I don’t use PHP that often but when I do and I need to write a function to send E-Mails, I just used the mail() function. I have used it on a shared hosting service and I always received the E-Mails from a… well… not an account? A bot? It didn’t even have an E-Mail address.
And that’s what I want to achieve at this very moment – send an E-Mail to me without really connecting to a SMTP server or going through authentication. How can be that done with PHPMailer? Is it even possible in my case? And if you somehow got my question, how are such E-Mails even called; the ones that… aren’t sent by… well… an E-Mail account?
<?php use PHPMailerPHPMailerPHPMailer; use PHPMailerPHPMailerException; require 'PHPMailer-mastersrcException.php'; require 'PHPMailer-mastersrcPHPMailer.php'; require 'PHPMailer-mastersrcSMTP.php'; $mail = new PHPMailer(); $mail->FromName = "A random name"; $mail->addAddress("myemail@gmail.com", "Recepient Name"); $mail->isHTML(true); $mail->Subject = "Subject is here"; $mail->Body = "Hello, <br>test body "; if(!$mail->Send()) { echo "Mailer Error: " . $mail->ErrorInfo; } else { echo "Message has been sent"; } ?>
Advertisement
Answer
This did make me laugh a bit…
No, emails can’t just magically spring into existence, but there isn’t necessarily a direct correlation between email user accounts and addresses.
When you send from a shared hosting account by calling mail()
, the mail server knows the account you’re sending from, and sometimes doesn’t require authentication as a result. This for example is how GoDaddy operates. Unfortunately this approach is very prone to abuse because there is often little preventing you from flat-out lying about who you are. This is why such services are usually a) terrible and b) extremely unreliable for actually delivering messages.
If you don’t specify a “from” address, the server will usually make one up from information it does have – typically your user account name, or the name of the user running the script (e.g. www-data
), and the hostname of the server you’re on, often something like randomnumber.hostingprovider.example.com
. Look at the headers of messages you’ve sent before, and you’ll probably see something like that.
Sometimes this address can be the same for all users on a given shared server, so your delivery reputation can depend on what others are sending, which could well be spam, phishing, malware, etc.
This vagueness is terrible for deliverability, so if you host your contact form on such a system, expect messages from it to end up in a spam folder.
If you use SMTP to send via a “proper” account you gain a lot more control and reliability, but unfortunately some hosting providers (GoDaddy again) block outbound SMTP and force you to use their mail servers. This is a way of saying that if you want to send email that will be delivered, use a decent hosting provider.
Once you get control over your sending, you can choose exactly what addresses messages are sent from, subject to authentication constraints including things like SPF, DKIM, and DMARC, but that’s another story.