[wp-trac] [WordPress Trac] #14888: PHPMailer class uses wrong/no sender for mail envelope

WordPress Trac wp-trac at lists.automattic.com
Fri Aug 24 18:01:58 UTC 2012


#14888: PHPMailer class uses wrong/no sender for mail envelope
-----------------------------------------+-----------------------------
 Reporter:  gkusardi                     |       Owner:
     Type:  defect (bug)                 |      Status:  new
 Priority:  normal                       |   Milestone:  Future Release
Component:  Mail                         |     Version:  3.0
 Severity:  normal                       |  Resolution:
 Keywords:  reporter-feedback has-patch  |
-----------------------------------------+-----------------------------

Comment (by tigertech):

 Replying to [comment:11 basos]:

 > Instead of being someone[@]mydomain.com it was
 servername[@]companyserver.com. This caused some SPAM filtering engines on
 the recipient side (possibly having to do with
 [http://en.wikipedia.org/wiki/Sender_Policy_Framework SPF]) to classify
 the mail as SPAM. (Meanwhile I found that the server's SMTP address is at
 a SPAM list, which is another story). Nevertheless, when the correct
 envelope sender was set, the mail was not classified as SPAM at least at
 yahoo and gmail.

 Ummm... It feels like you're using the term "correct envelope sender" to
 simply mean "an address that didn't trigger spam filters in my particular
 situation".

 Yes, a default e-mail address that your ISP uses was flagged as spam, but
 that doesn't necessarily mean WordPress should treat all such addresses as
 less "correct". Another WordPress user might randomly have the exact
 opposite problem: the ISP-supplied default address works, but a manually
 entered address (or a made-up address like "wordpress at domain") doesn't.
 There are plenty of reports of that situation, too.

 I'm sure that a made-up address is the wrong approach, so that leaves the
 question as "should WordPress ask users to manually enter an envelope
 sender address"? My suspicion is that that would not help, and would
 probably hurt. People have no idea what envelope sender addresses their
 hosting company allows. In particular, many users would probably enter a
 freemail address that's unrelated to their WordPress site domain name,
 which many hosting companies would block (my company certainly doesn't
 allow scripts to start sending mail from random domain names, since that
 usually indicates a spam exploit). Even if the company does allow it, it
 probably won't pass an SPF check and is thus probably *more* likely to be
 flagged as spam than an address the hosting company set up.

 No solution is perfect, but the reality is that a default outgoing address
 *should* work. This discussion attracts anecdotal reports to the contrary
 because only people who have trouble are likely to bother posting, but
 keep in mind that the default outgoing address is something that all
 competent hosting companies are aware of and do try to maintain properly.
 Almost every PHP script that sends mail uses the default envelope sender
 address, and if it doesn't work, we hear about that pretty quickly.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/14888#comment:13>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list