Forging mail header

[forkless]

Hi there,

 

I currently have a shop set up for somebody on a budget host (which works fine for most of its puprposes) but the one thing that is not working is their mail server implementation, which is getting filtered by Zen Spamhaus. Now they do have a trusted SMTP server but they are not too excited for a shop to use it, in case it has to send out bulk emails. Which is all fair.

 

So to overcome the problem of mail getting caught in the spam filter of many SMTP hosts I set up the custom SMTP settings for a Gmail account which works fine... but the mail headers "From" field are being forged as the authenticated [email protected] and not [email protected] <shopname>

 

How can I change this?

 

Thanks in advance for you input,

fork

Edited September 7, 2012 by forkless (see edit history)

[forkless]

Anybody?

[forkless]

Nobody?

[phrasespot]

You cannot. You connect to Google MTA with a set of credentials and so it will write that to the header. Headers are not being forged, what you want to do would be forging headers. Google will not let you do that (unless you are a corp subcontracting to Google for email). Otherwise anyone could forge the headers of any Google email; spammers' heaven.

Edited September 14, 2012 by phrasespot (see edit history)

[forkless]

Hi there,

 

First of all thank you for your response.

 

Maybe I wasn't quite clear (or maybe using forged was misinterpreted or a poor choice of words).

 

I do not want to forge the MTA it can show smtp.google.com (or whatever MX it is using) in my headers althogether. I just want to set the From and Reply-to. This is perfectly normal for mail headers.

 

FYI: When using an MTA that doesn't use authentication (trusted networks) and set that up as my SMTP relay host it will allow me to do this all the same.

 

CMSs like Joomla allow this method with authentication as well, so I don't see why this would not be possible.

 

Kind regards,

fork

[phrasespot]

You are (the shop is) authenticating to Google smtp server and sending an email. Before Google forwards this email to its destination it will set the sender to the authenticatied user. Whether you are using a browser to login to GMail, or doing this programmatically from the PS code does not matter, GMail user G connects to server and sends an email. You cannot get Google to write a different sender because it is not sent by anyone other than the authenticated user as far as Google is concerned. Nothing you do with PS will change that.

 

If you have access to the GMail account, say [email protected], then you can setup/verify an external email, say [email protected]. However this will not totally solve the problem. Then the outgoing email will have headers like

 

Sender: G <[email protected]>

From: Shop <[email protected]>

Reply-to: Shop <[email protected]>

 

So the recipient will see:

 

From: G <[email protected]> on behalf of Shop <[email protected]>, though some email clilents may shorten it to From: Shop orFrom: [email protected].

 

If you are not convinced look up the difference between from and sender headers and it will make sense why this is the case.

[Pressed0024]

When customers use the Contact Us Page to send an email to us, the From is the customer's email address. This triggers Gmail to identify the email as "This message may not have been sent by:".

 

Does anyone know the cause of this? Should I define a Sender instead?

[phrasespot]

When customers use the Contact Us Page to send an email to us, the From is the customer's email address. This triggers Gmail to identify the email as "This message may not have been sent by:".

 

Does anyone know the cause of this? Should I define a Sender instead?

Do not hijack threads. Create a new thread and ask your question there.