PHP手册 - 发送邮件

版本	说明
4.3.0 (Windows only)	All custom headers (like From, Cc, Bcc and Date) are supported, and are not case-sensitive. (As custom headers are not interpreted by the MTA in the first place, but are parsed by PHP, PHP < 4.3 only supported the Cc header element and was case-sensitive).
4.2.3	The `additional_parameters` parameter is disabled in safe_mode and the mail() function will expose a warning message and return `FALSE` when used.
4.0.5	The `additional_parameters` parameter was added.

PHP手册 - N: 发送邮件

用户评论:

John (30-Mar-2012 04:11)

If you have Suhosin installed it will prevent mail() from sending CC and BCC emails. You can verify whether or not Suhosin is installed using the following code snippet: <?php ob_start(); phpinfo(); $phpinfo = ob_get_contents(); ob_end_clean(); $answer = 'No'; if (strpos($phpinfo, "Suhosin") !== FALSE) { $answer = 'Yes'; } echo $answer; ?>

geeralo at gmx dot de (21-Mar-2012 07:08)

Hello programmers! There is something important I want to notice about charsets here: "Content-Type: text/plain; charset = \"UTF-8\";\n" is right and not only "Content-Type: text/plain; charset=UTF-8\n" Hope I could help other people who frustrate while searching the same mistake like me. Remember also to write only \r for windows and not for Linux-Servers. And at the end of the header should be an extra blank line: $headers .= "Content-Type: text/plain; charset = \"UTF-8\";\n"; $headers .= "Content-Transfer-Encoding: 8bit\n"; $headers .= "\n"; Greetings

patil dot sanchit50 at gmail dot com (01-Mar-2012 10:50)

Hey please give me a solution for following problem.... ( ! ) Warning: mail() [function.mail]: SMTP server response: 530 5.7.0 Must issue a STARTTLS command first. f10sm2244844pbn.58 in C:\wamp\www\projectPHP.HTML5\reference\email1.php on line 44 Call Stack # Time Memory Function Location 1 0.0005 376112 {main}( ) ..\email1.php:0 2 0.0006 377584 mail ( ) ..\email1.php:44 line 44 is : if ( mail( $mail, "$subject", $message, "From: $emailfrom" ) ) echo '<p class="success">Your email has been sent</p>'; else echo '<p class="error">There was a problem sending your email. Please try again</p>';

php at richardneill dot org (18-Feb-2012 01:50)

I discovered some mysterious headers being added to the email, which leak private information. These are: HTTP-Posting-Client: THE_USERS_IP_ADDRESS HTTP-Posting-URI: MY_WEBSITE:80/PATH/TO/FILE.php HTTP-Posting-User-Agent: THE_USER_AGENT These are NOT part of the official PHP, but are a patch added by the Mandriva/Mageia distributions. I mention it here because it is not documented anywhere else. For more, see https://bugs.php.net/bug.php?id=61131

akger1379 at gmail dot com (17-Feb-2012 09:14)

Use sendmail in queue mode to prevent long pauses everytime php is calling the mail() function. <?php $additionalParameters = \'-ODeliveryMode=d\'; mail($to, $subject, $message, $headers, $additionalParameters); ?> Your mails will be delivered everytime the sendmail daemon is processing the queue. To see what the interval may be see the \"QUEUE_INTERVAL\" variable in /etc/mail/sendmail.conf

Max AT (15-Feb-2012 05:26)

To define a mail sensitivity you have to put this line in the headers: <?php $headers = "MIME-Version: 1.0\n" ; $headers .= "Content-Type: text/html; charset=\"iso-8859-1\"\n"; $headers .= "Sensitivity: Personal\n"; $status = mail($to, $subject, $message,$headers); ?> Possible Options: Sensitivity: Normal, Personal, Private and Company-Confidential These will be recognised and handled in Outlook, Thunderbird and others.

ABOMB (31-Jan-2012 06:16)

I was having delivery issues from this function to Gmail, Yahoo, AOL, etc. I used the notes here to figure that you need to be setting your Return-Path to a valid email to catch bounces. There are two extra delivery gotchas on top of that: 1) The domain in the email used in the -f option in the php.ini sendmail parameter or in the mail() extra parameters field, needs to have a valid SPF record for the domain (in DNS as a "TXT" record type for sure and add an additional "SPF" type record if possible). Why? That's header field being used for spam checks. 2) You should also use a domain key or DKIM. The trick here is that the domain key/DKIM is case sensitive! I used Cpanel to create my domain key which automatically used all lowercase domain names in the key creation. I found when sending email and using a camel case "-f account@MyDomainHere.Com" option, my key was not accepted. However it was accepted when I used "-f account@mydomainhere.com". There are many other factors that can contribute to mail not getting to inboxes, including your own multiple failed testing attempts, so I suggest you consult each site's guidelines and don't ask me for help. These are just the couple technical issues that helped my case. I hope this saves someone some time and headaches...

debis at woh dot rr dot com (14-Dec-2011 11:09)

This is for Windows Server 2003, IIS 6.0 with SMTP virtual server. The problem I had was not including init_set for the SMTP server, I thought the SMTP definition in the IIS SMTP virtual server configuration would work. When I sent mail manually this was not an issue. Also, $mail_sent = @mail( $to, $subject, $message, $headers ); wouldn't work but $mail_sent = mail($to, $subject, $message, $headers); did. Lack of date_default_timezone_set() only caused a warning because php guessed what it should be. This worked: <?php $to = 'nobody@example.com'; $subject = 'the subject'; $message = 'hello'; $headers = 'From: webmaster@example.com' . "\r\n" . 'Reply-To: webmaster@example.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); ini_set ( "SMTP", "smtp-server.example.com" ); date_default_timezone_set('America/New_York'); mail($to, $subject, $message, $headers); ?> And just so you can troubleshoot, this worked when sending mail from the command line/manually. CLI worked even though the php code without the init_set function wouldn't work. You will notice that the "rcpt to" and "to" fields appear redundant, but if both are not used, the delivered mail's "to" field will be blank/empty. ------------------------------- telnet www.example.com 25 helo mail from: webmaster@example.com rcpt to: someone@example.com data to: someone@example.com subject: test again to make sure this is my message . quit -----------------------------------

saganwebdesign (14-Oct-2011 03:01)

If you are getting frustrated that your email is being sent as plain text instead of HTML, typically one of your headers showing up in the email (even if other scripts on the same server seem to work fine!!!) then structure your headers like this: <?php $headers = 'From: You <you@example.com>' . "\n"; $headers .= 'MIME-Version: 1.0' . "\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; ?> Notice that the From is before the MIME and Content and only Content ends with "\r\n", the other are just "\n" Not sure how it is possible for other scripts on the same server, same domain to work fine as shown in the very top instructions, and others need this crap... I spent a very frustrating couple hours figuring this out, hope you can avoid doing the same.

nospam-adriantnt at adriantnt dot com (24-Sep-2011 04:54)

When sending multipart HTML mail (text and html mail in one). In your header you define you boundary as "whatever" and inside your actual email you write it as "--whatever" With dashes in front but just inside the message body.

arunm (14-Sep-2011 01:24)

It is also advisable to set the return path in the headers; hence it will avoid the email to land in the spam folder! eg: $headers.="Return-Path:<name@example.com>\r\n";

Anda (05-Sep-2011 07:57)

Send Multi attachment email <?php function multi_attach_mail($to, $files, $sendermail){ // email fields: to, from, subject, and so on $from = "Files attach <".$sendermail.">"; $subject = date("d.M H:i")." F=".count($files); $message = date("Y.m.d H:i:s")."\n".count($files)." attachments"; $headers = "From: $from"; // boundary $semi_rand = md5(time()); $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x"; // headers for attachment $headers .= "\nMIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\""; // multipart boundary $message = "--{$mime_boundary}\n" . "Content-Type: text/plain; charset=\"iso-8859-1\"\n" . "Content-Transfer-Encoding: 7bit\n\n" . $message . "\n\n"; // preparing attachments for($i=0;$i<count($files);$i++){ if(is_file($files[$i])){ $message .= "--{$mime_boundary}\n"; $fp = @fopen($files[$i],"rb"); $data = @fread($fp,filesize($files[$i])); @fclose($fp); $data = chunk_split(base64_encode($data)); $message .= "Content-Type: application/octet-stream; name=\"".basename($files[$i])."\"\n" . "Content-Description: ".basename($files[$i])."\n" . "Content-Disposition: attachment;\n" . " filename=\"".basename($files[$i])."\"; size=".filesize($files[$i]).";\n" . "Content-Transfer-Encoding: base64\n\n" . $data . "\n\n"; } } $message .= "--{$mime_boundary}--"; $returnpath = "-f" . $sendermail; $ok = @mail($to, $subject, $message, $headers, $returnpath); if($ok){ return $i; } else { return 0; } } ?>

epheterson at gmail dot com (16-Aug-2011 06:48)

