So I developed an automated Mailing System through which I send automated e-mails in PHP using the PHPMailer Extension.
First, most of the e-mails I've sent with the PHPMailer dropped into the spam of several clients, a well-known issue. I've checked with my host and we created an SPF record; and the result improved a lot.
Now by coincidence, I've found that some clients still seem to drop messages received via the PHPMailer script into their Spam folder. If I send the same e-mail manually, it doesn't happen, so it seems to be related to PHPMailer; so I must be doing something wrong.
The configs / code I'm currently using are / is :
$mail->isSMTP();
$mail->SMTPAuth = true;
$mail->Host = $host; // verified with my host
$mail->Port = 465;
$mail->Username = '[email protected]'; // verified with my host
$mail->Password = 'mypassword'; // verified with my host
$mail->SMTPSecure = 'ssl';
$mail->SMTPAutoTLS = true;
$mail->setFrom( '[email protected]', 'This is the Header of the E-Mail' );
$mail->addAddress( '[email protected]', '' );
$mail->isHTML( true );
$mail->Subject = 'This is the Subject of the E-Mail';
$mail->CharSet = 'UTF-8';
$mail->Body = 'HTML Content of the E-Mail';
$mail->send();
$mail->SmtpClose();
Please note that my hosting provider does not support any DKIM signature authentication; and I've also verified the correct reverse DNS lookup with my provider.
What am I missing folks?
I interestingly came about this post here; which writes that "IANA has reassigned a new service to this port [465], and it should no longer be used for SMTP communications."
The article recommends the use of tls
and port 587
should be the default approach. Is this maybe the issue; or am I missing something out on PHPMailer? I just wanna be sure before switching anything, as I'm not at all an expert in the area of e-mails.. And well, I've never heard about this port issue.
CodePudding user response:
Whether mail ends up in spam is very difficult to control. Implementing SPF and DKIM can help, but still provide no guarantees. If it was easy to bypass spam filters, spammers would do it, and they would not be spam filters! There's an article in the PHPMailer wiki about avoiding spam filters that you may find helpful. The headers in a received message will often tell you why a message has been put in the spam folder, for example listing the spamassassin rules it matched.
You say it works "manually", but is that sending from the same place (e.g. on your local machine)? You can get the raw text of messages sent through each route and compare them to see what's different (other than obvious things like message IDs).
That MailGun article is outdated. Since then, RFC8314 has not only "undeprecated" port 465, it's now recommended as the default because it eliminates a possible attack vector in the pre-encryption stage that SMTP STARTTLS uses on port 587. Unfortunately it also makes it harder to debug from PHP, and denies the chance to do opportunistic encryption when encryption is not requested explicitly, so it's not the default in PHPMailer (yet).