PHPWales 2020 - June 3rd to June 4th

mail

(PHP 4, PHP 5, PHP 7)

mailE-Mail senden

Beschreibung

mail ( string $to , string $subject , string $message [, mixed $additional_headers [, string $additional_parameters ]] ) : bool

Sendet eine E-Mail.

Parameter-Liste

to

Empfänger (einer oder mehrere) der E-Mail.

Die Formatierung dieses Strings muss nach » RFC 2822 erfolgen. Beispiele:

  • benutzer@example.com
  • benutzer@example.com, benutzer2@example.com
  • Name <benutzer@example.com>
  • Name <benutzer@example.com>, Name2 <benutzer2@example.com>

subject

Betreff der E-Mail.

Achtung

Die Formatierung dieses Strings muss nach » RFC 2047 erfolgen.

message

Die zu sendende Nachricht.

Jede Zeile muss durch CRLF (\r\n) getrennt werden. Außerdem sollten die Zeilen nicht mehr als 70 Zeichen enthalten.

Achtung

(Nur unter Windows:) Falls PHP direkt mit einem SMTP-Server kommuniziert und wenn ein Punkt (.) an einem Zeilenanfang steht, wird dieser Punkt entfernt. Um das zu verhindern, können Sie diese Punkte durch zwei Punkte ersetzen.

<?php
$text 
str_replace("\n.""\n.."$text);
?>

additional_headers (optional)

String oder Array, das am Ende des E-Mail-Headers eingefügt werden soll.

Dies kann benutzt werden, um zusätzliche Header-Angaben wie From, Cc oder Bcc anzugeben. Falls mehrere solcher zusätzlichen Header-Angaben angegeben werden sollen, müssen diese durch ein CRLF-Zeichen (\r\n) getrennt werden. Wenn von außen kommende Daten verwendet werden, um diesen Header zusammenzustellen, sollten diese Daten bereinigt werden, so dass keine ungewünschten Header eingeschleust werden können.

Wird ein Array übergeben, werden dessen Schlüssel als Header-Namen, und dessen Werte als entsprechende Header-Werte interpretiert.

Hinweis:

Vor PHP 5.4.42 bzw. 5.5.27 bot additional_headers noch keinen Schutz vor Mail-Header-Injection. Daher müssen Anwender sicherstellen, dass die angegeben Header sicher sind, und wirklich nur Header enthalten. Unter anderem ist darauf zu achten, dass mehrere aufeinanderfolgende Zeilenumbrüche den E-Mail-Header beenden.

Hinweis:

Um eine E-Mail zu senden, muss die E-Mail einen From-Header enthalten. Dies kann entweder durch Setzen eines additional_headers-Parameters oder durch Setzen eines Standardwertes in der php.ini geschehen.

Falls dies nicht geschieht, wird eine Fehlermeldung ähnlich wie Warning: mail(): "sendmail_from" not set in php.ini or custom "From:" header missing ausgegeben. Der From Header setzt unter Windows auch den Return-Path Header.

Hinweis:

Wenn E-Mails nicht ankommen, versuchen Sie bitte, nur das LF-Zeichen (\n) zu verwenden. Einige UNIX-MTAs (mail transfer agents) (ganz besonders » qmail) ersetzen leider LF durch CRLF (\r\n) automatisch (wodurch das CR-Zeichen verdoppelt wird, wenn CRLF verwendet wird). Dies sollte aber nur in Ausnahmefällen geschehen, da es gegen » RFC 2822 verstößt.

additional_parameters (optional)

Der additional_parameters-Parameter kann benutzt werden, um zusätzliche Parameter an das Programm zu senden, das für den E-Mail-Versand konfiguriert ist (wenn die sendmail_path-Einstellung verwendet wird). Zum Beispiel kann hiermit die "envelope sender address" (Absenderadresse) gesetzt werden, wenn sendmail mit der -f-Option benutzt wird.

Dieser Parameter wird intern durch escapeshellcmd() maskiert, um Kommando-Injection zu verhindern. escapeshellcmd() verhindert Kommando-Injection, erlaubt allerdings zusätzliche Parameter hinzuzufügen. Aus Sicherheitsgründen wird empfohlen, dass dieser Parameter bereinigt wird, um zu verhindern, dass keine unerwünschten Parameter an das Shell-Kommando übergeben werden.

Da escapeshellcmd() automatisch angewendet wird, können einige Zeichen, die gemäß Internet-RFCs in E-Mail-Adressen erlaubt sind, nicht verwendet werden. mail() kann aber diese Zeichen nicht erlauben, so dass für Programme, die diese Zeichen unterstützen müssen, alternative Methoden für den E-Mail-Versand (wie beispielsweise die Verwendung eines Frameworks oder einer Bibliothek) empfohlen werden.