After banging my head against the wall, I realized after my host updated PHP that the From line in the header requires quotes around the name where before it worked regardless. Otherwise it will report success, and not sent. $headers .= 'From: "'. $Name . '" <' . $Email . '>' . "\r\n";

krzysiek dot 333 at gmail dot com (03-Aug-2011 07:24)

Sending messages with polish special characters: <?php function plmail($mail, $sub, $mes){ $headers = "From: ExRobot <robot@example.com>\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/plain; charset=utf-8\r\n"; $headers .="Content-Transfer-Encoding: 8bit"; $mes=htmlspecialchars_decode($mes,ENT_QUOTES);//optional - I use encoding to POST data mail($mail, "=?utf-8?B?".base64_encode($sub)."?=", $mes, $headers); } ?> Page must be in utf-8 encoding.

mulllhausen (18-Jul-2011 06:14)

i found that emails were not getting sent when i specified multiple recipients separated by commas in the $to variable. however i did find that i could specify multiple recipients using the the 'To: ' header. i am using php cli on ubuntu 10.04.1 lts. hopefully this is useful to someone

me at arronwoods dot com (24-Jun-2011 03:42)

I've had all sorts of problems with scripts that don't set the "-f user@example.org" parameter when using mail() if postfix is the sendmail agent. In postfix I had SMTP relay authentication based on the sender address, but it was always the PHP user as the sender until I adapted the code from: <?php mail('test@example.org', 'Subject', 'Body', 'From: user@example.org'); ?> to: <?php mail('test@example.org', 'Subject', 'Body', 'From: user@example.org', '-f user@example.org'); ?> I couldn't find a way to adjust PHP or Postfix to do this for me, so I had to edit the application. I was actually using Zend_Mail_Transport_Smtp, which made it that little bit trickier. I ended up with this: <?php class My_Mail_Transport_Sendmail extends Zend_Mail_Transport_Sendmail { public function _sendMail() { if ($this->parameters === null) { $this->parameters = '-f ' . $this->_mail->getFrom(); } return parent::_sendMail(); } } ?>

vigo dot von dot harrach at gmx dot de (19-May-2011 10:49)

If using sendmail as transport agent, setting the "DeliveryMode" to "background" (asynchronous) instead of the default "interactive" (synchronous) makes mail() a lot faster, while still sending immediately. You can either use the "additional parameters", e.g. mail($to, $subject, $message, $headers, 'O DeliveryMode=b'), or make this mode default by changing php.ini's "sendmail_path" to 'sendmail -t -i -O DeliveryMode=b'.

buraks78 at gmail dot com (08-May-2011 03:02)

If you are having problems changing the Sender and Return-Path headers, make sure that you are editing the right configuration file. On my CentOS 5.6: [root@server mail]# ll /usr/sbin/sendmail lrwxrwxrwx 1 root root 21 Oct 26 2009 /usr/sbin/sendmail -> /etc/alternatives/mta [root@server mail]# ll /etc/alternatives/mta lrwxrwxrwx 1 root root 23 Apr 9 07:48 /etc/alternatives/mta -> /usr/sbin/sendmail.exim [root@server mail]# ll /usr/sbin/sendmail.exim lrwxrwxrwx 1 root root 4 Apr 9 07:45 /usr/sbin/sendmail.exim -> exim I spent some time trying to figure out why my changes to the sendmail.mc file were being ignored. Naturally, Exim configuration is different than Sendmail. You need to edit the /etc/exim/exim.conf file instead: remote_smtp: driver = smtp return_path = bounce@example.com headers_rewrite = apache@* info@example.com s ^ Don't forget the "s" at the end. See this page for more information: http://www.exim.org/exim-html-2.00/doc/html/spec_32.html#SEC669 If you are OK with displaying the apache user name (ie "Sender: apache@subdomain.example.com") in the email header, then just update the qualify_domain configuration option in the same file. qualify_domain = example.com This will fix the domain only (ie "Sender: apache@example.com").

ajoliveira at ajoliveira dot com (21-Apr-2011 03:40)

This manual says: Multiple extra headers should be separated with a CRLF (\r\n) I have found out when developing a function sending a text/html multipart message that multiple headers are better separated by \n instead of \r\n. I have used \r\n only in te last one. This was done to ensure cross-platform consistency of the e-mail. There atr some mail systems interpreting \r\n as the end of the headers and the start of the message body.

Richard Neill (28-Dec-2010 11:54)

If mail() encounters an error, it just returns false. To find why, we need to discover where the sendmail command put its error. On Linux, this is usually /var/log/messages. The mail errors don't end up in /var/log/httpd/errors (because apache doesn't know that /usr/sbin/sendmail returning false is an error), nor in /var/log/mail/ (because the email never got as far as postfix, and no SMTP/delivery error occurred.)

shuitest at gmail dot com (03-Nov-2010 05:50)

If you use mutt, do as below, /usr/bin/mutt -s '$subject' -f /dev/null -e 'set copy=no' -e 'set from = "{$GLOBALS[cfg][email_from]}"' -a '$attach_file_full_path' '{$GLOBALS[cfg][email_to]}' </dev/null 2>&1;

tschmieder at online dot de (23-Oct-2010 03:32)

it seams to be better, to terminate additional headers neither with "\n" nor with "\r\n", but to terminate them with the php constant PHP_EOL. The benefit is: this works fine as well on a LINUX based Host as on a Windows based host. As final result there must be produced a mail file fulfilling the RFC2822 ff. On a Linux system therfore in headers linebreaks like "\n" are required due to the sendmail script transforming them to "\r\n" (means CRLF). On a Windows system the mail function speaks directly to the SMTP Server (port 25) and therefore in headers linebreaks like "\r\n" (means CRLF) are required at once. Nobody else would care for transformation. If you use the constant PHP_EOL instead of own character sequences, the php installation will take care for the required line ending as well on Linux as on Windows installations.

Michiel Uitdehaag (30-Sep-2010 09:07)

We had a LAMP setting with postfix as mail system. Our additional headers were not interpreted correctly by a receiving mailserver (Exchange/ENOD32) and a newline was inserted after the first additional header. It turns out that a internet/dos style newline (\r\n) in the headers were converted to \r\r\n (ie: something mindlessly replaced all \n with \r\n without seeing if \n was already preceded by \r) I don't know if this is something in PHP or postfix, but seeing the comments below I suspect it is something of PHP on *NIX in combination with non-sendmail mailers. So, use your 'local' newline style for additional headers, as opposed to the examples above. I don't know if this is a bug anywhere. I don't know which element exactly does the unix2dos translation. If it is PHP, it should only replace ([^\r])\n with \1\r\n

Zane @ MLI (08-Sep-2010 11:17)

Italian users cursing against "?" and other uppercase-accented-vowels ("vocali maiuscole accentate"") in subjects! While the lowercase ones ("è", "é" and so on) work as expected, qmail doesn't handle the uppercase ones. To fix it, the only way I found was this: <?php function mail_utf8($to, $subject = '(No subject)', $message = '', $header = '') { $header_ = 'MIME-Version: 1.0' . "\r\n" . 'Content-type: text/plain; charset=UTF-8' . "\r\n"; mail($to, '=?UTF-8?B?'.base64_encode($subject).'?=', $message, $header_ . $header); } ?> It should apply to other languages too.

phadley at reliableid dot com (12-Aug-2010 02:20)

The mail function will stop including headers if you misspell one of them. It doesn't report an error, it just puts the offending header and all that follow it in the body of the message. My great transgression was using MIME Version instead of MIME-Version, a lapse which cost me several hours.

