> -----Original Message-----
> From: LAMP [mailto:l...@afan.net] 
> Sent: Monday, January 11, 2010 2:17 PM
> To: PHP-General List
> Subject: [PHP] corect way to use mail() function
> Hi,
> The company I work for, hosts online events registration 
> applications. 
> After a registered registered himself for an event he will get a 
> confirmation email saying he registered successfully.
> Currently, in the header part of the mail(), in "From" it says e.g. 
> ord...@computility.com - because the email comes from us not from our 
> client (e.g. ABC Assoc.). Reply-to goes to us too.
> Now one of our clients (e.g. ABC Assoc.) asks us to put in the "from" 
> field their email, to looks like the email comes from them. something 
> like: From: ABC Assoc. <eve...@abcaccos.org>;
> I refused to do that concerned we are going to be blacklisted for 
> sending "spam". Because header shows one place and From field 
> says other 
> email address - spam way of sending emails.
> Am I right or it really doesn't matter "who" sent the email?
> LL

I do that sort of thing all the time and don't get RBL'd.

I think the key things are if your domain can be reverse verified, the
frequency you send (if you're just sending hundreds of emails out that's a
red flag), BCC: but no TO:, and if the content/body seems to be non-spammy.
Make sure any hyperlinks in the body are correct and non-spammy looking
too. A common phishing routine is to display one hyperlink to the user, but
the actual 'click' takes you somewhere else. I think doing one of those,
"to register, click _here_" deals is WORSE (from an automated spam filter
POV) than showing the actual hyperlink and making it a hyperlink too. Ala,
"to register, click http://www.abcaccos.org/register/fa4jar4875";. Avoid
sending HTML emails for registrations too. It has a better chance of
getting through and should have a disclaimer in it to 'whitelist this
sender' sort of dealio. Once they're setup, then you can work with HTML
emails, but you don't want to loose/frustrate customers right off the bat
by not letting them register properly despite how pretty you think the HTML
version looks.

I think you should 
[a] do what your client asks -- it's their money
[b] put in a From: that is representative of the site the user expected the
email to actually come from
[c] put a disclaimer on your web form for the person to add
"ord...@computility.com" and "eve...@abcaccos.org" to their whitelist
(no-spam filter)
[d] make the SUBJ: line of the email VERY explicit about WHO and WHAT this
is concerning:
    ie SUBJ: "Registration Confirmation from ABC Assoc. for username JDOE

If I was a customer and got an email from @computility.com and I didn't
know who the heck they were, since I was expecting from @abcaccos.org, then
I would most likely delete it. I have an itchy trigger finger and tend to
delete first, ask questions later. ;-)

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to