PHP mail() not working after McAfee email protection implemented


JimsFlutes2
Asked:
2014-07-30 3:37 am EST

Hits: 60
I use the formtoemailpro PHP script on my site to allow visitors to send me messages. This script has not been changed for a couple of years and has been working. The script uses PHP mail() to send the visitor's message to my email account. Today I implemented McAfee email protection for the domain and am no longer receiving messages from the script. I can send and receive emails from my domain email accounts, but the script doesn't seem to send emails anymore and there are no errors or bounce backs occurring. The script also sends emails to a gmail account and I am not seeing the emails there either. Has anyone experienced this before? I thought it may be related to email authentication, so I disabled DKIM and SPF, but it still did not work.

You must login before you can ask a follow up question.

You must login before you can submit an answer.

OTHER ANSWERS

0

JeffMa
Staff
9,162 Points
2014-07-30 9:06 am EST
Are you receiving any error messages? If you contact technical support, they will be able to provide you with any message logs available. Have you checked your spam folders to ensure that it was not simply detected as spam? Also, ensure that within your MX Entry section of cPanel, the mail delivery is set to Remote as the messages may be attempting to send the mail locally instead of remotely to McAfee.

You must login before you can post a comment about this answer.

I was sent here from tech support. No error messages and not being detected as spam. Will check on the remote send, though. Thank you.
JimsFlutes2
5 Points
2014-07-30 3:03 pm EST
Apparently MX records are controlled by McAfee and cannot be changed without first disabling McAfee.
JimsFlutes2
5 Points
2014-07-30 3:24 pm EST
It looks like your script does not authenticate with the server at all with your email address and password which can cause issues. Unfortunately, the script you are using does not contain any built-in functions to authenticate so you may want to speak with the developer of this script to get more information on authenticating as the proper email address.
JeffMa
9,162 Points
Staff
2014-07-30 3:40 pm EST
The script has been in place and working since 2012. Does McAfee add this new restriction to things? How does one go about authenticating from within a PHP script? Every example I have ever seen for using the PHP mail function looks like this:
$to='example@gmail.com';         
$subject='Send mail using php';
$message='This mail send using php';
$headers='From: someone@somewhere.com';
$mail=mail($to,$subject,$message,$headers);
if($mail)
{
echo'Mail send successfully';
}
else
{
echo'Mail is not send';
}
JimsFlutes2
5 Points
2014-07-30 5:16 pm EST
So the issue is probably related to the PHP SMTP setting set to localhost. It probably needs to be set to something different with McAfee enabled.
JimsFlutes2
5 Points
2014-07-30 5:34 pm EST
Hello JimsFlutes,

There shouldn't be anything related to enabling McAfee email protection and PHP mail not working. I took a look on your account and noticed that you had a php.ini file which is causing the issue with this line commented out:

;sendmail_path =

I have gone ahead and re-named this file for you to /public_html/php.ini-BAK so that the server's default PHP settings are used instead which has that commented out setting set to the correct:

sendmail_path = /usr/sbin/sendmail -t -i

If you needed to update PHP settings again using a php.ini file, just ensure that line gets changed over to match the server default and you should still be able to use your mail form.

Please let us know if you're still having any issues at all.

- Jacob
JacobIMH
9,968 Points
Staff
2014-07-30 6:54 pm EST
Thank you Jacob. That script has been working for 2 years untouched. Enabling McAfee must have done something that required settings that were different than in the PHP.INI file. That INI file may be a left over from my last host. I don't remember.

Now I just have to figure out how to get the emails to not be considered junk/spam. I tried adding an SPF for ecbiz126.inmotionhosting.com as a mail sender, but that did not seem to work. In general, the script is designed to put the email address the user enters as the from address. Maybe I should think about changing that, but it makes it convenient to reply to people. Any further assistance you can provide would be appreciated.
JimsFlutes2
5 Points
2014-07-30 9:07 pm EST
Hello JimsFlutes,

No problem at all. I don't believe that enabling McAfee email protection would touch the php.ini file. I had 2 other customers today also have similar issues with the default PHP mail() function due to changes to this file, and I submitted a ticket to our senior system admin team to have them review if this was a problem on our end, so I apologize for that and the confusion.

In order to get your e-mails that are sent from a PHP script to not be considered junk/spam by most email filters enabling SPF records can help, but most are still going to see a direct mailing from a PHP script unauthenticated and weight it as such. Essentially from a mail server perspective if you're checking the mail headers and you see the email was sent from a PHP script you have no way to verify that even though that domain has SPF records setup and a good mailing history that a malicious PHP script wasn't just placed on an account and used to relay spam.

This is where enabling SMTP Authentication in your PHP scripts can help a lot. That's because instead of directly calling the PHP mail() function to relay a message unauthenticated, your PHP script would instead literally go out to your SMTP host and have to authenticate with a valid email account and password that actually exists. A lot more trust from a mail server's perspective can be given to these types of PHP relayed mails, because if some random attacker happened to just place a PHP mailer script on your account, they still wouldn't know your valid email account credentials which allow you to confirm you're a real mail user of that domain.

We have a guide on using phpMailer to send mail in PHP which has built-in SMTP authentication and is a more robust PHP mailing solution.

It also has the ability to add a reply-to header, so that your email can still come from an actual existing email account on your own domain, but when you reply it can go to the person who submitted the form to your website.

The key things to look to adjust for these 2 things in that script would be this section of the phpMailer code:

$mail->SMTPAuth = true; // turn on SMTP authentication
$mail->Username = "jswan"; // SMTP username
$mail->Password = "secret"; // SMTP password

$mail->From = "from@example.com";
$mail->FromName = "Mailer";
$mail->AddAddress("josh@example.net", "Josh Adams");
$mail->AddAddress("ellen@example.com"); // name is optional
$mail->AddReplyTo("info@example.com", "Information");



Please let us know if you have any further questions at all, and sorry again for any inconvenience or confusion about the default PHP mail() function ceasing to function properly.

- Jacob
JacobIMH
9,968 Points
Staff
2014-07-30 11:42 pm EST
Like this Question?

Related Articles

It looks like there are no related articles.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!