Porjo (07-Jul-2010 07:19)

Make sure you enclose \r\n in double quotes (not single quotes!) so that PHP can translate that into the correct linefeed code

umangberi at gmail dot com (02-May-2010 09:41)

Outlook 2007 seemed to be a little finicky with me to have carriage returns in the headers. So any \r\n resulted in messages that had default apache messages sent over to me. As soon as I removed \r from all of the headers, the script started working fine. Hope that helped.

matthew dot mckay at uwrf dot edu (17-Feb-2010 09:57)

Note: On some windows platforms this is NOT thread safe. We are having email message bodies being sent out to the wrong headers multiple times, some failing to send, and other bizarre stuff. If you google search for "php mail thread safe" you can find a ton of relevant information. This is not a bug in php, there have been multiple bugs closed with this issue being dismissed as not an issue with PHP.

rch+php at online dot lt (02-Jan-2010 09:46)

RFC-2822 is quite explicit, that "Though some message systems locally store messages in this format (which eliminates the need for translation between formats) and others use formats that differ from the one specified in this standard, local storage is outside of the scope of this standard." And it is not just "some", but most Unix mailers choke when you try pipe CRLF instead of Unix line endings to "sendmail" command. PHP is using line endings as is, so you have better chances for success if you use Unix file format or line endings.

Alex M. (23-Nov-2009 07:49)

It is important to filter the form input to prevent header injection. Here is a simple way: <?php # Anti-header-injection - Use before mail() # By Victor Benincasa <vbenincasa(AT)gmail.com> foreach($_REQUEST as $fields => $value) if(eregi("TO:", $value) || eregi("CC:", $value) || eregi("CCO:", $value) || eregi("Content-Type", $value)) exit("ERROR: Code injection attempt denied! Please don't use the following sequences in your message: 'TO:', 'CC:', 'CCO:' or 'Content-Type'."); ?> -- Alex M.

Systemx (04-Nov-2009 10:29)

Bare LFs in SMTP Use This <?php // Fix any bare linefeeds in the message to make it RFC821 Compliant. $message = preg_replace("#(?<!\r)\n#si", "\r\n", $message); // Make sure there are no bare linefeeds in the headers $headers = preg_replace('#(?<!\r)\n#si', "\r\n", $headers); ?>

John (20-Oct-2009 07:38)

A quick note about the optional flags that can be passed to sendmail. -f will set the From address, -r will override the default Return-path that sendmail generates (typically the From address gets used). If you want your bouncebacks to go to a different address than the from address, try using both flags at once: "-f myfromemail@example.com -r mybounceemail@example.com"

dtbaker.com.au (11-Oct-2009 04:59)

An observation about safe_mode and mail() It looks like multiple \r\n's are replaced by a single \r\n inside the string passed to "additional_headers". I can only re-produce this on a box running with safe_mode enabled. If (for some reason) your script crafts the entire email message in the headers, this will most likely produce a blank email on safe_mode boxes (like this script I've been trying to get working).

Maven1 at example dot com (09-Oct-2009 09:28)

I was having trouble with the newline and carriage return characters when using the mail function in a custom script within Joomla since the stupid input validations kept stripping them (changed "/r/n" to "rn"). To get around this, I used chr(13) and chr(10) to insert them. <?php $headers .= 'To: Mary <mary@example.com>, Kelly <kelly@example.com>' . chr(13) . chr(10); $headers .= 'From: Birthday Reminder <birthday@example.com>' . chr(13) . chr(10); ?> Hope that helps someone.

Clayton Ginsburg (18-Aug-2009 08:38)

I recently had an issue where the mail() function would work fine from the php cli but not from apache. I eventually traced this down to the fact that I was using apparmor Specifically, I configured apparmor to deny the apache user the ability to use /bin/dash After changing apparmor to /bin/dash rix and reloading the apparmor profile, mail worked In other words, mail requires the account/program executing the script to be able to use /bin/dash I hope this helps someone

Anonymous (17-Aug-2009 07:29)

UTF-8 and QMail This function should work for all of you, who want to switch to UTF-8 email - especially if using Qmail as Mailserver. QMail seems to have problems with the "\r\n" in the header section. I found it helpful to replace them with "\n". <?php function mail_utf8($to, $subject = '(No subject)', $message = '', $from) { $header = 'MIME-Version: 1.0' . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'From: Yourname <' . $from . ">\n"; mail($to, '=?UTF-8?B?'.base64_encode($subject).'?=', $message, $header); } ?>

Tomer (03-Aug-2009 07:31)

I was trying to create a script that would send large forms without having to get/post each value first and came up with this... should help someone to save valuable time. <?php $emailSentTo = ""; $subjectOfEmail = ""; //========= no need to edit bellow // Set HTML Mail Header $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; // The Message $message = $GLOBALS["HTTP_SERVER_VARS"]["REQUEST_URI"]; //Cleaning Message $message = str_replace('?','<br><hr>',str_replace('/','File used for submittimg this form: ',str_replace('=',': ',str_replace('&','<br>',$message)))); // Sending mail($emailSentTo, $subjectOfEmail, $message, $headers); //Thanking echo "<script language=\"javascript\" type=\"text/javascript\"> alert('Thank You, We will contact you shortly.'); window.location = \"http://$_SERVER[HTTP_HOST]\"; </script> "; ?>

Edward (01-Aug-2009 10:08)

Currently my hosting service is on Godaddy. When attempting to use the mail function without the fifth parameter containing "-f", my message headers would not work. Whenever your message headers do not work, simply try using the fifth parameter: <?php mail($to, $subject, $message, $headers, "-femail.address@example.com"); ?>

php at caves dot org dot uk (28-Jul-2009 03:32)

Setting an envelope-sender address avoids mail bounces annoying your system administrator. If your mail cannot be delivered, it will be rejected to the address specified as the "SMTP-envelope-from" (or the "envelope sender" or "return path", depending on the terminology you like to use ) If you do not explicitly set an envelope-from address then PHP will default to the php.ini setting which - if you have not set this yourself - could be nobody@[your-ISP-domain] or anonymous@[your-ISP-domain], for example. To avoid bothering the person at that address - or indeed, if you are wondering why you are not receiving mail rejections yourself - you should use the "-f" option in the <$additional_parameters> argument to set a valid address. (and, by the way: If you do this, but you do not set a From: address in the <$additional_headers> argument then PHP will set a default From: address of "From: Nobody <your-envelope-sender-setting>". ).

php at caves dot org dot uk (28-Jul-2009 03:12)

Problem: mail disappearing; not being sent There are many reasons why your mail might fail to be sent, but one particularly obscure reason is as follows. You must take extra care if the machine that is sending the mail also operates mail forwarding for your domain and you are sending mail to a user at that domain. In this situation, it is common for the MTA to avoid doing a "proper" MX look-up because it "knows" that there is a local list of mail-forwarding rules. This saves resources, and normally shouldnt be a problem, of course. HOWEVER, if you deliberately alter your MX record to point to a mail server hosted elsewhere and, e.g. update your mail forwarding rules at that location, AND the server that sends your PHP-generated mail "decides" that it will save resources by not checking the MX record THEN it will use your old set of forwarding rules because it is ignoring your MX record. If an appropriate forwarding rule does not exist locally, then the mail may be dropped without generating any error (i.e. no "bounce" message). The symptom of the problem is that mail to certain users at your domain will be wrongly delivered or not delivered at all. An obscure problem, perhaps, but one that I have experienced, and which took a long time to solve!