Der Benutzer, unter dem der Webserver läuft, sollte als bekannter Benutzer in der sendmail-Konfiguration eingetragen werden, um zu verhindern, dass ein 'X-Warning'-Header zu den E-Mails hingefügt wird, wenn mit dieser Methode (-f) der Absender gesetzt wird. Sendmail-Benutzer finden diese Datei hier: /etc/mail/trusted-users.

Rückgabewerte

Gibt TRUE zurück, wenn die E-Mail erfolgreich für den Versand akzeptiert wurde, sonst FALSE.

Dass eine E-Mail für den Versand akzeptiert wurde, bedeutet NICHT, dass sie auch wirklich den gewünschten Empfänger erreichen wird.

Changelog

Version Beschreibung
7.2.0 Der additional_headers Parameter akzeptiert nun ebenfalls ein Array.
5.4.42, 5.5.27 Header-Injection-Schutz wurde für den additional_headers Parameter implementiert. Dies bedeutet, dass mehrere aufeinanderfolgende Zeilenumbrüche nicht länger erlaubt sind.

Beispiele

Beispiel #1 Verschicken einer E-Mail.

mail() wird benutzt, um eine einfache E-Mail zu versenden:

<?php
// Die Nachricht
$nachricht "Zeile 1\r\nZeile 2\r\nZeile 3";

// Falls eine Zeile der Nachricht mehr als 70 Zeichen enthälten könnte,
// sollte wordwrap() benutzt werden
$nachricht wordwrap($nachricht70"\r\n");

// Verschicken
mail('benutzer@example.com''Mein Betreff'$nachricht);
?>

Beispiel #2 Verschicken einer E-Mail mit zusätzlichen Headern.

Hier werden einfache Header gesetzt, um dem MUA (mail user agent, z.B. ein E-Mail-Programm) die From- und die Reply-To-Adressen mitzuteilen:

<?php
$empfaenger 
'niemand@example.com';
$betreff 'Der Betreff';
$nachricht 'Hallo';
$header 'From: webmaster@example.com' "\r\n" .
    
'Reply-To: webmaster@example.com' "\r\n" .
    
'X-Mailer: PHP/' phpversion();

mail($empfaenger$betreff$nachricht$header);
?>

Beispiel #3 Verschicken einer E-Mail mit zusätzliche Headern als Array

Dieses Beispiel verschickt die selbe E-Mail wie das Beispiel direkt darüber, aber diesemal werden die zusätzlichen Header als Array übergeben (verfügbar von PHP 7.2.0 an).

<?php
$empfaenger 
'niemand@example.com';
$betreff 'Der Betreff';
$nachricht 'Hallo';
$header = array(
    
'From' => 'webmaster@example.com',
    
'Reply-To' => 'webmaster@example.com',
    
'X-Mailer' => 'PHP/' phpversion()
);

mail($empfaenger$betreff$nachricht$header);
?>

Beispiel #4 Verschicken einer E-Mail mit einem zusätzlichen Kommandozeilen-Parameter.

Der additional_parameters-Parameter kann benutzt werden, um einen zusätzlichen Parameter an das über sendmail_path konfigurierte Programm zu senden.

<?php
mail
('niemand@example.com''Betreff''Nachricht'null,
   
'-fwebmaster@example.com');
?>

Beispiel #5 Verschicken einer HTML-E-Mail.

Auch HTML-E-Mails können mit mail() versendet werden.

<?php
// mehrere Empfänger
$empfaenger  'max@example.com, moritz@example.com'// beachte das Komma

// Betreff
$betreff 'Geburtstags-Erinnerungen für August';

// Nachricht
$nachricht '
<html>
<head>
  <title>Geburtstags-Erinnerungen für August</title>
</head>
<body>
  <p>Hier sind die Geburtstage im August:</p>
  <table>
    <tr>
      <th>Person</th><th>Tag</th><th>Monat</th><th>Jahr</th>
    </tr>
    <tr>
      <td>Max</td><td>3.</td><td>August</td><td>1970</td>
    </tr>
    <tr>
      <td>Moritz</td><td>17.</td><td>August</td><td>1973</td>
    </tr>
  </table>
</body>
</html>
'
;

// für HTML-E-Mails muss der 'Content-type'-Header gesetzt werden
$header[] = 'MIME-Version: 1.0';
$header[] = 'Content-type: text/html; charset=iso-8859-1';

// zusätzliche Header
$header[] = 'To: Simone <simone@example.com>, Andreas <andreas@example.com>';
$header[] = 'From: Geburtstags-Erinnerungen <geburtstag@example.com>';
$header[] = 'Cc: geburtstagsarchiv@example.com';
$header[] = 'Bcc: geburtstagscheck@example.com';

// verschicke die E-Mail
mail($empfaenger$betreff$nachrichtimplode("\r\n"$header));
?>

Hinweis:

Wenn HTML- oder komplexe E-Mails versendet werden sollen, wird die Verwendung des PEAR-Pakets » PEAR::Mail_Mime empfohlen.

