-06 20:34:31 SERVER -> CLIENT: 334 VXNlcm5hbWU6
2019-02-06 20:34:31 CLIENT -> SERVER: <credentials hidden>
2019-02-06 20:34:31 SERVER -> CLIENT: 334 UGFzc3dvcmQ6
2019-02-06 20:34:31 CLIENT -> SERVER: <credentials hidden>
2019-02-06 20:34:31 SERVER -> CLIENT: 235 2.7.0 Accepted
2019-02-06 20:34:31 CLIENT -> SERVER: MAIL FROM:<jaapklok@gmail.com>
2019-02-06 20:34:31 SERVER -> CLIENT: 250 2.1.0 OK x38sm6269222edx.24 - gsmtp
2019-02-06 20:34:31 CLIENT -> SERVER: RCPT TO:<info@kynero.nl>
2019-02-06 20:34:31 SERVER -> CLIENT: 250 2.1.5 OK x38sm6269222edx.24 - gsmtp
2019-02-06 20:34:31 CLIENT -> SERVER: DATA
2019-02-06 20:34:31 SERVER -> CLIENT: 354 Go ahead x38sm6269222edx.24 - gsmtp
2019-02-06 20:34:31 CLIENT -> SERVER: Date: Wed, 6 Feb 2019 21:34:31 +0100
2019-02-06 20:34:31 CLIENT -> SERVER: To: info@kynero.nl
2019-02-06 20:34:31 CLIENT -> SERVER: From: Jaap Klok <jaapklok@gmail.com>
2019-02-06 20:34:31 CLIENT -> SERVER: Reply-To: Jaap Klok <jaapklok@gmail.com>
2019-02-06 20:34:31 CLIENT -> SERVER: Subject: Aanvraag via Inschrijfformulier op kynero.nl
2019-02-06 20:34:31 CLIENT -> SERVER: Message-ID: <0bYvsZOe3xY7iWVxMyFA2uxOvWVDPpl5CAX58DcXA@www.kynero.nl>
2019-02-06 20:34:31 CLIENT -> SERVER: X-Mailer: PHPMailer 6.0.5 (https://github.com/PHPMailer/PHPMailer)
2019-02-06 20:34:31 CLIENT -> SERVER: MIME-Version: 1.0
2019-02-06 20:34:31 CLIENT -> SERVER: Content-Type: text/html; charset=iso-8859-1
2019-02-06 20:34:31 CLIENT -> SERVER: 
2019-02-06 20:34:31 CLIENT -> SERVER: Naam: Jaap Klok <br />
2019-02-06 20:34:31 CLIENT -> SERVER: Inschrijving: Detectie vrijdag 10.00 <br />
2019-02-06 20:34:31 CLIENT -> SERVER: Algemene voorwaarden: Akkoord <br />
2019-02-06 20:34:31 CLIENT -> SERVER: Bericht: Test 3 - 21:36
2019-02-06 20:34:31 CLIENT -> SERVER: 
2019-02-06 20:34:31 CLIENT -> SERVER: .
2019-02-06 20:34:32 SERVER -> CLIENT: 250 2.0.0 OK 1549485383 x38sm6269222edx.24 - gsmtp
2019-02-06 20:34:32 CLIENT -> SERVER: QUIT
2019-02-06 20:34:32 SERVER -> CLIENT: 221 2.0.0 closing connection x38sm6269222edx.24 - gsmtp

Advertisement

Answer

Google does not allow you to send from arbitrary addresses. You can only use your account address, or predefined aliases from your gmail settings. If you try to do this, it will simply substitute your account address for the from address, as you’re seeing.

Generally trying to do this is the wrong approach anyway – it’s forgery and will result in your messages being spam filtered or bounced due to SPF failures. The right way to do it is to use your own address as the from address, and the submitter’s address as a reply-to address. The contact form example provided with PHPMailer does exactly this. The important bit of that:

    //Use a fixed address in your own domain as the from address
    //**DO NOT** use the submitter's address here as it will be forgery
    //and will cause your messages to fail SPF checks
    $mail->setFrom('from@example.com', 'First Last');
    //Send the message to yourself, or whoever should receive contact for submissions
    $mail->addAddress('whoto@example.com', 'John Doe');
    //Put the submitter's address in a reply-to header
    //This will fail if the address provided is invalid,
    //in which case we should ignore the whole request
    if ($mail->addReplyTo($_POST['email'], $_POST['name'])) {
        $mail->Subject = 'PHPMailer contact form';
        //Keep it simple - don't use HTML
        $mail->isHTML(false);
        //Build a simple message body
        $mail->Body = <<<EOT
Email: {$_POST['email']}
Name: {$_POST['name']}
Message: {$_POST['message']}
EOT;
User contributions licensed under: CC BY-SA
10 People found this is helpful
Advertisement