Anonymous (03-Jul-2009 05:22)

I was (finally) able to get multipart HTML mail working. The 'boundary' must be defined with double quotes, not apostrophes. $headers .= "Content-Type: multipart/alternative;boundary=\"$boundary\";\n\n";

d dot r at usask dot ca (05-Jun-2009 05:44)

The example indicates \r\n at the end of each line in the headers but this was causing me problems as emails showed some of the headers as part of the body. I simply used only \n as in some of the other examples and the problem went away.

marcel dot portela at gmail dot com (22-May-2009 06:32)

To define a mail priority you have to put this lines in the headers: <?php $headers = "MIME-Version: 1.0\n" ; $headers .= "Content-Type: text/html; charset=\"iso-8859-1\"\n"; $headers .= "X-Priority: 1 (Higuest)\n"; $headers .= "X-MSMail-Priority: High\n"; $headers .= "Importance: High\n"; $status = mail($to, $subject, $message,$headers); ?> Here i've added many headers information including the Priority...

aldertb at XS4ALL dot nl (23-Mar-2009 09:30)

I experienced problems with removed euro signs and some other accented letters. The text came from a DB but contained the euro sign etcetera inside the mail function, just as when you would define it as a string. (Did die($newsletter['message']). It was lost in the mail I received though! When I defined the message as a string inside the sending function (overriding text from DB), including euro sign as a single character, I DID receive the email including euro sign! This was experienced on 2 different email accounts. With one I received no text after the euro sign. But only when text came from mySQL DB from a longtext Latin1-field... I installed the pear mail class and this solved the strange problem and could just send text from the DB...

andrei_a at btconnect dot com (18-Mar-2009 02:57)

On some shared hosts, when using mail() function with '-f' flag, email may be quietly 'dropped' and not sent at all without any error message returned if '-f' option is used without email address valid on this host. For example, if used as '-ftest@example.com' the email will be dropped on 1and1 provider. But if you have a 'real' mailbox on the server, for example 'black-hole@example.com', and you use '-fblack-hole@example.com' then the email will be sent. At the same time envelope's 'Return-Path' will be set properly to 'black-hole@example.com' instead of 'test@shared.example.com'.

alex_ramos at sourceforge dot net (27-Feb-2009 03:37)

Beware if you're trying to use "-f" or "-r" with the 5th parameter of the PHP mail() function, and you're relying on a plain vanilla install of sendmail on Linux, it won't work. You'll have to either change the sendmail config and add your script's userid to "trusted-users" (easier said than done... good luck with that!), or, remove sendmail and install postfix (much easier).

thelegs at gmail dot com (25-Feb-2009 03:06)

As some SMTP servers (for example Argosoft Mail Server for Windows) may lead into troubles when sending a mail to "Full Name <user@domain.tld>" instead of simply "user@domain.tld", the following may be a solution: <?php $Result = trim(preg_replace("/([\w\s]+)<([\S@._-]*)>/", " $2", $Input)); ?> I'm not a PCRE guru, but this seems to work pretty good with any number of e-mail addresses, even when the $Input contains "mixed" address definitions (ie. some with Full Name and some without). Examples: Input: "User 1 <user1@foo.tld>, User 2 <user2@foo.tld>, user3@foo.tld" Result: "user1@foo.tld, user2@foo.tld, user3@foo.tld"; Input: "user1@foo.tld, user2@foo.tld" Result: "user1@foo.tld, user2@foo.tld" The use of trim is optional, just to keep a nice space after the comma separator. If you don't mind about showing nice recipient lists to the MTA, I think this would work as well: <?php $Result = preg_replace("/([\w\s]+)<([\S@._-]*)>/", "$2", $Input); ?> Anyway I hope that someone could improve these expressions. :)

Erich at gasboysnospam dot net (19-Feb-2009 03:43)

if your mail is failing (returns false) be aware that many servers are configured to kill mail going out with a bcc or cc header. The ideal workaround is to use the smtp functions which servers allow because of its better audit trail. Alternatively call the mail function several times. I've just spent about four hours trying to work out what I was doing wrong!!

deepakkallungal at gmail dot com (23-Jan-2009 07:34)

For solving japanese subject in php mail. we had a problem was when we give shift-jis encoded test for subject in mail, the mail received displayed as "BQ Tech\ ? t H [" in subject where the content in the mail was showing correctly. we solved it by using this code. $subject =iconv( "Shift_JIS","EUC-JP", "BQ Tech申込みフォーム"); we can convert like this for japanese encoding not working correctly for japanese text.

orjtor (19-Jan-2009 08:17)

This is my solution of problems with Windows Mail on Vista. I got some of the headers in the mail body as plain text. When I removed '\r' and left just '\n' at the end of the two last lines of header it worked. This error didn't show up in my yahoo mail. <?php $body = "<html>\n"; $body .= "<body style=\"font-family:Verdana, Verdana, Geneva, sans-serif; font-size:12px; color:#666666;\">\n"; $body = $message; $body .= "</body>\n"; $body .= "</html>\n"; $headers = "From: My site<noreply@example.com>\r\n"; $headers .= "Reply-To: info@example.com\r\n"; $headers .= "Return-Path: info@example.com\r\n"; $headers .= "X-Mailer: Drupal\n"; $headers .= 'MIME-Version: 1.0' . "\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; return mail($recipient, $subject, $message, $headers); ?>

tyagi dot akhil at gmail dot com (04-Jan-2009 02:29)

To send XML content in mail use this Content-Type: text/xml instead of Content-Type: text/html

Tim Johannessen (15-Dec-2008 02:59)

I tried the example provided by [hn at nesland dot net] but it didn't quite work, as the error: Fatal error: Cannot redeclare mail() was encountered. Also, the runkit_function_rename() caused apache to exit with Segmentation fault (11) This works like a charm: <?PHP @dl("runkit.so"); @runkit_function_copy("mail", "__org_mail"); @runkit_function_remove("mail"); @runkit_function_copy("__new_mail", "mail"); @runkit_function_remove("__new_mail"); function __new_mail($to, $subject, $message, $additional_headers = null, $additional_parameters = null) { /* do your own mail function checks here */ return __org_mail($to, $subject, $message, $additional_headers, $additional_parameters); } ?> Atleast it worked for me, stripping newlines from $to, $subject, removing unwanted headers from $additional_headers and adding new headers to $additional_headers for debugging - this way I'll be able to track the origin of the mail using the headers. You'll need enable_dl = On in your php.ini and also runkit.internal_override = "1" I wanted to remove the execution of __org_mail(), so I tried to add this to disable_functions in php.ini but that didn't seem to work, so be aware that the original function can still be executed, and found by using get_defined_functions().

php at ontheroad dot net dot nz (04-Nov-2008 05:00)

Another possible cause for the "501 5.5.4 Invalid Address" type errors when sending mail from Windows is specifying BCC or CC parameters with no value.

molotster on google mail com (13-Oct-2008 09:03)

Note, that single line should not contain more than 78 character, but is not allowed to contain more than 998 characters. The possible consequences are: Over 78 - clients are allowed to display the message in a "harder to read" way. Over 998 - clients and servers are allowed to drop the message or cause any buffer-limit error. See: http://www.faqs.org/rfcs/rfc2822 part 2.1.1.

webmaster at plumage dot nl (01-Sep-2008 10:53)

The work-around for a large quantity of recipients is putting the adresses in the header-section as Bcc adresses. In this way the mail()-function opens and closes the SMTP connection only once: <?php $count_recip= count($recip);//where $recip represents an array of mail-adresses, from MySql-query or otherwise $count='0'; $headers.="Bcc: "; while($count < $count_recip){ $headers.=$recip[$count].", "; $count ++; } $headers.="admin@example.com\r\n"; ?>

bob (15-Jul-2008 09:51)

If the Cc or Bcc lines appear in the message body, make sure you're separating header lines with a new line (\n) rather than a carriage return-new line (\r\n). That should come at the very end of the headers.

akam (28-May-2008 02:55)

