Brain Handles

Back when I set up my drawing site I set the "from" address on my registration confirmation mails (the e-mail with a link you need to click to confirm your registration) as a forward to a free mail account, rather than as its own POP account. Then I forgot about it and didn't think to notice that I wasn't getting any bounces or other e-mails coming in.

Improving Your Headers

Recently, a user who was trying to register and also owns the ISP he was using for registering, sent me an e-mail about an error that cropped up in their mail server logs related to the registration confirmation. While I was putting a "from" line in via the PHP mail() command, the configuration was such that all the other header data on the e-mail was citing not the "from" address, but the account name at the server name. So instead of (changing info here for security purposes) "bob@generic.com", everything else was saying the mail came from "admin@funkyserv.generic.com".

I did a few things to remedy that. First, I dropped the autoforward and created an actual mailbox for the address. Second, I discovered that I could add in a command to the server daemon to at least change the "envelope-from" line in the headers from "admin@funkyserv.generic.com" to "bob@generic.com". How did I do that?

In a regular PHP mail() command, you'll use something like:

mail($emailto, $subject, $body, $emailfrom)

Now, the $emailfrom could represent a host of headers you want to add. But in general, you'll probably just want to define the "from" address with it. But you can also use a fifth variable to pass commandline options to sendmail or whatever mail server PHP is connecting to for sending out your mail.

mail($emailto, $subject, $body, $emailfrom, "-f$emailfrom")

This will change the "envelope-from" to the same address as the "from" line and avoid a few problems with spam checks.

What The Heck Is A PTR Record?

Once mail started coming into the new mailbox for this existing address, I found out why I'd been having trouble with a couple of ISPs. One of the checks some mail servers do when incoming mail arrives is to do a Reverse DNS check of the IP address of the server that sent the mail. One of the things is that they check the address for patterns that look like it was dynamically assigned.

Why do they do this? Well if you're connecting via an ISP, they usually provide you a dynamically-assigned IP address. That way they can have a pool of addresses and use them as needed rather than needing a new address every time a member signs up.

When you're infected with a spam zombie, they usually include a built-in mail server which allows them to send spam directly from your computer instead of having to go through your ISP's mail server which might have various checks to prevent you from flooding out e-mail. So mail coming from a dynamically-assigned IP address has a high probability of being spam and is thus rejected by some spam blockers.

BUT, let's say you have a web site with a dedicated IP address and which runs its own mail server. If the web hosting service or server leasing service that's providing your dedicated IP address hasn't properly configured it with a Reverse DNS entry and a PTR record, your address can end up looking like it was dynamically assigned, even though it wasn't.

That's what was happening to me. My server leasing company hadn't created a Reverse DNS entry for my server name, so Reverse DNS checks were returning a server name that looked like it belonged to a dynamically-assigned address. I contacted my server leasing company about getting a proper Reverse DNS entry added with a proper PTR record. Within 24 hours, my server name was resolving nicely in a Reverse DNS check and mail from my server was getting through to the customers of some ISPs that had been blocking my mail as potential spam.

The Results

Between those two changes, I significantly improved the deliverability of mail coming from my registration scripts and cut the number of daily bounces by over 60%. Most are now coming from fake addresses like "asdf@asdf.com" instead of legitimate addresses where spam filters are blocking legitimate mail to legitimate recipients.