Anmerkungen

Hinweis:

Die Windows-Implementierung von mail() unterscheidet sich auf mehrere Arten von der Unix-Implementation. Zum einen benutzt sie kein lokales Programm, um die Mails zu erstellen, sondern sie arbeitet auf Sockets. D.h., dass ein MTA benötigt wird, der auf einem Netzwerk-Socket lauscht (entweder auf dem eigenen oder einem entfernten Rechner).

Zum anderen, werden die benutzerdefinierten Header wie From:, Cc:, Bcc: und Date: nicht direkt durch den MTA interpretiert, sondern zunächst von PHP geparst.

Daher sollte der to-Parameter keine Adresse der Form "Irgendwas <irgendwer@example.com>" enthalten, da dies von PHP möglicherweise nicht korrekt an den MTA übergeben werden kann.

Hinweis:

Es ist zu beachten, dass die mail()-Funktion nicht dazu geeignet ist, große Mengen von E-Mails in einer Schleife zu senden, da die Funktion für jede E-Mail ein SMTP-Socket öffnet und schließt, was nicht sehr effizient ist.

Um große Mengen von E-Mails zu senden, können die PEAR-Pakete » PEAR::Mail und » PEAR::Mail_Queue verwendet werden.

Hinweis:

Die folgenden RFCs könnten nützlich für Sie sein: » RFC 1896, » RFC 2045, » RFC 2046, » RFC 2047, » RFC 2048, » RFC 2049, und » RFC 2822.

Siehe auch

add a note add a note

User Contributed Notes 34 notes

up
23
Anonymous
3 years ago
Security advice: Although it is not documented, for the parameters $to and $subject the mail() function changes at least \r and \n to space. So these parameters are safe against injection of additional headers. But you might want to check $to for commas as these separate multiple addresses and you might not want to send to more than one recipient.

The crucial part is the $additional_headers parameter. This parameter can't be cleaned by the mail() function. So it is up to you to prevent unwanted \r or \n to be inserted into the values you put in there. Otherwise you just created a potential spam distributor.
up
17
php at simoneast dot net
2 years ago
Often it's helpful to find the exact error message that is triggered by the mail() function. While the function doesn't provide an error directly, you can use error_get_last() when mail() returns false.

<?php
$success
= mail('example@example.com', 'My Subject', $message);
if (!
$success) {
   
$errorMessage = error_get_last()['message'];
}
?>

(Tested successfully on Windows which uses SMTP by default, but sendmail on Linux/OSX may not provide the same level of detail.)

Thanks to https://stackoverflow.com/a/20203870/195835
up
3
Anonymous
2 months ago
If you notice wrong displayed characters in the email it's because you need to properly set the Content-Type and the Charset in the headers of the email:

<?php
$headers
= 'Content-Type: text/plain; charset=utf-8' . "\r\n";
?>

Mostly, UTF-8 is your best choice.

You can set custom headers with the fourth parameter of the mail() function.

To make the whole thing waterproof, add the following header too:

<?php
$headers
.= 'Content-Transfer-Encoding: base64' . "\r\n";
?>

Now you can use the combination of UTF-8 and Base64 to properly encode the subject line and the recipient name like this:

<?php
$subject
= '=?UTF-8?B?' . base64_encode('Test email with German Umlauts öäüß') . '?=';
$recipient = '=?UTF-8?B?' . base64_encode('Margret Müller') . '?= <recipient@domain.com>';
?>

And don't forget to Base64 encode the email message too:

<?php
$message
= base64_encode('This email contains German Umlauts öäüß.');
?>

All references are taken from:
https://dev.to/lutvit/how-to-make-the-php-mail-function-awesome-3cii
up
8
charles dot fisher at arconic dot com
2 years ago
I migrated an application to a platform without a local transport agent (MTA). I did not want to configure an MTA, so I wrote this xxmail function to replace mail() with calls to a remote SMTP server. Hopefully it is of some use.

function xxmail($to, $subject, $body, $headers)
{
$smtp = stream_socket_client('tcp://smtp.yourmail.com:25', $eno, $estr, 30);