There differenece in body, headers of email (with attachment, without attachment), see this complete example below: work great for me (LINUX , WIN) and (Yahoo Mail, Hotmail, Gmail, ...) <?php $to = $_POST['to']; $email = $_POST['email']; $name = $_POST['name']; $subject = $_POST['subject']; $comment = $_POST['message']; $To = strip_tags($to); $TextMessage =strip_tags(nl2br($comment),"<br>"); $HTMLMessage =nl2br($comment); $FromName =strip_tags($name); $FromEmail =strip_tags($email); $Subject =strip_tags($subject); $boundary1 =rand(0,9)."-" .rand(10000000000,9999999999)."-" .rand(10000000000,9999999999)."=:" .rand(10000,99999); $boundary2 =rand(0,9)."-".rand(10000000000,9999999999)."-" .rand(10000000000,9999999999)."=:" .rand(10000,99999); for($i=0; $i < count($_FILES['youfile']['name']); $i++){ if(is_uploaded_file($_FILES['fileatt']['tmp_name'][$i]) && !empty($_FILES['fileatt']['size'][$i]) && !empty($_FILES['fileatt']['name'][$i])){ $attach ='yes'; $end =''; $handle =fopen($_FILES['fileatt']['tmp_name'][$i], 'rb'); $f_contents =fread($handle, $_FILES['fileatt']['size'][$i]); $attachment[]=chunk_split(base64_encode($f_contents)); fclose($handle); $ftype[] =$_FILES['fileatt']['type'][$i]; $fname[] =$_FILES['fileatt']['name'][$i]; } } /*************************************************************** Creating Email: Headers, BODY 1- HTML Email WIthout Attachment!! <<-------- H T M L --------- ***************************************************************/ #---->Headers Part $Headers =<<<AKAM From: $FromName <$FromEmail> Reply-To: $FromEmail MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="$boundary1" AKAM; #---->BODY Part $Body =<<<AKAM MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="$boundary1" This is a multi-part message in MIME format. --$boundary1 Content-Type: text/plain; charset="windows-1256" Content-Transfer-Encoding: quoted-printable $TextMessage --$boundary1 Content-Type: text/html; charset="windows-1256" Content-Transfer-Encoding: quoted-printable $HTMLMessage --$boundary1-- AKAM; /*************************************************************** 2- HTML Email WIth Multiple Attachment <<----- Attachment ------ ***************************************************************/ if($attach=='yes') { $attachments=''; $Headers =<<<AKAM From: $FromName <$FromEmail> Reply-To: $FromEmail MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="$boundary1" AKAM; for($j=0;$j<count($ftype); $j++){ $attachments.=<<<ATTA --$boundary1 Content-Type: $ftype[$j]; name="$fname[$i]" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="$fname[$j]" $attachment[$j] ATTA; } $Body =<<<AKAM This is a multi-part message in MIME format. --$boundary1 Content-Type: multipart/alternative; boundary="$boundary2" --$boundary2 Content-Type: text/plain; charset="windows-1256" Content-Transfer-Encoding: quoted-printable $TextMessage --$boundary2 Content-Type: text/html; charset="windows-1256" Content-Transfer-Encoding: quoted-printable $HTMLMessage --$boundary2-- $attachments --$boundary1-- AKAM; } /*************************************************************** Sending Email ***************************************************************/ $ok=mail($To, $Subject, $Body, $Headers); echo $ok?"<h1> Mail Sent</h1>":"<h1> Mail not SEND</h1>"; ?>

richard at richard-sumilang dot com (22-Mar-2008 08:12)

If you are using the sendmail app from an exim package or something you don't really need to change the normal parameters PHP gives it (-t -i) as other posts described. I just added "-f myemail@example.com" and it worked. One thing that got me stuck for a few hours was trying to figure out why the return-path was set as the user (user running php) and not what I was setting it with the -f option then I later found at that in order to forcefully set the return-path the user account running the command must be in exim's trusted users configuration! It helps to add trusted_groups as well then everything works fine :) - Richard Sumilang

mortoray at ecircle-ag dot com (10-Jan-2008 03:35)

Apparently if using the mbstring library, and using overriden functions, the "mail" command appears to use "Content-Transfer-Encoding: BASE64" by default. Which if you combine it with PEAR Mail_Mime you'll get mails that, although they appear RFC compliant, not mailer can read correctly. To fix this it appears you should add a fixed header in the mail command (this one assumes the pear mime module is 7bit clean, perhaps 8bit would also be fine) <?php $headers['Content-Transfer-Encoding'] = '7bit'; ?>

d (25-Dec-2007 09:39)

When sending html formatted mails to gmail accounts you might notice that the html is shown in plain text. This happens when you send from an unix system and gmail treats the "\r\n" line ends in a wrong way. Use "\n" instead at it will be fine. Content-Type: text/html; charset=iso-8859-1\n instead of Content-Type: text/html; charset=iso-8859-1\r\n

hn at nesland dot net (03-Nov-2007 12:37)

Tired of idiots and imbeciles who creates unsecure php-code and lets spammers abuse mail()? Try this dirty trick: With auto_prepend, prepend this file: <?php // You need to install pecl-module, runkit. dl("runkit.so"); // We could rename the function, but that currently makes my apache segfault, but this works :-P runkit_function_copy ( "mail","intmail" ); runkit_function_remove( "mail" ); function mail( $to, $subject, $message, $additional_headers = null, $additional_parameters = null ) { $___domain = $_SERVER['SERVER_NAME']; $fp = fopen("/tmp/my_super_mail_logg", "a"); fwrite( $fp, date("d.m.y H:i:s") . " " . $___domain . ": $to / $subject\n"); fclose( $fp ); return intmail( $to, $subject, $message, $additional_headers, $additional_parameters ); } ?> You probably shouldn't log to /tmp, or any other place as the webserver-user, see syslog-functions ;) And of course you can manipulate the different parameters, like adding custom headers to each email (For instance; "X-From-Web: {$_SERVER['SERVER_NAME']}")..

phpcoder at cyberpimp dot ig3 dot net (27-Sep-2007 04:51)

In addition to the $to parameter restrictions on Windows (ie. address can not be in "name <user@example.com>" format), the same restrictions apply to the parsed Cc and Bcc headers of the $additional_headers parameter. However, you can include a To header in $additional_parameters which lists the addresses in any RFC-2822 format. (For display purposes only. You still need to list the bare addresses in the $to parameter.)

Gianluigi_Zanettini-MegaLab.it (10-Aug-2007 07:57)

Please note that using an address in this format "Zane, CEO - MegaLab.it" <myaddrr@mydomain> (" are needed due to comma) works as expected under *nix, but WON'T WORK under Windows. This is an example <?php mail("\"Zane, CEO - MegaLab.it\" <myaddrr@mydomain>", "prova da test_zane", "dai funziona..."); ?> It works under *unix, but it doensn't under Win: different error are reported: Warning: mail() [function.mail]: SMTP server response: 553 5.0.0 <"Zane>... Unbalanced '"' Warning: mail() [function.mail]: SMTP server response: 501 5.5.4 Invalid Address

J.Halmu (20-Jun-2007 12:10)

I use text/plain charaset=iso-8859-1 and get bad headers complain from amavis. This helped me: [code] $subject = mb_encode_mimeheader('????? test test ??????','UTF-8'); [/code] php-version 5.2.2

Alex Jaspersen (31-May-2007 07:03)

For qmail users, I have written a function that talks directly to qmail-queue, rather than going through the sendmail wrapper used by mail(). Thus it allows more direct control over the message (for example, you can adapt the function to display "undisclosed recipients" in to the To: header). It also performs careful validation of the e-mail addresses passed to it, making it more difficult for spammers to exploit your scripts. Please note that this function differs from the mail() function in that the from address must be passed as a _separate_ argument. It is automatically put into the message headers and _does not_ need to be included in $additional_headers. $to can either be an array or a single address contained in a string. $message should not contain any carriage return characters - only linefeeds. No validation is performed on $additional_headers. This is mostly unnecessary because qmail will ignore any additional To: headers injected by a malicious user. However if you have some strange mail setup it might be a problem. The function returns false if the message fails validation or is rejected by qmail-queue, and returns true on success. <?php function qmail_queue($to, $from, $subject, $message, $additional_headers = "") { // qmail-queue location and hostname used for Message-Id $cmd = "/var/qmail/bin/qmail-queue"; $hostname = trim(file_get_contents("/var/qmail/control/me")); // convert $to into an array if(is_scalar($to)) $to = array($to); // BEGIN VALIDATION // e-mail address validation $e = "/^[-+\\.0-9=a-z_]+@([-0-9a-z]+\\.)+([0-9a-z]){2,4}$/i"; // from address if(!preg_match($e, $from)) return false; // to address(es) foreach($to as $rcpt) { if(!preg_match($e, $rcpt)) return false; } // subject validation (only printable 7-bit ascii characters allowed) // needs to be adapted to allow for foreign languages with 8-bit characters if(!preg_match("/^[\\040-\\176]+$/", $subject)) return false; // END VALIDATION // open qmail-queue process $dspec = array ( array("pipe", "r"), // message descriptor array("pipe", "r") // envelope descriptor ); $pipes = array(); $proc = proc_open($cmd, $dspec, $pipes); if(!is_resource($proc)) return false; // write additional headers if(!empty($additional_headers)) { fwrite($pipes[0], $additional_headers . "\n"); } // write to/from/subject/date/message-ID headers fwrite($pipes[0], "To: " . $to[0]); // first recipient for($i = 1; $i < sizeof($to); $i++) // additional recipients { fwrite($pipes[0], ", " . $to[$i]); } fwrite($pipes[0], "\nSubject: " . $subject . "\n"); fwrite($pipes[0], "From: " . $from . "\n"); fwrite($pipes[0], "Message-Id: <" . md5(uniqid(microtime())) . "@" . $hostname . ">\n"); fwrite($pipes[0], "Date: " . date("r") . "\n\n"); fwrite($pipes[0], $message); fwrite($pipes[0], "\n"); fclose($pipes[0]); // write from address and recipients fwrite($pipes[1], "F" . $from . "\0"); foreach($to as $rcpt) { fwrite($pipes[1], "T" . $rcpt . "\0"); } fwrite($pipes[1], "\0"); fclose($pipes[1]); // return true on success. return proc_close($proc) == 0; } ?>

