NYCPHP Meetup

NYPHP.org

[nycphp-talk] PHP Bcc Headers

bzcoder bzcoder at bzcode.com
Mon Aug 4 17:58:39 EDT 2008


(Margaret) Michele Waldman wrote:
>
> I did resort to calling mail() twice. I hated doing it.
>
> Then he called me and said there was no from on the email and the 
> client isn’t getting the email, which made me think it was a header 
> issue again.
>
> However, My testing shows there is a from.
>
> I think the email in question has spam filters set too high.
>

Ok, if you really want to troubleshoot this, first thing to do is to do 
a phpinfo(); on both systems and look for your mail settings.

For example,
Path to sendmail : /usr/sbin/sendmail -t -i

That means that when you use the mail() function, "sendmail" is invoked 
with the -t and -i parameters and then passed the rest of the email 
message from the command line.

So a complete command would be:
/usr/sbin/sendmail -t -i $fullmessage

The -t tells sendmail to extract the information for to, cc, and bcc 
from the header of the text message.

The -i tells sendmail not to treat a dot by itself as the end of the 
message(so if your message is
this is
.
my text

Sendmail doesn't truncate at the end of is).

A lot of times the -t is left off the command, which mucks you up.

Then there is running a non sendmail mail server which won't accept /n/r 
as end of line statements, so it treats the entire header as part of the 
body and makes up it's own header.

Then there is whether or not your mail server will stick it's own from 
on the message and ignore the form in the message itself.

And of course a lot of people stick their own sendmail command stub in 
place of the command line because they run into problems, and now it's 
not documented so a new programmer doesn't know the rules of that road.


Plus it's just a really really bad idea, and a security hole, to allow 
programs to send email from the command line these days when it is so 
easy to just give a program a userid and password and have it send via 
authenticated SMTP(now, if you send out a few hundred thousand emails at 
a time, like I do with the mailling lists I support, suddenly that 
security whole seems less problematic than the added time for 
authentication and connection setup/teardown and moving it all to a 
server dedicated just to email processing of authenticated programs is 
not such a bad idea. :-))



More information about the talk mailing list