$B = 8192;
$c = "\r\n";
$s = 'myapp@someserver.com';

fwrite($smtp, 'helo ' . $_ENV['HOSTNAME'] . $c);
  $junk = fgets($smtp, $B);

// Envelope
fwrite($smtp, 'mail from: ' . $s . $c);
  $junk = fgets($smtp, $B);
fwrite($smtp, 'rcpt to: ' . $to . $c);
  $junk = fgets($smtp, $B);
fwrite($smtp, 'data' . $c);
  $junk = fgets($smtp, $B);

// Header
fwrite($smtp, 'To: ' . $to . $c);
if(strlen($subject)) fwrite($smtp, 'Subject: ' . $subject . $c);
if(strlen($headers)) fwrite($smtp, $headers); // Must be \r\n (delimited)
fwrite($smtp, $headers . $c);

// Body
if(strlen($body)) fwrite($smtp, $body . $c);
fwrite($smtp, $c . '.' . $c);
  $junk = fgets($smtp, $B);

// Close
fwrite($smtp, 'quit' . $c);
  $junk = fgets($smtp, $B);
fclose($smtp);
}
up
5
pavel.lint at vk.com
7 years ago
Here's a small handy function I use to send email in UTF-8.

<?php
function mail_utf8($to, $from_user, $from_email,
                                            
$subject = '(No subject)', $message = '')
   {
     
$from_user = "=?UTF-8?B?".base64_encode($from_user)."?=";
     
$subject = "=?UTF-8?B?".base64_encode($subject)."?=";

     
$headers = "From: $from_user <$from_email>\r\n".
              
"MIME-Version: 1.0" . "\r\n" .
              
"Content-type: text/html; charset=UTF-8" . "\r\n";

     return
mail($to, $subject, $message, $headers);
   }
?>
up
4
Porjo
9 years ago
Make sure you enclose \r\n in double quotes (not single quotes!) so that PHP can translate that into the correct linefeed code
up
3
Ben Cooke
14 years ago
Note that there is a big difference between the behavior of this function on Windows systems vs. UNIX systems. On Windows it delivers directly to an SMTP server, while on a UNIX system it uses a local command to hand off to the system's own MTA.

The upshot of all this is that on a Windows system your  message and headers must use the standard line endings \r\n as prescribed by the email specs. On a UNIX system the MTA's "sendmail" interface assumes that recieved data will use UNIX line endings and will turn any \n to \r\n, so you must supply only \n to mail() on a UNIX system to avoid the MTA hypercorrecting to \r\r\n.

If you use plain old \n on a Windows system, some MTAs will get a little upset. qmail in particular will refuse outright to accept any message that has a lonely \n without an accompanying \r.
up
1
ABOMB
7 years ago
I was having delivery issues from this function to Gmail, Yahoo, AOL, etc.  I used the notes here to figure that you need to be setting your Return-Path to a valid email to catch bounces.  There are two extra delivery gotchas on top of that:

1) The domain in the email used in the -f option in the php.ini sendmail parameter or in the mail() extra parameters field, needs to have a valid SPF record for the domain (in DNS as a "TXT" record type for sure and add an additional  "SPF" type record if possible).  Why? That's header field being used for spam checks.

2) You should also use a domain key or DKIM.  The trick here is that the domain key/DKIM is case sensitive!  I used Cpanel to create my domain key which automatically used all lowercase domain names in the key creation.  I found when  sending email and using a camel case "-f account@MyDomainHere.Com" option, my key was not accepted.  However it was accepted when I used "-f account@mydomainhere.com".

There are many other factors that can contribute to mail not getting to inboxes, including your own multiple failed testing attempts, so I suggest you consult each site's guidelines and don't ask me for help.  These are just the couple technical issues that helped my case.

I hope this saves someone some time and headaches...
up
0
Mark Simon
5 months ago
It is worth noting that you can set up a fake sendmail program using the sendmail_path directive in php.ini.

Despite the comment in that file, sendmail_path also works for Window. From https://www.php.net/manual/en/mail.configuration.php#ini.sendmail-path:

This directive works also under Windows. If set, smtp, smtp_port and sendmail_from are ignored and the specified command is executed.
up
0
chris at ocproducts dot com
2 years ago
The 'sendmail' executable which PHP uses on Linux/Mac (not Windows) expects "\n" as a line separator.

This executable is a standard, and emulated by other MTAs.

"\n" is confirmed required for qmail and postfix, probably also for sendmail and exim but I have not tested.

If you pass through using "\r\n" as a separator it may appear to work, but your email will be subtly corrupted and some middleware may break. It only works because some systems will clean up your mistake.