Josh (09-Mar-2007 06:05)

While trying to send attachments I ran into the problem of having the beginning part of my encoded data being cut off. A fact that I didn't see mentioned anywhere explicitly (except maybe in the RFC, which admittedly I didn't read fully) was that two newlines are required before you start the encoded data: Content-Transfer-Encoding: base64\n Content-Type: application/zip; name="test_file.zip"\n \n //<--- if this newline isn't here your data will get cut off DATA GOES HERE

hans111 at yahoo dot com (01-Mar-2007 04:54)

I had a lot of trouble trying to send multipart messages to gmail accounts until I discovered gmail does not like carriage returns, even under unix I have to use only new lines (\n) and forget about the (\r) . Other email clients such as eudora, outlook, hotmail or yahoo seem not to have issues about the "missing" \r . Hope it helps.

bigtree at dontspam dot 29a dot nl (28-Feb-2007 12:46)

Since lines in $additional_headers must be separated by \n on Unix and \r\n on Windows, it might be useful to use the PHP_EOL constant which contains the correct value on either platform. Note that this variable was introduced in PHP 5.0.2 so to write portable code that also works in PHP versions before that, use the following code to make sure it exists: <?php if (!defined('PHP_EOL')) define ('PHP_EOL', strtoupper(substr(PHP_OS,0,3) == 'WIN') ? "\r\n" : "\n"); ?>

admin at chatfamy dot com (30-Jan-2007 08:37)

One thing it can be difficult to control with this function is the envelope "from" address. The envelope "from" address is distinct from the address that appears in the "From:" header of the email. It is what sendmail uses in its "MAIL FROM/RCPT TO" exchange with the receiving mail server. It also typically shows up in the "Return-Path:" header, but this need not be the case. The whole reason it is called an "envelope" address is that appears _outside_ of the message header and body, in the raw SMTP exchange between mail servers. The default envelope "from" address on unix depends on what sendmail implementation you are using. But typically it will be set to the username of the running process followed by "@" and the hostname of the machine. In a typical configuration this will look something like apache@box17.example.net. If your emails are being rejected by receiving mail servers, or if you need to change what address bounce emails are sent to, you can change the envelope "from" address to solve your problems. To change the envelope "from" address on unix, you specify an "-r" option to your sendmail binary. You can do this globally in php.ini by adding the "-r" option to the "sendmail_path" command line. You can also do it programmatically from within PHP by passing "-r address@example.com" as the "additional_parameters" argument to the mail() function (the 5th argument). If you specify an address both places, the sendmail binary will be called with two "-r" options, which may have undefined behavior depending on your sendmail implementation. With the Postfix MTA, later "-r" options silently override earlier options, making it possible to set a global default and still get sensible behavior when you try to override it locally. On Windows, the the situation is a lot simpler. The envelope "from" address there is just the value of "sendmail_from" in the php.ini file. You can override it locally with ini_set().

tdaniel at univ dot haifa dot ac dot il (26-Oct-2006 12:17)

I had trouble getting multiple emails sent for Outlook accounts (a single PHP page performed 2 mail() calls). The PHP mail() function works correctly, but the same mails that were recieved on a private POP3 server were randomly missing by our intranet Outlook exchange server. If you have the same problem, try to verify that the "Message-ID: " is unique at the $headers string. i.e. <?php $headers = [...] . "Message-ID: <". time() .rand(1,1000). "@".$_SERVER['SERVER_NAME'].">". "\r\n" [...]; ?> (rand() is used only for demonstration purposes. a better way is to use an index variable that increments (i++) after each mail) I noticed that when multiple messeges were sent simultaneously, the message-id was the same (probably there was no miliseconds differential). My guess is that Outlook is collating messages with the same message-ID; a thing that causes only one email to pass to the Outlook inbox instead of a few.

johniskew2 (19-Sep-2006 05:28)

An important rule of thumb, because it seems few really follow it and it can alleviate so many headaches: When filtering your email headers for injection characters use a regular expression to judge whether the user's input is valid. For example to see if the user entered a valid e-mail address use something like [a-zA-Z0-9._%-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}. Dont try to filter out bad characters (like searching for LF or CR), because you will ALWAYS miss something. You can be sure your application is more secure going this route....provided the regular expression is valid! This same point goes for any sort of form input not just for sending out emails.

thomas at p-devion dot de (24-Aug-2006 06:46)

Change the function addattachment for multipartmail to auto detect the mime_content_type ... <?php function addattachment($file){ $fname = substr(strrchr($file, "/"), 1); $data = file_get_contents($file); $i = count($this->parts); $content_id = "part$i." . sprintf("%09d", crc32($fname)) . strrchr($this->to_address, "@"); $this->parts[$i] = "Content-Type: ".mime_content_type($file)."; name=\"$fname\"\r\n" . "Content-Transfer-Encoding: base64\r\n" . "Content-ID: <$content_id>\r\n" . "Content-Disposition: inline;\n" . " filename=\"$fname\"\r\n" . "\n" . chunk_split( base64_encode($data), 68, "\n"); return $content_id; } ?>

panoramical at gmail dot com (28-Jul-2006 12:19)

Searched for ages on the internet trying to find something that parses EML files and then sends them...for all of you who want to send an EML files you first have to upload it, read it, then delete it. Here's my function...it's specialised for a single form where the user uploads the EML file. <?php if(isset($_POST['submit'])) { // Reads in a file (eml) a user has inputted function eml_read_in() { $file_ext = stristr($_FILES['upload']['name'], '.'); // If it is an eml file if($file_ext == '.eml') { // Define vars $dir = 'eml/'; $file = $dir.basename($_FILES['upload']['name']); $carry = 'yes'; // Try and upload the file if(move_uploaded_file($_FILES['upload']['tmp_name'], $file)) { // Now attempt to read the file if($eml_file = file($file)) { // Create the array to store preliminary headers $headers = array(); $body = ''; $ii = -1; // For every line, carry out this loop foreach($eml_file as $key => $value) { $pattern = '^<html>'; if(((eregi($pattern, $value)))||($carry == 'no')) { // Stop putting data into the $headers array $carry = 'no'; $i++; $body .= $value; } else { // Separate each one with a colon if(($eml_file_expl = explode(':', $value))&&($carry == 'yes')) { // The row has been split in half at least... if(isset($eml_file_expl[1])) { // Put it into the preliminary headers $headers[$eml_file_expl[0]] = $eml_file_expl[1]; // There might be more semicolons in it... for($i=2;$i<=$count;$i++) { // Add the other values to the header $headers[$eml_file_expl[0]] .= ':'.$eml_file_expl[$i]; } } } } } // Clear up the headers array $eml_values = array(); $eml_values[to] = $headers[To]; $eml_values[from] = $headers[From]; $eml_values[subject] = $headers[Subject]; $eml_values['reply-to'] = $headers['Reply-To']; $eml_values['content-type'] = $headers['Content-Type']; $eml_values[body] = $body; unlink($file); return $eml_values; } } else { return '<p>File not uploaded - there was an error</p>'; } } } // Takes information automatically from the $_FILES array... $eml_pattern = eml_read_in() // Headers definable...through eml_read_in() again, but I'm guessing they'll be the same for each doc... if(mail($eml_pattern[to], $eml_pattern[subject], $eml_pattern[content], $headers)) echo 'Mail Sent'; ?>

(24-Jul-2006 04:55)

correction for class multipartmail <?php function addmessage($msg = "", $ctype = "text/plain"){ $this->parts[0] .... ?> if you are adding attachment first and then addmessage you can easy overwrite added attachment - better use <?php function addmessage($msg = "", $ctype = "text/plain"){ $this->parts[count($this->parts)] .... ?>

sander at cartel dot nl (20-Jul-2006 11:26)

