Friday 27 December 2019

email - How can I send sms via php's mail function()?



I recently set up an alert system whereby when certain APIs are called, it alerts me (or others) via PHP's mail() function.



On email's it works totally fine. The function returns true and it is received in the mailbox where it is sent to.



For some reason when sending to an SMS gateway (i.e. XXXXXXXXXX@messaging.sprint.com) the function sends it (it does return true) however it never gets received on the other end.



If I take that same exact email address (that goes to an sms gateway) and send it via an email client (such as zimbra or whatever), it goes through fine and it is received by the person.




I am the web designer and not really the email / IT person. I am assuming it has something to do with headers or something along this line, however I am not versed on this technical subject.



I spoke to my IT guy and he said that it is erroring and looks like there is no proper "From" address in the headers. Instead of coming from a valid email address, the email errors and looks like it is coming from "www.data@[server-name]" instead of what I am sending via the header which is a valid email address.



here is a snippet of my code:




$carriers = array("@messaging.sprintpcs.com");


//get to email
if (isset($_POST['to'])) {
$to = $_POST['to'];
}

// get from email
if (isset($_POST['from'])) {
$from = $_POST['from'];
$fromHeader = "From: ".$from."\r\n Sender: ".$from."\r\n";

}

// get subject
if (isset($_POST['subject'])) {
$subject = $_POST['subject'];
}

// get message
if (isset($_POST['message'])) {
$message = $_POST['message'];

}

// get cc
if (isset($_POST['cc'])) {
    if ($_POST['cc']!="") {
    $ccHeader = "CC: ".$_POST['cc']."\r\n";
    }
    else {
    $ccHeader="";
    }

}
else {
$ccHeader="";
}

// get bcc
if (isset($_POST['bcc'])) {
    if ($_POST['bcc']!="") {
    $bccHeader = "Bcc: ".$_POST['bcc']."\r\n";
    }

    else {
    $bccHeader="";
    }
}
else {
$bccHeader="";
}

// get reply to
if (isset($_POST['replyTo'])) {

    if ($_POST['replyTo']!="") {
    $replyToHeader = "Reply-To: ".$_POST['replyTo']."\r\n";
    }
    else {
    $replyToHeader="";
    }
}
else {
$replyToHeader="";
}


$additionalHeaders = "Content-Type: text/plain; charset=\"utf-8\" Content-Transfer-Encoding: 8bit \r\n";

$headers = $fromHeader.$ccHeader.$bccHeader.$additionalHeaders;

foreach ($carriers as $carrier) {

    $number = get_numeric_only($to).$carrier;

    if (mail($to,$subject,$message,$headers)) {

        $response = array("response" => "SUCCESS");
    }
    else {
        $response = array("response" => "ERROR");
    }

}

echo json_encode($response);


?>


edit:



I changed the mail() function by adding a 4th parameter so it looks like this as apparently this would help:



mail($to,$subject,$message,$headers,'-f[myaddress]@[mydomain].com')



Then the sms-email bounced BACK to the "from" email address as stated in the headers with the following:



The original message was received at Wed, 28 Jan 2015 19:10:32 -0500
from localhost [127.0.0.1]

   ----- The following addresses had permanent fatal errors -----

    (reason: 550 Host unknown)

   ----- Transcript of session follows -----

550 5.1.2 ... Host unknown (Name     server: messaging.sprintpcs.com: host not found)


Does this jog anybody's head? .....


Answer



OK firstly you're allowing a random stranger (who submits the POST request) to set the FROM address of the email message by accessing $_POST['from'] and using that as the FROM address. That's not going to work if (as others have suggested) you're setting a FROM address that is not a valid sender address according to your mail server -- and according to whatever upstream mail server you're using. So, for example, in my own network I can send an email "From: me@mydomain.com" but if I send something that is addressed "From: you@fakedomain.com" then it will probably bounce or be thrown out. So you probably need to hard code that From address to whatever your IT guys say, not use the $_POST variable.



The fact that your email is actually going out as "From: www.data@servername" probably means a couple of things:





  • Your PHP is configured so that the mail() function calls the standard sendmail command installed on most Unix/Linux systems.

  • Your Apache server, that is running the PHP processes, is running as the "www.data" user on that system.

  • The "www-data" user on that system is not authorized to set an alternative FROM address, and so sendmail is forcing the FROM address to be www.data@servername, regardless of what you tell it.



Your system admin needs to tell you what address to hard code as the FROM address on that system. In addition, he or she needs to configure the mail system to allow www.data to set its own FROM address. Assuming that you are using actual real sendmail (and not something else configured to work like sendmail, such as postfix), then that would be done by adding a line "www.data" to the file /etc/mail/trusted-users or whatever trust file is set up on that system. The clue to that is to find the sendmail.cf file in use on the system and look for a line beginning with "Ft", e.g.



Ft/etc/mail/trusted-users



More information can be found in the sendmail docs, e.g. on a Red Hat / CentOS system with the sendmail-cf package installed there will be a /usr/share/sendmail-cf/README file on that system with useful information in it about trusted-users.



-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

php - file_get_contents shows unexpected output while reading a file

I want to output an inline jpg image as a base64 encoded string, however when I do this : $contents = file_get_contents($filename); print &q...