If you are implementing DKIM be very careful, as DKIM checks will fail (at least on popular validation tools) if you screw this up. DKIM must be calculated using "\r\n" but then you must switch it all to "\n" when using the PHP mail function.

On Windows, however, you should use "\r\n" because PHP is using SMTP in this situation, and hence the normal rules of the SMTP protocol (not the normal rules of Unix piping) apply.
up
0
jim at jimbrooking dot net
3 years ago
I recently changed hosting companies and spent a day trying to see why an email script that had been working for years failed on the new server.

The answer was that the old hosting company's email server accepted multiple "CC:" lines in the additional headers string, and the new did not. Thus on the new server

...
$add_hdr .= "CC: " . $email1 . PHP_EOL;
$add_hdr .= "CC: " . $email2 . PHP_EOL;
...

did not work, but

...
$add_hdr .= "CC: " . $email1 . ", " . $email2 . PHP_EOL;
...

did work.

In both cases, PHP's mail() function returned no error, but until I placed both emails, comma-separated, in the same line I was getting the following error:

550 Messages should have one or no Cc headers, not 2.

Hope this helps someone.
up
0
rexlorenzo at gmail dot com
7 years ago
Be careful to not put extra spaces for the $headers variable.

For example, this didn't work on our servers:

$headers = "From: $from \r\n Bcc: $bcc \r\n";

But this did:

$headers = "From: $from\r\nBcc: $bcc\r\n";

Notice the removal of the spaces around the first \r\n.
up
-1
eeeugeneee
2 years ago
Send mail with minimal requirements from email services.

<?php
    $encoding
= "utf-8";

   
// Preferences for Subject field
   
$subject_preferences = array(
       
"input-charset" => $encoding,
       
"output-charset" => $encoding,
       
"line-length" => 76,
       
"line-break-chars" => "\r\n"
   
);

   
// Mail header
   
$header = "Content-type: text/html; charset=".$encoding." \r\n";
   
$header .= "From: ".$from_name." <".$from_mail."> \r\n";
   
$header .= "MIME-Version: 1.0 \r\n";
   
$header .= "Content-Transfer-Encoding: 8bit \r\n";
   
$header .= "Date: ".date("r (T)")." \r\n";
   
$header .= iconv_mime_encode("Subject", $mail_subject, $subject_preferences);

   
// Send mail
   
mail($mail_to, $mail_subject, $mail_message, $header);
?>
up
-2
Max AT
7 years ago
To define a mail sensitivity you have to put this line in the headers:

<?php
        $headers
= "MIME-Version: 1.0\n" ;
       
$headers .= "Content-Type: text/html; charset=\"iso-8859-1\"\n";

       
$headers .= "Sensitivity: Personal\n";

$status   = mail($to, $subject, $message,$headers);
?>

Possible Options:
Sensitivity: Normal, Personal, Private and Company-Confidential

These will be recognised and handled in Outlook, Thunderbird and others.
up
-4
jimmytrojan009 at gmail dot com
4 years ago
I have tried many online tutorials to get mail() function working in windows, until i stumbled upon this website
http://php.codeindepth.com/php-sending-mail/

It really boils down to changing few directives in php.ini and sendmail.ini

Changes required in sendmail.ini

smtp_server=smtp.gmail.com
smtp_port=587
error_logfile=error.log
debug_logfile=debug.log
auth_username=your-gmail-id@gmail.com
auth_password=your-gmail-password
force_sender=your-gmail-id@gmail.com

Changes required in php.ini

SMTP=smtp.gmail.com
smtp_port=587
sendmail_from = your-gmail-id@gmail.com
sendmail_path = "\"C:\xampp\sendmail\sendmail.exe\" -t"
;sendmail_path = "C:\xampp\mailtodisk\mailtodisk.exe"
up
-3
shuitest at gmail dot com
9 years ago
If you use mutt, do as below,

/usr/bin/mutt -s '$subject' -f /dev/null -e 'set copy=no' -e 'set from = "{$GLOBALS[cfg][email_from]}"' -a '$attach_file_full_path' '{$GLOBALS[cfg][email_to]}' </dev/null 2>&1;
up
-2
chris at ocproducts dot com
2 years ago
Correction to my earlier note:

'"\n" is confirmed required for qmail and postfix, probably also for sendmail and exim but I have not tested.'

