How to pass spam filters with PHP mail

By Steven Moseley November 8th, 2019

Marketing Tools
Ok, so you've set up a nice mail form on your remotely hosted PHP site, but every time you send an email to someone through it, it seems to get derailed by spam filters??? There's a simple reason for this.

Why Your Message Is Seen as Spam

Spam filters check the actual routing of the message to see what domain it originated from, and match that up against the email address in the "From" header to see if they match. If you're on a shared-server hosting environment, the originating domain will not be yours, and the message will therefore fail.

Here's a typical use of the PHP mail() function to send an email:

$recipient = "recipient@recipient-domain.com";
$title = "Test Message";
$message = "This is my message to you.";
$headers = "From: someone@somewhere.com";
mail($recipient, $title, $body, $headers);

Here's what the headers look like :

Return-path: 
Envelope-to: recipient@recipient-domain.com
Delivery-date: Mon, 24 Jul 2019 12:06:10 -0500 
Received: from mydomain by host104php5sql5.myhost.com with local (Exim 4.52) id 1G53sf-0008HX-TP for recipient@recipient-domain.com; Mon, 24 Jul 2019 12:06:09 -0500 
To: recipient@recipient-domain.com 
Subject: Test Message 
From: someone@somewhere.com
Message-Id: 
Date: Mon, 24 Jul 2019 12:06:09 -0500

Notice that the originating domain (in the "Received" header) is myhost.com. That is my web host. Using the PHP mail() function will use my default mail account with the host (in this case, "mydomain" at "myhost.com" to send the message. Because the originating domain ("myhost.com") and the "From" header domain ("mydomain.com") do not match, spam filters will raise a flag and derail the message.

Well, don't bang your head against the wall just yet. There's a work-around for it.

How to Correct the Headers

There are a few possible solutions to the problem. Most of them involve changing server settings or PHP's [b]mail()[/b] settings so that your domain can be reflected in the "Received" header. These are not a possibility in a shared hosting environment, so I'm not going to bother with those.

The simple solution to get past spam filters, though it's not the prettiest alternative. Basically, you want to change the "From:" header to "mydomain@myhost.com" (the actual account sending the email), but add a "Reply-To:" header for "someone@somewhere.com". The PHP code will look like this:

$header = "From: someone@somewhere.com \r\n";
$header .= "Reply-To: someone@somewhere.com \r\n"; 
$header .= "Return-Path: Some One \r\n";
$header .= "Organization: My Organization\r\n";
$header .= "Content-Type: text/plain\r\n";
mail($recipient, $title, $message, $header);

And the full headers will look like this:

Return-path: 
Envelope-to: recipient@recipient-domain.com 
Delivery-date: Mon, 24 Jul 2019 12:25:23 -0500 
Received: from mydomain by host104php5sql5.myhost.com with local (Exim 4.52) id 1G54BH-0000uE-1h for recipient@recipient-domain.com; Mon, 24 Jul 2019 12:25:23 -0500 
To: recipient@recipient-domain.com 
Subject: Test Message 
Reply-To: someone@somewhere.com
From: someone@somewhere.com 
Organization: My Organization Content-Type: text/plain 
Message-Id: Date: Mon, 24 Jul 2019 12:25:23 -0500

Now, the only problem is that when I receive the message, I see the "From" field:

From: someone@somewhere.com

Where the SMTP server is running on myhost.com, when I reply to the email, it replies to "someone@somewhere.com " - which is good.

If you're on a shared host, or using a 3rd party SMTP server, to prevent your emails looking like they're spoofing, set your "From:" field to "someone@somewhere.myhost.com". This will make your message a little less confusing to the people you're sending it to. The from field will then look like this:

From: someone@somewhere.myhost.com

Alternatively, you could update your hostname to match your naked domain, e.g., from a command-line

$ sudo hostname somewhere.com

This is will help you pass some basic spam filters using PHP mail() method for your projects.

Good luck, and don't spam people!