NYCPHP Meetup

NYPHP.org

[nycphp-talk] PHP Bcc Headers

Kristina Anderson ka at kacomputerconsulting.com
Mon Aug 4 21:52:10 EDT 2008 

We had severe problems with PHP mail() this spring on a project and 
ended up switching servers, and then having to work with sys admins for 
hours to figure out why certain stuff wasn't working quite right (we 
have code that sends emails including to bcc's and multi recipient 
lists).  

One thing we did discover was that between servers, and between 
different web hosts, there are some serious differences in 
configuration that can break mail() code.  Another thing we discovered 
is that when something with mail() is not working, it can be very 
difficult to figure out why.

Also someone mentioned to me a couple of months ago that when sending 
volume increases, mail() exhibits unexpected behaviors...i.e. cr*ps out 
without warning.

We are fine with mail() for the beta but will most definitely be 
switching to a more robust solution in the very near future.  

-- Kristina

> Sendmail has the right flags.  I had already checked that.
> 
> I found out the from is working, just not the bcc and the client isn't
> receiving email at his preferred account, we're having to use a 
secondary
> account.  I think that has something to do with his mail account 
setup.
> 
> I don't think I'm going to replace mail with an smtp mail because I 
don't
> know what his email account is working and we would have to retest 
and send
> the code.  If it was my app, I might, but it just isn't a good idea 
in this
> case.  Plus, this is a website template which may be moved around from
> server to server and possibly hosting company to hosting company.
> 
> -----Original Message-----
> From: talk-bounces at lists.nyphp.org [mailto:talk-
bounces at lists.nyphp.org] On
> Behalf Of bzcoder
> Sent: Monday, August 04, 2008 5:59 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] PHP Bcc Headers
> 
> (Margaret) Michele Waldman wrote:
> >
> > I did resort to calling mail() twice. I hated doing it.
> >
> > Then he called me and said there was no from on the email and the 
> > client isn't getting the email, which made me think it was a header 
> > issue again.
> >
> > However, My testing shows there is a from.
> >
> > I think the email in question has spam filters set too high.
> >
> 
> Ok, if you really want to troubleshoot this, first thing to do is to 
do 
> a phpinfo(); on both systems and look for your mail settings.
> 
> For example,
> Path to sendmail : /usr/sbin/sendmail -t -i
> 
> That means that when you use the mail() function, "sendmail" is 
invoked 
> with the -t and -i parameters and then passed the rest of the email 
> message from the command line.
> 
> So a complete command would be:
> /usr/sbin/sendmail -t -i $fullmessage
> 
> The -t tells sendmail to extract the information for to, cc, and bcc 
> from the header of the text message.
> 
> The -i tells sendmail not to treat a dot by itself as the end of the 
> message(so if your message is
> this is
> .
> my text
> 
> Sendmail doesn't truncate at the end of is).
> 
> A lot of times the -t is left off the command, which mucks you up.
> 
> Then there is running a non sendmail mail server which won't 
accept /n/r 
> as end of line statements, so it treats the entire header as part of 
the 
> body and makes up it's own header.
> 
> Then there is whether or not your mail server will stick it's own 
from 
> on the message and ignore the form in the message itself.
> 
> And of course a lot of people stick their own sendmail command stub 
in 
> place of the command line because they run into problems, and now 
it's 
> not documented so a new programmer doesn't know the rules of that 
road.
> 
> 
> Plus it's just a really really bad idea, and a security hole, to 
allow 
> programs to send email from the command line these days when it is so 
> easy to just give a program a userid and password and have it send 
via 
> authenticated SMTP(now, if you send out a few hundred thousand emails 
at 
> a time, like I do with the mailling lists I support, suddenly that 
> security whole seems less problematic than the added time for 
> authentication and connection setup/teardown and moving it all to a 
> server dedicated just to email processing of authenticated programs 
is 
> not such a bad idea. :-))
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
> 
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
> 
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
> 
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
> 
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
> 
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
> 
>

More information about the talk mailing list