It only affects qmail.
up
-4
Systemx
10 years ago
Bare LFs in SMTP

Use This

<?php
// Fix any bare linefeeds in the message to make it RFC821 Compliant.
$message = preg_replace("#(?<!\r)\n#si", "\r\n", $message);
   
// Make sure there are no bare linefeeds in the headers
$headers = preg_replace('#(?<!\r)\n#si', "\r\n", $headers);
?>
up
-5
richard at richard-sumilang dot com
11 years ago
If you are using the sendmail app from an exim package or something you don't really need to change the normal parameters PHP gives it (-t -i) as other posts described.

I just added "-f myemail@example.com" and it worked.

One thing that got me stuck for a few hours was trying to figure out why the return-path was set as the user (user running php) and not what I was setting it with the -f option then I later found at that in order to forcefully set the return-path the user account running the command must be in exim's trusted users configuration! It helps to add trusted_groups as well then everything works fine :)
- Richard Sumilang
up
-7
msheldon at desertraven dot com
14 years ago
Just a comment on some of the examples, and as a note for those who may be unaware. The SMTP RFC 822 is VERY explicit in stating that \r\n is the ONLY acceptable line break format in the headers, though is a little vague about the message body. While many MTAs will deal with just \n, I've run accross plenty of them that will exhibit "interesting" behaviours when this happens. Those MTAs that are strict in compliance will definitely break when header lines are terminated with only \n. They will also most likely break if the body of the message contains more than 1000 consecutive characters without a \r\n.*

Note that RFC 821 is a little more clear in defining:
"line
      A a sequence of ASCII characters ending with a <CRLF>."

RFC 821 makes no distinction between header lines and message body lines, since both are actually transmitted during the DATA phase.

Bottom line, best practice is to be sure to convert any bare \n characters in the message to \r\n.

* "The maximum total length of a text line including the <CRLF> is 1000 characters" (RFC 821)
up
-7
Alex Jaspersen
12 years ago
For qmail users, I have written a function that talks directly to qmail-queue, rather than going through the sendmail wrapper used by mail(). Thus it allows more direct control over the message (for example, you can adapt the function to display "undisclosed recipients" in to the To: header). It also performs careful validation of the e-mail addresses passed to it, making it more difficult for spammers to exploit your scripts.

Please note that this function differs from the mail() function in that the from address must be passed as a _separate_ argument. It is automatically put into the message headers and _does not_ need to be included in $additional_headers.

$to can either be an array or a single address contained in a string.
$message should not contain any carriage return characters - only linefeeds.

No validation is performed on $additional_headers. This is mostly unnecessary because qmail will ignore any additional To: headers injected by a malicious user. However if you have some strange mail setup it might be a problem.

The function returns false if the message fails validation or is rejected by qmail-queue, and returns true on success.

<?php
function qmail_queue($to, $from, $subject, $message, $additional_headers = "")
{
   
// qmail-queue location and hostname used for Message-Id
   
$cmd = "/var/qmail/bin/qmail-queue";
   
$hostname = trim(file_get_contents("/var/qmail/control/me"));
   
   
// convert $to into an array
   
if(is_scalar($to))
       
$to = array($to);
   
   
// BEGIN VALIDATION
    // e-mail address validation
   
$e = "/^[-+\\.0-9=a-z_]+@([-0-9a-z]+\\.)+([0-9a-z]){2,4}$/i";
   
// from address
   
if(!preg_match($e, $from)) return false;
   
// to address(es)
   
foreach($to as $rcpt)
    {
        if(!
preg_match($e, $rcpt)) return false;
    }
   
   
// subject validation (only printable 7-bit ascii characters allowed)
    // needs to be adapted to allow for foreign languages with 8-bit characters
   
if(!preg_match("/^[\\040-\\176]+$/", $subject)) return false;
   
   
// END VALIDATION
   
    // open qmail-queue process
   
$dspec = array
    (
        array(
"pipe", "r"), // message descriptor
       
array("pipe", "r") // envelope descriptor
   
);
   
$pipes = array();
   
$proc = proc_open($cmd, $dspec, $pipes);
    if(!
is_resource($proc)) return false;
   
   
// write additional headers
   
if(!empty($additional_headers))
    {
       
fwrite($pipes[0], $additional_headers . "\n");
    }
   
   
// write to/from/subject/date/message-ID headers
   
fwrite($pipes[0], "To: " . $to[0]); // first recipient
   
for($i = 1; $i < sizeof($to); $i++) // additional recipients
   
{
       
fwrite($pipes[0], ", " . $to[$i]);
    }
   
fwrite($pipes[0], "\nSubject: " . $subject . "\n");
   
fwrite($pipes[0], "From: " . $from . "\n");
   
fwrite($pipes[0], "Message-Id: <" . md5(uniqid(microtime())) . "@" . $hostname . ">\n");
   
fwrite($pipes[0], "Date: " . date("r") . "\n\n");
   
fwrite($pipes[0], $message);
   
fwrite($pipes[0], "\n");
   
fclose($pipes[0]);
   
   
// write from address and recipients
   
fwrite($pipes[1], "F" . $from . "\0");
    foreach(
$to as $rcpt)
    {
       
fwrite($pipes[1], "T" . $rcpt . "\0");
    }
   
fwrite($pipes[1], "\0");
   
fclose($pipes[1]);
   
   
// return true on success.
   
return proc_close($proc) == 0;
}
?>
up
-9
Edward
10 years ago
Currently my hosting service is on Godaddy. When attempting to use the mail function without the fifth parameter containing "-f", my message headers would not work.

Whenever your message headers do not work, simply try using the fifth parameter:

<?php
mail
($to, $subject, $message, $headers, "-femail.address@example.com");
?>
up
-5
ittasks at gmail dot com
6 years ago
When dealing with mail headers "\n" and "\r\n" *sometimes* makes a big difference.

Once our CentOs servers got re-installed, all headers like:

  $headers = "MIME-Version: 1.0\r\n";
  $headers.= "Content-type: text/html; charset=iso-8859-1\r\n";
...

became part of message body instead of headers

I was able to fixed this by replacing "\r\n" with just "\n"
up
-7
f dot touchard at laposte dot net
16 years ago
***Encoding plain text as quoted-printable in MIME email***

If you don't want to install IMAP and use imap_8bit() to encode plain text or html message as quoted-printable
(friendly french special characters encoding :-) in MIME email, try this function.
I haven't fully tested it ( like with microtime with long mails). I send html message as 7-bit, so I didn't try yet with html.
If you have good html practise, you don't really need to encode html as quote-printable as it only uses 7-bit chars.
F.Touchard

<?php
function qp_encoding($Message) {
   
   
/* Build (most polpular) Extended ASCII Char/Hex MAP (characters >127 & <255) */
   
for ($i=0; $i<127; $i++) {
       
$CharList[$i] = "/".chr($i+128)."/";
       
$HexList[$i] = "=".strtoupper(bin2hex(chr($i+128)));
    }

   
/* Encode equal sign & 8-bit characters as equal signs followed by their hexadecimal values */
   
$Message = str_replace("=", "=3D", $Message);
   
$Message = preg_replace($CharList, $HexList, $Message);

   
/* Lines longer than 76 characters (size limit for quoted-printable Content-Transfer-Encoding)
        will be cut after character 75 and an equals sign is appended to these lines. */
   
$MessageLines = split("\n", $Message);
   
$Message_qp = "";
    while(list(,
$Line) = each($MessageLines)) {
        if (
strlen($Line) > 75) {
           
$Pointer = 0;       
            while (
$Pointer <= strlen($Line)) {
               
$Offset = 0;
                if (
preg_match("/^=(3D|([8-9A-F]{1}[0-9A-F]{1}))$/", substr($Line, ($Pointer+73), 3))) $Offset=-2;
                if (
preg_match("/^=(3D|([8-9A-F]{1}[0-9A-F]{1}))$/", substr($Line, ($Pointer+74), 3))) $Offset=-1;
               
$Message_qp.= substr($Line, $Pointer, (75+$Offset))."=\n";
                if ((
strlen($Line) - ($Pointer+75)) <= 75) {               
                   
$Message_qp.= substr($Line, ($Pointer+75+$Offset))."\n";
                    break
1;
                }
               
$Pointer+= 75+$Offset;
            }
        } else {
           
$Message_qp.= $Line."\n";
        }
    }       
    return
$Message_qp;
}
?>
up
-6
bburch at bouncingpixel dot com
7 years ago
When using the PHP mail() function with IIS 6 on Windows Server 2003, check your "Relay" settings on the SMTP Virtual Server in IIS.  If you grant access to 127.0.0.1 and set then set your php.ini SMTP to the same IP address (along with setting the same port 25), you should have success in sending mail. 

I'm using PHP 5.3 and have had success with this configuration and did not have to define the "sendmail_from" setting in our php.ini file.
up
-9
php dot net at schrecktech dot com
14 years ago
When sending MIME email make sure you follow the documentation with the "70" characters per line...you may end up with missing characters...and that is really hard to track down...
up
-5
Paul
15 years ago
My mime multipart/alternative messages were going ok, until I switched to qmail with php .. after years of painfull searching, I came across this on the Life With Qmail 'Gotchas' section:

G.11. Carriage Return/Linefeed (CRLF) line breaks don't work

qmail-inject and other local injection mechanisms like sendmail don't work right when messages are injected with DOS-style carriage return/linefeed (CRLF) line breaks. Unlike Sendmail, qmail requires locally-injected messages to use Unix newlines (LF only). This is a common problem with PHP scripts.