I found out that a ms server (ESMTP MAIL Service, Version: 5.0.2195.6713) also had the problem using CRLF in the headers: If messages are not received, try using a LF (\n) only. Some poor quality Unix mail transfer agents replace LF by CRLF automatically (which leads to doubling CR if CRLF is used). This should be a last resort, as it does not comply with RFC 2822. The suggested fix works. Sander

rsjaffe at gmail dot com (21-May-2006 10:10)

Here's my way of detecting an attempt to hijack my mail form. <?php #requires PHP 5 or greater $request = array_map('trim',($_SERVER['REQUEST_METHOD'] == "POST") ? $_POST : $_GET) ; //check for spam injection $allfields = implode('',$request) ; $nontext = $request ; unset($nontext['message'] ); $nontextfields = implode ('',$nontext) ; if ((strpos ($nontextfields,"\\r")!==false) || (strpos ($nontextfields,"\\n")!==false) || (stripos ($allfields,"Content-Transfer-Encoding")!==false) || (stripos ($allfields,"MIME-Version")!==false) || (stripos ($allfields,"Content-Type")!==false) || ($request['checkfield']!=$check) || (empty($_SERVER['HTTP_USER_AGENT']))) die('Incorrect request') ; //stop spammers ?> First, I put the data into an array $request, then set up two strings: $allfields, which is just all fields concatenated, then $nontext, which excludes those fields in which \r\n is allowed (e.g., the message body). Any form field in which \r\n is allowed should be unset in the $nontext array before the second implode function (my message field is called 'message', so I unset that). I also include a hidden field in the form with a preset value ('checkfield', $check), so I can see if something is trying to alter all fields. This is a combination of a lot of things mentioned in the messages below...

Nimlhug (11-Mar-2006 06:41)

As noted in other, well, notes; the "additional headers" parameter can be easily exploited, when doing things like: <?php mail( $_POST['to'], $_POST['subject'], $_POST['message'], 'Reply-to: '.$_POST['from']."\r\n" ); ?> An easy way of fixing this, is removing CRLFs from the header-strings, like so: <?php $_POST['from'] = str_replace( "\r\n", '', $_POST['from'] ); ?> This way, the extra data will be part of the previous header.

junaid at techni-serve dot com (07-Mar-2006 05:49)

Note: on class "multipartmail". Modify the function buildmessage with the following and it will work great. function buildmessage(){ $this->message = "This is a multipart message in mime format.\n"; $cnt = count($this->parts); for($i=0; $i<$cnt; $i++){ $this->message .= "--" . $this->boundary . "\n" .$this->parts[$i]; } $this->message .= "--" . $this->boundary . "-- \n"; } Thank for all the help.

Ben Cooke (15-Dec-2005 01:34)

Note that there is a big difference between the behavior of this function on Windows systems vs. UNIX systems. On Windows it delivers directly to an SMTP server, while on a UNIX system it uses a local command to hand off to the system's own MTA. The upshot of all this is that on a Windows system your message and headers must use the standard line endings \r\n as prescribed by the email specs. On a UNIX system the MTA's "sendmail" interface assumes that recieved data will use UNIX line endings and will turn any \n to \r\n, so you must supply only \n to mail() on a UNIX system to avoid the MTA hypercorrecting to \r\r\n. If you use plain old \n on a Windows system, some MTAs will get a little upset. qmail in particular will refuse outright to accept any message that has a lonely \n without an accompanying \r.

fnjordy at gmail dot com (05-Oct-2005 10:54)

Another example of sending a utf-8 HTML mail: <?php $to = 'bob@example.com'; $subject = 'Wakeup bob!'; $message = '<b>yo</b>, whassup?'; $headers = "From: server@example.com\r\n" . 'X-Mailer: PHP/' . phpversion() . "\r\n" . "MIME-Version: 1.0\r\n" . "Content-Type: text/html; charset=utf-8\r\n" . "Content-Transfer-Encoding: 8bit\r\n\r\n"; // Send mail($to, $subject, $message, $headers); ?>

fontajos at phpeppershop dot com (21-Sep-2005 04:24)

Problems with Microsoft Exchange and PHP as ISAPI-module We found out, that if you want to send multipart mime emails using the PHP mail-function on a Windows box using a Microsoft Exchange server, you have to use separate containers for the mail body and the mail header. In many examples like in http://www.zend.com/zend/trick/html-email.php or in the book PHP developers cookbook you find html multipart/alternative mailing solutions that build the mime header and the mail body into one PHP variable and send this as fourth argument (header) to the PHP mail-function. This works fine on most systems but not on the above mentioned combination. We found a rather trivial solution: Simply split the mime mail header and the mail body into two separate variables and give them separately to the PHP mail function, example: <?php //add From: header $headers = "From: webserver@localhost\r\n"; //specify MIME version 1.0 $headers .= "MIME-Version: 1.0\r\n"; //unique boundary $boundary = uniqid("HTMLDEMO"); //tell e-mail client this e-mail contains//alternate versions $headers .= "Content-Type: multipart/mixed; boundary = $boundary\r\n\r\n"; //plain text version of message $body = "--$boundary\r\n" . "Content-Type: text/plain; charset=ISO-8859-1\r\n" . "Content-Transfer-Encoding: base64\r\n\r\n"; $body .= chunk_split(base64_encode("This is the plain text version!")); //HTML version of message $body .= "--$boundary\r\n" . "Content-Type: text/html; charset=ISO-8859-1\r\n" . "Content-Transfer-Encoding: base64\r\n\r\n"; $body .= chunk_split(base64_encode("This the <b>HTML</b> version!")); //send message mail("root@localhost", "An HTML Message", $body, $headers); ?>

GwarDrazul (15-Sep-2005 12:01)

The article mentioned below is quite good to understand the problem of header injection. However, it suggests the following as a solution: look for "\n" and "\r" inside your user input fields (especially in those used for the $header param) and, if found reject the mail. Allthough this will probably work I still believe it is better to have a "white list" of allowed characters instead of a "black list" with forbidden characters. Example: If you want a user to enter his name, then allow characters only! If you want a user to enter his email adress, then check if the entry is a valid email adress. Doing so might automatically solve problems which you didn't think of when you created the "black list". For SMTP headers colons are needed. If you check for a valid email adress the hacker won't be able to enter colons inside that form field. I suggest using regular expressions for those checks. For more information about regular expressions see: http://www.regular-expressions.info/

msheldon at desertraven dot com (15-May-2005 08:09)

Just a comment on some of the examples, and as a note for those who may be unaware. The SMTP RFC 822 is VERY explicit in stating that \r\n is the ONLY acceptable line break format in the headers, though is a little vague about the message body. While many MTAs will deal with just \n, I've run accross plenty of them that will exhibit "interesting" behaviours when this happens. Those MTAs that are strict in compliance will definitely break when header lines are terminated with only \n. They will also most likely break if the body of the message contains more than 1000 consecutive characters without a \r\n.* Note that RFC 821 is a little more clear in defining: "line A a sequence of ASCII characters ending with a <CRLF>." RFC 821 makes no distinction between header lines and message body lines, since both are actually transmitted during the DATA phase. Bottom line, best practice is to be sure to convert any bare \n characters in the message to \r\n. * "The maximum total length of a text line including the <CRLF> is 1000 characters" (RFC 821)

jonte at macnytt dot com (25-Apr-2005 12:16)

Users of Mac OS X Server need to activate SMTP part of the Mailserver before this is working. Also note that if the ISP has blocked port 25 outgoing, you run into problems. You can find more info about this in the SMTP server log in Server Admin application if you run OSX Server.