So now, I can go back to sending emails with text AND html components :)
up
-8
molotster on google mail com
11 years ago
Note, that single line should not contain more than 78 character, but is not allowed to contain more than 998 characters.

The possible consequences are:
Over 78 - clients are allowed to display the message in a "harder to read" way.
Over 998 - clients and servers are allowed to drop the message or cause any buffer-limit error.

See:
http://www.faqs.org/rfcs/rfc2822 part 2.1.1.
up
-13
yarik dot bohatsky at gmail dot com
7 years ago
If you want to send UTF-8 HTML letter you need to mention charset twice:

1) In message header:
<?php
$headers
.= 'Content-type: text/html; charset=utf-8' . "\r\n";
?>

2) In HTML header:
<?php
$message
= '
<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <title>Fillon soutient à fond le retour d\'un Grand Prix de France</title>
</head>
<body>
   <p>Le Premier ministre François Fillon, passionné d\'automobile et pilote à ses heures, a apporté un soutien appuyé au retour d\'un Grand Prix de France au calendrier 2013 de la Formule 1, en faisant un passage-éclair vendredi sur le circuit Paul Ricard dans le Var.</p>
</body>
</html>
'
;

In this case Outlook will also "understand" that message is encoded using UTF-8.
up
-11
shenyqwilliam
7 years ago
If you're sending a large attachment, you may encounter overflow problem.
AFAIK, two common limits could be responsible.

1. Postfix message size limit.
Edit /etc/postfix/main.cf . Change the value of "message_size_limit".

2. Apache memory size limit for scripts.
Edit /etc/php.ini . Change the value of "memory_limit".

//Then reload (or restart) Postfix and Apache.
//Empirically, sending 200MB attachment requires 500MB memory.

Be careful! Raising memory limits may cause unexpected consequences, and is hence deprecated.
Recommended alternatives include:
* Pack and split attachment into several emails.
* Only include a link to the file. The receiver can download it later.
* Use IMAP/POP3 server (e.g. Dovecot).
up
-9
martin dot farrow at versacloud dot com
7 years ago
I've noticed that on some versions of PHP occasionally mail() returns the empty string for success, rather than true or false. The empty string evaluates to false.

if you use constructs like

if ( mail( ... ) ){
  # do something here on success
}

this wont work consistently.

so you need code like

$ret=mail(....)

if ( $ret == '' || $ret ){
  # do something here
}

to get consistent results.
up
-9
umangberi at gmail dot com
9 years ago
Outlook 2007 seemed to be a little finicky with me to have carriage returns in the headers. So any \r\n resulted in messages that had default apache messages sent over to me.

As soon as I removed \r from all of the headers, the script started working fine. Hope that helped.
up
-7
debis at woh dot rr dot com
8 years ago
This is for Windows Server 2003, IIS 6.0 with SMTP virtual server.

The problem I had was not including init_set for the SMTP server, I thought the SMTP definition in the IIS SMTP virtual server configuration would work.  When I sent mail manually this was not an issue. 

Also, $mail_sent = @mail( $to, $subject, $message, $headers ); wouldn't work but $mail_sent = mail($to, $subject, $message, $headers); did.
Lack of date_default_timezone_set() only caused a warning because php guessed what it should be.

This worked:
<?php
$to     
= 'nobody@example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster@example.com' . "\r\n" .
   
'Reply-To: webmaster@example.com' . "\r\n" .
   
'X-Mailer: PHP/' . phpversion();
ini_set ( "SMTP", "smtp-server.example.com" );
date_default_timezone_set('America/New_York');

mail($to, $subject, $message, $headers);
?>

And just so you can troubleshoot, this worked when sending mail from the command line/manually. CLI worked even though the php code without the init_set function wouldn't work.

You will notice that the "rcpt to" and "to" fields appear redundant, but if both are not used, the delivered mail's "to" field will be blank/empty.

-------------------------------
telnet www.example.com 25
helo
mail from: webmaster@example.com
rcpt to: someone@example.com
data
to: someone@example.com
subject: test again to make sure

this is my message
.
quit
-----------------------------------
up
-10
Erich at gasboysnospam dot net
10 years ago
if your mail is failing (returns false) be aware that many servers are configured to kill mail going out with a bcc or cc header.

The ideal workaround is to use the smtp functions which servers allow because of its better audit trail. Alternatively call the mail function several times.

I've just spent about four hours trying to work out what I was doing wrong!!
To Top