(18-Apr-2005 08:20)

A co-worker of mine had a problem where she needed to have a backslash in the header. Basically, the name of the company has a couple of backslashes in it. However, when the recipient was receiving the email, the "From:" part had the backslashes removed. We got it to work but placing three backslashes whenever we wanted one to show up. I'd assume that the mail server was modifying the headers and this is not really an issue with php. Anyway, thought this might help someone.

benles at bldigital dot com (21-Mar-2005 05:47)

I get a 550 error when using mail() with this To format: User <user@example.com> When it's changed to just the bare email, it works fine. Just FYI that some mail servers may behave this way.

php dot net at schrecktech dot com (03-Mar-2005 12:07)

When sending MIME email make sure you follow the documentation with the "70" characters per line...you may end up with missing characters...and that is really hard to track down...

jdephix at hotmail dot com (02-Mar-2005 08:25)

How to add multiple attachment to an email: An email can be split into many parts separated by a boundary followed by a Content-Type and a Content-Disposition. The boundary is initialized as follows: <?php $boundary = '-----=' . md5( uniqid ( rand() ) ); ?> You can attach a Word document if you specify: <?php $message .= "Content-Type: application/msword; name=\"my attachment\"\n"; $message .= "Content-Transfer-Encoding: base64\n"; $message .= "Content-Disposition: attachment; filename=\"$theFile\"\n\n"; ?> When adding a file you must open it and read it with fopen and add the content to the message: <?php $path = "whatever the path to the file is"; $fp = fopen($path, 'r'); do //we loop until there is no data left { $data = fread($fp, 8192); if (strlen($data) == 0) break; $content .= $data; } while (true); $content_encode = chunk_split(base64_encode($content)); $message .= $content_encode . "\n"; $message .= "--" . $boundary . "\n"; ?> Add the needed headers and send! <?php $headers = "From: \"Me\"<me@example.com>\n"; $headers .= "MIME-Version: 1.0\n"; $headers .= "Content-Type: multipart/mixed; boundary=\"$boundary\""; mail('myAddress@example.com', 'Email with attachment from PHP', $message, $headers); ?> Finally, if you add an image and want it displayed in your email, change the Content-Type from attachment to inline: <?php $message .= "Content-Disposition: inline; filename=\"$theFile\"\n\n"; ?> Enjoy!

grey at greywyvern dot moc (18-Feb-2005 08:47)

When including your own custom headers try not to include a trailing \r\n at the end of the last header. Leaving the \r\n causes an extra line-feed at the beginning of the message body, so your message will start on the second line.

Sven Riedel (10-Jul-2004 02:22)

mail() requires /bin/sh to exist in Unix environments, next to a mail delivery program. This is very relevant when setting up apache in a chroot environment. Unfortunately this isn't anywhere in the documentation and took me several months to figure out.

nospam at mingo dot ath dot cx (09-May-2004 02:55)

If you're using a linux server using Postfix, and your server hasn't the host name set to a valid name (because it's behind a firewall in an intranet), it's possible that when sending mails using the mail function, some mail servers reject them. This is because they can't check the return path header. If you want to change the Return-Path used by sendmail init the php.ini and edit the sendmail_path variable to this: sendmail_path = "sendmail -t -i -F webmaster@example.com -f webmaster@example.com"

Paul (25-Feb-2004 10:51)

My mime multipart/alternative messages were going ok, until I switched to qmail with php .. after years of painfull searching, I came across this on the Life With Qmail 'Gotchas' section: G.11. Carriage Return/Linefeed (CRLF) line breaks don't work qmail-inject and other local injection mechanisms like sendmail don't work right when messages are injected with DOS-style carriage return/linefeed (CRLF) line breaks. Unlike Sendmail, qmail requires locally-injected messages to use Unix newlines (LF only). This is a common problem with PHP scripts. So now, I can go back to sending emails with text AND html components :)

roberto dot silva at mexicoshipping dot net (24-Jan-2004 12:16)

If you can't use or don't understand how to use the sendmail program from linux, you can use a PEAR object to send mail. <?php include("Mail.php"); $recipients = "mailto@example.com"; $headers["From"] = "mailfrom@example.com"; $headers["To"] = "mailto@example.com"; $headers["Subject"] = "Test message"; $body = "TEST MESSAGE!!!"; $params["host"] = "example.com"; $params["port"] = "25"; $params["auth"] = true; $params["username"] = "user"; $params["password"] = "password"; // Create the mail object using the Mail::factory method $mail_object =& Mail::factory("smtp", $params); $mail_object->send($recipients, $headers, $body); ?> In my case, i use a smtp server that require authentication, and sendmail configuration is almost cryptic to me. PEAR is already installed in PHP 4.0.3 , if not, you must go to http://pear.php.net/ and install it, in my case, I needed to add the Socket.php to the PEAR library.

f dot touchard at laposte dot net (31-Jan-2003 03:46)

***Encoding plain text as quoted-printable in MIME email*** If you don't want to install IMAP and use imap_8bit() to encode plain text or html message as quoted-printable (friendly french special characters encoding :-) in MIME email, try this function. I haven't fully tested it ( like with microtime with long mails). I send html message as 7-bit, so I didn't try yet with html. If you have good html practise, you don't really need to encode html as quote-printable as it only uses 7-bit chars. F.Touchard <?php function qp_encoding($Message) { /* Build (most polpular) Extended ASCII Char/Hex MAP (characters >127 & <255) */ for ($i=0; $i<127; $i++) { $CharList[$i] = "/".chr($i+128)."/"; $HexList[$i] = "=".strtoupper(bin2hex(chr($i+128))); } /* Encode equal sign & 8-bit characters as equal signs followed by their hexadecimal values */ $Message = str_replace("=", "=3D", $Message); $Message = preg_replace($CharList, $HexList, $Message); /* Lines longer than 76 characters (size limit for quoted-printable Content-Transfer-Encoding) will be cut after character 75 and an equals sign is appended to these lines. */ $MessageLines = split("\n", $Message); $Message_qp = ""; while(list(, $Line) = each($MessageLines)) { if (strlen($Line) > 75) { $Pointer = 0; while ($Pointer <= strlen($Line)) { $Offset = 0; if (preg_match("/^=(3D|([8-9A-F]{1}[0-9A-F]{1}))$/", substr($Line, ($Pointer+73), 3))) $Offset=-2; if (preg_match("/^=(3D|([8-9A-F]{1}[0-9A-F]{1}))$/", substr($Line, ($Pointer+74), 3))) $Offset=-1; $Message_qp.= substr($Line, $Pointer, (75+$Offset))."=\n"; if ((strlen($Line) - ($Pointer+75)) <= 75) { $Message_qp.= substr($Line, ($Pointer+75+$Offset))."\n"; break 1; } $Pointer+= 75+$Offset; } } else { $Message_qp.= $Line."\n"; } } return $Message_qp; } ?>

gordon at kanazawa-gu dot ac dot jp (29-Dec-2002 02:04)

If your server doesn't have mb_send_mail() enabled but you want to use non-ascii (multi-byte) chars in an email's subject or name headers, you can use something like the following: <?php $charset = "iso-2202-jp"; // japanese $to = encode("japanese name 01", $charset) . " <to@example.com>"; $from = encode("japanese name 02", $charset) . " <from@example.com>"; $subject = encode("japanese text"); $message = "does not need to be encoded"; mail($to, $subject, $message, $from); function encode($in_str, $charset) { $out_str = $in_str; if ($out_str && $charset) { // define start delimimter, end delimiter and spacer $end = "?="; $start = "=?" . $charset . "?B?"; $spacer = $end . "\r\n " . $start; // determine length of encoded text within chunks // and ensure length is even $length = 75 - strlen($start) - strlen($end); /* [EDIT BY danbrown AT php DOT net: The following is a bugfix provided by (gardan AT gmx DOT de) on 31-MAR-2005 with the following note: "This means: $length should not be even, but divisible by 4. The reason is that in base64-encoding 3 8-bit-chars are represented by 4 6-bit-chars. These 4 chars must not be split between two encoded words, according to RFC-2047. */ $length = $length - ($length % 4); // encode the string and split it into chunks // with spacers after each chunk $out_str = base64_encode($out_str); $out_str = chunk_split($out_str, $length, $spacer); // remove trailing spacer and // add start and end delimiters $spacer = preg_quote($spacer); $out_str = preg_replace("/" . $spacer . "$/", "", $out_str); $out_str = $start . $out_str . $end; } return $out_str; } // for details on Message Header Extensions // for Non-ASCII Text see ... // http://www.faqs.org/rfcs/rfc2047.html ?>

stevenlim at Edinburgh-Consulting dot com (06-Sep-2002 08:53)

How to detect a bounce email 1. make sure the email you send out have the header "Return-Path: detect-bounce@example.com\r\n", & "Return-Receipt-To: bounce@example.com\r\n" 2. setup this detect-bounce mail account at your mail server 3. redirect the incoming mail from this email account to your php script (check your mail server doc on how do this) 4. your php script will then be able to process the incoming email in whatever way you like, including to detect bounce mail message (use regexp search). Note that the mail will be not be store after the mail server has redirect to your script. If you want to store it, you need additional code in your script Hope the above help Steven Lim IT Consultant

mail

说明

参数

返回值

更新日志

范例

注释

参见

用户评论: