mail

(PHP 4, PHP 5, PHP 7)

mail发送邮件

说明

bool mail ( string $to , string $subject , string $message [, string $additional_headers [, string $additional_parameters ]] )

发送一封电子邮件。

参数

to

电子邮件收件人,或收件人列表。

本字符串的格式必须符合 » RFC 2822。例如:

  • user@example.com
  • user@example.com, anotheruser@example.com
  • User <user@example.com>
  • User <user@example.com>, Another User <anotheruser@example.com>

subject

电子邮件的主题。

Caution

本项不能包含任何换行符,否则邮件可能无法正确发送。

message

所要发送的消息。

行之间必须以一个 LF(\n)分隔。每行不能超过 70 个字符。

Caution

(Windows 下)当 PHP 直接连接到 SMTP 服务器时,如果在一行开头发现一个句号,则会被删掉。要避免此问题,将单个句号替换成两个句号。

<?php
$text str_replace("\n.""\n.."$text);
?>

additional_headers(可选项)

String to be inserted at the end of the email header.

This is typically used to add extra headers (From, Cc, and Bcc). Multiple extra headers should be separated with a CRLF (\r\n).

Note:

When sending mail, the mail must contain a From header. This can be set with the additional_headers parameter, or a default can be set in php.ini.

Failing to do this will result in an error message similar to Warning: mail(): "sendmail_from" not set in php.ini or custom "From:" header missing.

Note:

If messages are not received, try using a LF (\n) only. Some poor quality Unix mail transfer agents replace LF by CRLF automatically (which leads to doubling CR if CRLF is used). This should be a last resort, as it does not comply with » RFC 2822.

additional_parameters (optional)

The additional_parameters parameter can be used to pass an additional parameter to the program configured to use when sending mail using the sendmail_path configuration setting. For example, this can be used to set the envelope sender address when using sendmail with the -f sendmail option.

The user that the webserver runs as should be added as a trusted user to the sendmail configuration to prevent a 'X-Warning' header from being added to the message when the envelope sender (-f) is set using this method. For sendmail users, this file is /etc/mail/trusted-users.

返回值

Returns TRUE if the mail was successfully accepted for delivery, FALSE otherwise.

It is important to note that just because the mail was accepted for delivery, it does NOT mean the mail will actually reach the intended destination.

更新日志

版本 说明
4.3.0 (Windows only) All custom headers (like From, Cc, Bcc and Date) are supported, and are not case-sensitive. (As custom headers are not interpreted by the MTA in the first place, but are parsed by PHP, PHP < 4.3 only supported the Cc header element and was case-sensitive).
4.2.3 The additional_parameters parameter is disabled in safe_mode and the mail() function will expose a warning message and return FALSE when used.
4.0.5 The additional_parameters parameter was added.

范例

Example #1 Sending mail.

Using mail() to send a simple email:

<?php
// The message
$message "Line 1\nLine 2\nLine 3";

// In case any of our lines are larger than 70 characters, we should use wordwrap()
$message wordwrap($message70);

// Send
mail('caffinated@example.com''My Subject'$message);
?>

Example #2 Sending mail with extra headers.

The addition of basic headers, telling the MUA the From and Reply-To addresses:

<?php
$to      'nobody@example.com';
$subject 'the subject';
$message 'hello';
$headers 'From: webmaster@example.com' "\r\n" .
    'Reply-To: webmaster@example.com' "\r\n" .
    'X-Mailer: PHP/' phpversion();

mail($to$subject$message$headers);
?>

Example #3 Sending mail with an additional command line parameter.

The additional_parameters parameter can be used to pass an additional parameter to the program configured to use when sending mail using the sendmail_path.

<?php
mail('nobody@example.com''the subject''the message'null,
   '-fwebmaster@example.com');
?>

Example #4 Sending HTML email

It is also possible to send HTML email with mail().

<?php
// multiple recipients
$to  'aidan@example.com' ', '// note the comma
$to .= 'wez@example.com';

// subject
$subject 'Birthday Reminders for August';

// message
$message '
<html>
<head>
  <title>Birthday Reminders for August</title>
</head>
<body>
  <p>Here are the birthdays upcoming in August!</p>
  <table>
    <tr>
      <th>Person</th><th>Day</th><th>Month</th><th>Year</th>
    </tr>
    <tr>
      <td>Joe</td><td>3rd</td><td>August</td><td>1970</td>
    </tr>
    <tr>
      <td>Sally</td><td>17th</td><td>August</td><td>1973</td>
    </tr>
  </table>
</body>
</html>
';

// To send HTML mail, the Content-type header must be set
$headers  'MIME-Version: 1.0' "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' "\r\n";

// Additional headers
$headers .= 'To: Mary <mary@example.com>, Kelly <kelly@example.com>' "\r\n";
$headers .= 'From: Birthday Reminder <birthday@example.com>' "\r\n";
$headers .= 'Cc: birthdayarchive@example.com' "\r\n";
$headers .= 'Bcc: birthdaycheck@example.com' "\r\n";

// Mail it
mail($to$subject$message$headers);
?>

Note:

If intending to send HTML or otherwise Complex mails, it is recommended to use the PEAR package » PEAR::Mail.

注释

Note:

The Windows implementation of mail() differs in many ways from the Unix implementation. First, it doesn't use a local binary for composing messages but only operates on direct sockets which means a MTA is needed listening on a network socket (which can either on the localhost or a remote machine).

Second, the custom headers like From:, Cc:, Bcc: and Date: are not interpreted by the MTA in the first place, but are parsed by PHP.

As such, the to parameter should not be an address in the form of "Something <someone@example.com>". The mail command may not parse this properly while talking with the MTA.

Note:

It is worth noting that the mail() function is not suitable for larger volumes of email in a loop. This function opens and closes an SMTP socket for each email, which is not very efficient.

For the sending of large amounts of email, see the » PEAR::Mail, and » PEAR::Mail_Queue packages.

Note:

The following RFCs may be useful: » RFC 1896, » RFC 2045, » RFC 2046, » RFC 2047, » RFC 2048, » RFC 2049, and » RFC 2822.

参见

User Contributed Notes

charles dot fisher at arconic dot com 11-Nov-2017 04:34
I migrated an application to a platform without a local transport agent (MTA). I did not want to configure an MTA, so I wrote this xxmail function to replace mail() with calls to a remote SMTP server. Hopefully it is of some use.

function xxmail($to, $subject, $body, $headers)
{
 $smtp = stream_socket_client('tcp://smtp.yourmail.com:25', $eno, $estr, 30);

 $B = 8192;
 $c = "\r\n";
 $s = 'myapp@someserver.com';

 fwrite($smtp, 'helo ' . $_ENV['HOSTNAME'] . $c);
  $junk = fgets($smtp, $B);

 // Envelope
 fwrite($smtp, 'mail from: ' . $s . $c);
  $junk = fgets($smtp, $B);
 fwrite($smtp, 'rcpt to: ' . $to . $c);
  $junk = fgets($smtp, $B);
 fwrite($smtp, 'data' . $c);
  $junk = fgets($smtp, $B);

 // Header
 fwrite($smtp, 'To: ' . $to . $c);
 if(strlen($subject)) fwrite($smtp, 'Subject: ' . $subject . $c);
 if(strlen($headers)) fwrite($smtp, $headers); // Must be \r\n (delimited)
 fwrite($smtp, $headers . $c);

 // Body
 if(strlen($body)) fwrite($smtp, $body . $c);
 fwrite($smtp, $c . '.' . $c);
  $junk = fgets($smtp, $B);

 // Close
 fwrite($smtp, 'quit' . $c);
  $junk = fgets($smtp, $B);
 fclose($smtp);
}
eeeugeneee 21-Jul-2017 10:39
Send mail with minimal requirements from email services.

<?php
    $encoding = "utf-8";

    // Preferences for Subject field
    $subject_preferences = array(
        "input-charset" => $encoding,
        "output-charset" => $encoding,
        "line-length" => 76,
        "line-break-chars" => "\r\n"
    );

    // Mail header
    $header = "Content-type: text/html; charset=".$encoding." \r\n";
    $header .= "From: ".$from_name." <".$from_mail."> \r\n";
    $header .= "MIME-Version: 1.0 \r\n";
    $header .= "Content-Transfer-Encoding: 8bit \r\n";
    $header .= "Date: ".date("r (T)")." \r\n";
    $header .= iconv_mime_encode("Subject", $mail_subject, $subject_preferences);

    // Send mail
    mail($mail_to, $mail_subject, $mail_message, $header);
?>
php at simoneast dot net 31-May-2017 02:19
Often it's helpful to find the exact error message that is triggered by the mail() function. While the function doesn't provide an error directly, you can use error_get_last() when mail() returns false.

<?php
$success = mail('example@example.com', 'My Subject', $message);
if (!$success) {
    $errorMessage = error_get_last()['message'];
}
?>

(Tested successfully on Windows which uses SMTP by default, but sendmail on Linux/OSX may not provide the same level of detail.)

Thanks to https://stackoverflow.com/a/20203870/195835
chris at ocproducts dot com 27-Apr-2017 07:15
Correction to my earlier note:

'"\n" is confirmed required for qmail and postfix, probably also for sendmail and exim but I have not tested.'

It only affects qmail.
chris at ocproducts dot com 27-Apr-2017 07:04
The 'sendmail' executable which PHP uses on Linux/Mac (not Windows) expects "\n" as a line separator.

This executable is a standard, and emulated by other MTAs.

"\n" is confirmed required for qmail and postfix, probably also for sendmail and exim but I have not tested.

If you pass through using "\r\n" as a separator it may appear to work, but your email will be subtly corrupted and some middleware may break. It only works because some systems will clean up your mistake.

If you are implementing DKIM be very careful, as DKIM checks will fail (at least on popular validation tools) if you screw this up. DKIM must be calculated using "\r\n" but then you must switch it all to "\n" when using the PHP mail function.

On Windows, however, you should use "\r\n" because PHP is using SMTP in this situation, and hence the normal rules of the SMTP protocol (not the normal rules of Unix piping) apply.
Hoffmann dot P at gmx dot net 31-Jan-2017 08:26
If you want to send more complex examples like multipart/mixed mails make sure that the first bit of mbstring.func_overload is not set as the overload mb-send-mail will base64 the hell of your mail body.
Anonymous 14-Dec-2016 07:18
Security advice: Although it is not documented, for the parameters $to and $subject the mail() function changes at least \r and \n to space. So these parameters are safe against injection of additional headers. But you might want to check $to for commas as these separate multiple addresses and you might not want to send to more than one recipient.

The crucial part is the $additional_headers parameter. This parameter can't be cleaned by the mail() function. So it is up to you to prevent unwanted \r or \n to be inserted into the values you put in there. Otherwise you just created a potential spam distributor.
SAR 24-Oct-2016 02:06
When using with sSMTP, I've found that the additional_parameters must be enclosed in quotes after the flags.

(The other documentation on this page has no quotes after the flags.)

e.g.:

$params = '-f"info@mail.com" -F"Info Service"';
$to = 'user@mail.com';
$subj = 'Subject Line';
$body = 'Body of the mail';
$headers = null;

mail($to, $subj, $body, $headers, $params);
tuxedobob 20-Aug-2016 04:41
mail() doesn't seem to appreciate the To address and From address being the same.

I spent several hours this afternoon wondering why I wasn't receiving mail but the function reported success before I finally changed the sender to something different.
marciomuzi at gmail dot com 17-Jun-2016 05:10
A simple class for sending email

<?php
class Email {
   

    private $to = array();

    private $cc = array();

    private $bCc = array();

    private $from = null;

    private $subject = null;

    private $body = null;
   
    private $contentType = 'html';
   
    public $charSet = 'UTF-8';

    public function isPlain()
    {
        $this->contentType= 'plain';
    }
   
    public function __construct()
    {       
        ;
    }

    public function setFrom($email, $name = null)
    {       
        if ($name !== null) {
            $stFrom = trim($email) . ' <' . trim($email) . '>';
        } else {
            $stFrom = $email;
        }
        $this->from = $stFrom;
    }
   
    public function setSubject($subject)
    {
        $this->subject = trim($subject);
    }

    public function setBody($body)
    {
        $this->body = $body;
    }
   
    private function addAddress($email, $destType, $name = null)
    {
        if ($name !== null) {
            $stTo = trim($name) . ' <' . trim($email) . '>';
        } else {
            $stTo = $email;
        }       
        $this->{$destType}[] = $stTo;       
    }

    public function addTo($email, $name = null)
    {               
        $this->addAddress($email, 'to', $name);
    }
   
    public function addCC($email, $name = null)
    {       
        $this->addAddress($email, 'cc', $name);
    }
   
    public function addBCC($email, $name = null)
    {       
        $this->addAddress($email, 'bCc', $name);
    }

    public function send()
    {       
        $stErros = '';       
        if ($this->from === null) {
            $stErros .= '<li>Informe o remetente da mensagem.</li>';
        }
        if (count($this->to) === 0) {
            $stErros .= '<li>Informe ao menos um destinatário.</li>';
        }
        if ($this->subject === null) {
            $stErros .= '<li>Informe o assunto da mensagem.</li>';
        }       
        if ($this->body === null) {
            $stErros .= '<li>Informe o texto da mensagem.</li>';
        }       
        if ($stErros !== '') {
            throw new Exception('Email erro(s): <ul>' . $stErros . '</ul>');
        }
       
        $headers = array();
        $headers[] = "MIME-Version: 1.0";
        $headers[] = "Content-type: text/{$this->contentType}; charset={$this->charSet}";              
        $headers[] = "From: {$this->from}";
       
        if (count($this->cc) > 0) {
            foreach ($this->cc as $bCc) {
                $headers[] = 'Cc: ' . $bCc;
            }        
        }
        if (count($this->bCc) > 0) {
            foreach ($this->bCc as $bCc) {
                $headers[] = 'Bcc: ' . $bCc;
            }        
        }
       
        $stTo = implode(", ", $this->to);
        $stHeaders = implode("\r\n", $headers);
       
        if ($this->contentType === 'html') {
            $body = '<html><head><title></title><meta http-equiv=Content-Type content=text/html; CHARSET=gb2312>';
            $body .= '</head><body><table width="800" border="0"><tr><td><p align="justify" style="color:#000000;">';
            $body .=  nl2br($this->body);
            $body .= '</p></td></tr></table></body></html>';
        } else {
            $body = $this->body;
        }

        $boSend = @mail($stTo, $this->subject, $body, $stHeaders);
        if (!$boSend) {
            throw new Exception('Email fail');
        }       
    }
 
    public function clearAllRecipients()
    {
        $this->to = array();
        $this->cc = array();
        $this->bCc = array();
    }

}
?>
jim at jimbrooking dot net 07-Jan-2016 01:17
I recently changed hosting companies and spent a day trying to see why an email script that had been working for years failed on the new server.

The answer was that the old hosting company's email server accepted multiple "CC:" lines in the additional headers string, and the new did not. Thus on the new server

...
$add_hdr .= "CC: " . $email1 . PHP_EOL;
$add_hdr .= "CC: " . $email2 . PHP_EOL;
...

did not work, but

...
$add_hdr .= "CC: " . $email1 . ", " . $email2 . PHP_EOL;
...

did work.

In both cases, PHP's mail() function returned no error, but until I placed both emails, comma-separated, in the same line I was getting the following error:

550 Messages should have one or no Cc headers, not 2.

Hope this helps someone.
jimmytrojan009 at gmail dot com 27-Oct-2015 03:05
I have tried many online tutorials to get mail() function working in windows, until i stumbled upon this website
http://php.codeindepth.com/php-sending-mail/

It really boils down to changing few directives in php.ini and sendmail.ini

Changes required in sendmail.ini

smtp_server=smtp.gmail.com
smtp_port=587
error_logfile=error.log
debug_logfile=debug.log
auth_username=your-gmail-id@gmail.com
auth_password=your-gmail-password
force_sender=your-gmail-id@gmail.com

Changes required in php.ini

SMTP=smtp.gmail.com
smtp_port=587
sendmail_from = your-gmail-id@gmail.com
sendmail_path = "\"C:\xampp\sendmail\sendmail.exe\" -t"
;sendmail_path = "C:\xampp\mailtodisk\mailtodisk.exe"
Alexandre T. 09-Sep-2015 05:19
For those who, just like me, was wondering what happens if you overwrite the "To" and "Subject" parameters with corresponding headers, here's your answer:

At least in unix environment (tested with CentOS6 + Exim), is that your custom headers are appended to email headers without any parsing. The final result is:

<?php
$headers = "To: header@ccc.com\r\n";
$headers .= "Subject: Subject as a header\r\n";
$headers .= "From: noreply@server.com";

mail("parameter@aaa.com", "Subject as a parameter", "Sample message", $headers);
/* Output:
To: parameter@aaa.com
Subject: Subject as a parameter
To: header@ccc.com
Subject: Subject as a header
From: noreply@server.com

Sample message.
*/
?>

As you can see, both headers are used.
Same thing happens when you use "" or FALSE as parameter, headers will still be duplicated:

<?php
mail(false, false, "Sample message", $headers);
/* Output:
To:
Subject:
To: header@ccc.com
Subject: Subject as a header
From: noreply@server.com
*/
?>

So, you SHOULD NEVER add custom "To" or "Subject" headers in your $headers parameter, as they will be placed AFTER the ones that you informed before in the MAIL() function parameters, very likely resulting in unexpected behaviours.

Behaviours known so far (tests using Exim / GMail):
- Exim read all "To:" headers, and send message to all of them;

- If you use $to parameter and add "To: {$to}" header, recipient will get two copies of the message;

- You can leave $to parameter empty, if you don't want any visible recipients (then, use only Bcc). However, anything "non-empty" (like $to="undisclosed-recipients") will be treated as a recipient, and your server will waste time and resources trying to send it and bouncing it when that delivery fails.

- Gmail only consider the first "Subject" header.
Filip 18-Apr-2015 06:48
Why mb_send_mail() is not listed in See Also section?

It's very handy for "something other than ASCII" users.
stefan at kozioleks dot net 25-Mar-2015 08:10
When setting additional headers while sending email, do not add an entry for "Subject" as shown in some examples.  Yahoo mail (and likely a few others) will not accept any emails with a "Subject" declared in the additional headers along with "Reply to", "From", etc.

It took two years and a lot of headache to finally discover this tidbit via trial and error.
pierreantoine dot covet at gmail dot com 19-Mar-2014 05:50
Hi,

I had lots of problems using the code in the exemple. HTML was not rightly formated in my email.
Problem solved by replacing "\r\n" by "\n" as header end line.
Tobias Christensen 22-Nov-2013 11:29
It might be good to know, that you might get some Header error using the boundary, if it's not done correctly.

I got the header error about wrong close of the boundary, which in my case wasn't what was really wrong.

The thing to fix this might be to give the header before this a "\n\r", which might fix it.

For my case I needed to this twice, as I am doing this as strings, but as arrays and implodes them at the end with the "\n\r". I did it also in the specific header array, where the boundary is generated.
antoine dot php dot net at bonnefoy dot eu 07-Sep-2013 12:01
Hello,

it's sometime hard to include multiple attachment, or to include pictures inside body.

Please find these 2 functions allowing sending email with attachment.
usage :
<?php
echo date("H:i:s");
echo mail::sendMail("to@domain.com", "Test Attach "date("H:i:s"), "Contenu du mail <a href=3D'domain.com'>domain.com</a>", __FILE__, "xx@domain.com",'' , true);
?>

source :

<?php

class mail {

    public static function prepareAttachment($path) {
        $rn = "\r\n";

        if (file_exists($path)) {
            $finfo = finfo_open(FILEINFO_MIME_TYPE);
            $ftype = finfo_file($finfo, $path);
            $file = fopen($path, "r");
            $attachment = fread($file, filesize($path));
            $attachment = chunk_split(base64_encode($attachment));
            fclose($file);

            $msg = 'Content-Type: \'' . $ftype . '\'; name="' . basename($path) . '"' . $rn;
            $msg .= "Content-Transfer-Encoding: base64" . $rn;
            $msg .= 'Content-ID: <' . basename($path) . '>' . $rn;
//            $msg .= 'X-Attachment-Id: ebf7a33f5a2ffca7_0.1' . $rn;
            $msg .= $rn . $attachment . $rn . $rn;
            return $msg;
        } else {
            return false;
        }
    }

    public static function sendMail($to, $subject, $content, $path = '', $cc = '', $bcc = '', $_headers = false) {

        $rn = "\r\n";
        $boundary = md5(rand());
        $boundary_content = md5(rand());

// Headers
        $headers = 'From: Mail System PHP <no-reply@domain.com>' . $rn;
        $headers .= 'Mime-Version: 1.0' . $rn;
        $headers .= 'Content-Type: multipart/related;boundary=' . $boundary . $rn;

        //adresses cc and ci
        if ($cc != '') {
            $headers .= 'Cc: ' . $cc . $rn;
        }
        if ($bcc != '') {
            $headers .= 'Bcc: ' . $cc . $rn;
        }
        $headers .= $rn;

// Message Body
        $msg = $rn . '--' . $boundary . $rn;
        $msg.= "Content-Type: multipart/alternative;" . $rn;
        $msg.= " boundary=\"$boundary_content\"" . $rn;

//Body Mode text
        $msg.= $rn . "--" . $boundary_content . $rn;
        $msg .= 'Content-Type: text/plain; charset=ISO-8859-1' . $rn;
        $msg .= strip_tags($content) . $rn;

//Body Mode Html       
        $msg.= $rn . "--" . $boundary_content . $rn;
        $msg .= 'Content-Type: text/html; charset=ISO-8859-1' . $rn;
        $msg .= 'Content-Transfer-Encoding: quoted-printable' . $rn;
        if ($_headers) {
            $msg .= $rn . '<img src=3D"cid:template-H.PNG" />' . $rn;
        }
        //equal sign are email special characters. =3D is the = sign
        $msg .= $rn . '<div>' . nl2br(str_replace("=", "=3D", $content)) . '</div>' . $rn;
        if ($_headers) {
            $msg .= $rn . '<img src=3D"cid:template-F.PNG" />' . $rn;
        }
        $msg .= $rn . '--' . $boundary_content . '--' . $rn;

//if attachement
        if ($path != '' && file_exists($path)) {
            $conAttached = self::prepareAttachment($path);
            if ($conAttached !== false) {
                $msg .= $rn . '--' . $boundary . $rn;
                $msg .= $conAttached;
            }
        }
       
//other attachement : here used on HTML body for picture headers/footers
        if ($_headers) {
            $imgHead = dirname(__FILE__) . '/../../../../modules/notification/ressources/img/template-H.PNG';
            $conAttached = self::prepareAttachment($imgHead);
            if ($conAttached !== false) {
                $msg .= $rn . '--' . $boundary . $rn;
                $msg .= $conAttached;
            }
            $imgFoot = dirname(__FILE__) . '/../../../../modules/notification/ressources/img/template-F.PNG';
            $conAttached = self::prepareAttachment($imgFoot);
            if ($conAttached !== false) {
                $msg .= $rn . '--' . $boundary . $rn;
                $msg .= $conAttached;
            }
        }

// Fin
        $msg .= $rn . '--' . $boundary . '--' . $rn;

// Function mail()
        mail($to, $subject, $msg, $headers);
    }

}

?>
ittasks at gmail dot com 29-Mar-2013 05:55
When dealing with mail headers "\n" and "\r\n" *sometimes* makes a big difference.

Once our CentOs servers got re-installed, all headers like:

  $headers = "MIME-Version: 1.0\r\n";
  $headers.= "Content-type: text/html; charset=iso-8859-1\r\n";
 ...

became part of message body instead of headers

I was able to fixed this by replacing "\r\n" with just "\n"
g dot kuizinas at anuary dot com 18-Jan-2013 03:46
<?php
**
 * Function responsible for sending unicode emails.
 *
 * @author Gajus Kuizinas <g.kuizinas@anuary.com>
 * @version 1.0.1 (2012 01 11)
 */
function mail_send($arr)
{
    if (!isset($arr['to_email'], $arr['from_email'], $arr['subject'], $arr['message'])) {
        throw new HelperException('mail(); not all parameters provided.');
    }
   
    $to            = empty($arr['to_name']) ? $arr['to_email'] : '"' . mb_encode_mimeheader($arr['to_name']) . '" <' . $arr['to_email'] . '>';
    $from        = empty($arr['from_name']) ? $arr['from_email'] : '"' . mb_encode_mimeheader($arr['from_name']) . '" <' . $arr['from_email'] . '>';
   
    $headers    = array
    (
        'MIME-Version: 1.0',
        'Content-Type: text/html; charset="UTF-8";',
        'Content-Transfer-Encoding: 7bit',
        'Date: ' . date('r', $_SERVER['REQUEST_TIME']),
        'Message-ID: <' . $_SERVER['REQUEST_TIME'] . md5($_SERVER['REQUEST_TIME']) . '@' . $_SERVER['SERVER_NAME'] . '>',
        'From: ' . $from,
        'Reply-To: ' . $from,
        'Return-Path: ' . $from,
        'X-Mailer: PHP v' . phpversion(),
        'X-Originating-IP: ' . $_SERVER['SERVER_ADDR'],
    );
   
    mail($to, '=?UTF-8?B?' . base64_encode($arr['subject']) . '?=', $arr['message'], implode("\n", $headers));
}
?>

Here is my helper function for those who are having problems properly handling UTF-8, subject, HTML, or even the headers data. I've been using it for over a year. It works fine with simple emails.

For anything more advanced (specifically, handling attachments and multiple email versions), you should be using an existing library like http://swiftmailer.org/.
shenyqwilliam 12-Nov-2012 11:32
If you're sending a large attachment, you may encounter overflow problem.
AFAIK, two common limits could be responsible.

1. Postfix message size limit.
Edit /etc/postfix/main.cf . Change the value of "message_size_limit".

2. Apache memory size limit for scripts.
Edit /etc/php.ini . Change the value of "memory_limit".

//Then reload (or restart) Postfix and Apache.
//Empirically, sending 200MB attachment requires 500MB memory.

Be careful! Raising memory limits may cause unexpected consequences, and is hence deprecated.
Recommended alternatives include:
* Pack and split attachment into several emails.
* Only include a link to the file. The receiver can download it later.
* Use IMAP/POP3 server (e.g. Dovecot).
bburch at bouncingpixel dot com 11-Oct-2012 09:13
When using the PHP mail() function with IIS 6 on Windows Server 2003, check your "Relay" settings on the SMTP Virtual Server in IIS.  If you grant access to 127.0.0.1 and set then set your php.ini SMTP to the same IP address (along with setting the same port 25), you should have success in sending mail. 

I'm using PHP 5.3 and have had success with this configuration and did not have to define the "sendmail_from" setting in our php.ini file.
Joost Brugman 30-Aug-2012 06:49
When using mail() under a windows installation (tested under Xampp 1.7.7) any line in $headers that is (between the first and last properly formatted mail header and not a properly formatted mail headers itself) or (that is empty) is removed. As a result MIME formatted messages get scrambled. I am not sure if this behaviour is by design, but this is what it seems to do.

Example $headers:
01 From: "me" <me@domain.com>
02 MIME-Version: 1.0
03 Content-Type: multipart/mixed;
04         boundary=streamline503e8a5d00efdMessage
05
06 --streamline503e8a5d00efdMessage
07 Content-Type: multipart/alternative;
08         boundary=streamline503e8a5d00efdBody
09
10 --streamline503e8a5d00efdBody
11 Content-Type: text/plain;
12         CHARSET=gb2312
13 Content-Transfer-Encoding: quoted-printable
14
15 This message is written in HTML only.
16
17 --streamline503e8a5d00efdBody
18 Content-Type: text/html;
19         CHARSET=gb2312
20 Content-Transfer-Encoding: quoted-printable
21
22 This is an email with <b>html</b>content
23 --streamline503e8a5d00efdBody--
24
25 --streamline503e8a5d00efdMessage--
26
27 .

Here, lines 05, 09, 10, 14, 15, 16, 17 are removed. The first properly formatted mail header is on line 01. The last properly formatted mail header is on line 20. The before mentioned entries are between 01 and 20, not properly formatted mail headers themselves and are therefore removed.
Also, lines 21, 24, 26 are removed because they are empty.

As a result this message will be delivered, but the mime structure is broken, since relevant lines are left out.

The solution is to pass lines 01 through 04 in $headers and to pass 06 through 26 to $message. $message will passed unchanged and the mime structure will remain intact.
martin dot farrow at versacloud dot com 06-Aug-2012 06:07
I've noticed that on some versions of PHP occasionally mail() returns the empty string for success, rather than true or false. The empty string evaluates to false.

if you use constructs like

if ( mail( ... ) ){
  # do something here on success
}

this wont work consistently.

so you need code like

$ret=mail(....)

if ( $ret == '' || $ret ){
  # do something here
}

to get consistent results.
pavel.lint at vk.com 16-May-2012 08:22
Here's a small handy function I use to send email in UTF-8.

 <?php
function mail_utf8($to, $from_user, $from_email,
                                             $subject = '(No subject)', $message = '')
   {
      $from_user = "=?UTF-8?B?".base64_encode($from_user)."?=";
      $subject = "=?UTF-8?B?".base64_encode($subject)."?=";

      $headers = "From: $from_user <$from_email>\r\n".
               "MIME-Version: 1.0" . "\r\n" .
               "Content-type: text/html; CHARSET=gb2312" . "\r\n";

     return mail($to, $subject, $message, $headers);
   }
?>
rexlorenzo at gmail dot com 02-May-2012 10:24
Be careful to not put extra spaces for the $headers variable.

For example, this didn't work on our servers:

$headers = "From: $from \r\n Bcc: $bcc \r\n";

But this did:

$headers = "From: $from\r\nBcc: $bcc\r\n";

Notice the removal of the spaces around the first \r\n.
Marc Parillo 18-Apr-2012 10:27
If you follow the suggested format for the $to field, you can list multiple addresses in a comma-delimited string with spaces.

The spaces could be an issue if you're experiencing a similar problem.  I was unable to send an e-mail to multiple addresses using that format.  It started working for me when I removed all of the spaces in the $to string.

Example:
<?php
$to = 'nobody@example.com,anotheruser@example.com,yetanotheruser@example.com'; // no spaces
mail($to, 'the subject', 'the message');
?>
yarik dot bohatsky at gmail dot com 18-Apr-2012 12:02
If you want to send UTF-8 HTML letter you need to mention charset twice:

1) In message header:
<?php
$headers .= 'Content-type: text/html; CHARSET=gb2312' . "\r\n";
?>

2) In HTML header:
<?php
$message = '
<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; CHARSET=gb2312" />
   <title>Fillon soutient à fond le retour d\'un Grand Prix de France</title>
</head>
<body>
   <p>Le Premier ministre Fran?ois Fillon, passionné d\'automobile et pilote à ses heures, a apporté un soutien appuyé au retour d\'un Grand Prix de France au calendrier 2013 de la Formule 1, en faisant un passage-éclair vendredi sur le circuit Paul Ricard dans le Var.</p>
</body>
</html>
';

In this case Outlook will also "understand" that message is encoded using UTF-8.
Max AT 15-Feb-2012 06:26
To define a mail sensitivity you have to put this line in the headers:

<?php
        $headers = "MIME-Version: 1.0\n" ;
        $headers .= "Content-Type: text/html; charset=\"iso-8859-1\"\n";

        $headers .= "Sensitivity: Personal\n";

 $status   = mail($to, $subject, $message,$headers);
?>

Possible Options:
Sensitivity: Normal, Personal, Private and Company-Confidential

These will be recognised and handled in Outlook, Thunderbird and others.
ABOMB 31-Jan-2012 07:16
I was having delivery issues from this function to Gmail, Yahoo, AOL, etc.  I used the notes here to figure that you need to be setting your Return-Path to a valid email to catch bounces.  There are two extra delivery gotchas on top of that:

1) The domain in the email used in the -f option in the php.ini sendmail parameter or in the mail() extra parameters field, needs to have a valid SPF record for the domain (in DNS as a "TXT" record type for sure and add an additional  "SPF" type record if possible).  Why? That's header field being used for spam checks.

2) You should also use a domain key or DKIM.  The trick here is that the domain key/DKIM is case sensitive!  I used Cpanel to create my domain key which automatically used all lowercase domain names in the key creation.  I found when  sending email and using a camel case "-f account@MyDomainHere.Com" option, my key was not accepted.  However it was accepted when I used "-f account@mydomainhere.com".

There are many other factors that can contribute to mail not getting to inboxes, including your own multiple failed testing attempts, so I suggest you consult each site's guidelines and don't ask me for help.  These are just the couple technical issues that helped my case.

I hope this saves someone some time and headaches...
debis at woh dot rr dot com 15-Dec-2011 12:09
This is for Windows Server 2003, IIS 6.0 with SMTP virtual server.

The problem I had was not including init_set for the SMTP server, I thought the SMTP definition in the IIS SMTP virtual server configuration would work.  When I sent mail manually this was not an issue. 

Also, $mail_sent = @mail( $to, $subject, $message, $headers ); wouldn't work but $mail_sent = mail($to, $subject, $message, $headers); did.
Lack of date_default_timezone_set() only caused a warning because php guessed what it should be.

This worked:
<?php
$to      = 'nobody@example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster@example.com' . "\r\n" .
    'Reply-To: webmaster@example.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();
ini_set ( "SMTP", "smtp-server.example.com" );
date_default_timezone_set('America/New_York');

mail($to, $subject, $message, $headers);
?>

And just so you can troubleshoot, this worked when sending mail from the command line/manually. CLI worked even though the php code without the init_set function wouldn't work.

You will notice that the "rcpt to" and "to" fields appear redundant, but if both are not used, the delivered mail's "to" field will be blank/empty.

-------------------------------
telnet www.example.com 25
helo
mail from: webmaster@example.com
rcpt to: someone@example.com
data
to: someone@example.com
subject: test again to make sure

this is my message
.
quit
-----------------------------------
saganwebdesign 14-Oct-2011 04:01
If you are getting frustrated that your email is being sent as plain text instead of HTML, typically one of your headers showing up in the email (even if other scripts on the same server seem to work fine!!!) then structure your headers like this:

<?php
$headers = 'From: You <you@example.com>' . "\n";
$headers .= 'MIME-Version: 1.0' . "\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
?>

Notice that the From is before the MIME and Content and only Content ends with "\r\n", the other are just "\n"

Not sure how it is possible for other scripts on the same server, same domain to work fine as shown in the very top instructions, and others need this crap... I spent a very frustrating couple hours figuring this out, hope you can avoid doing the same.
arunm 14-Sep-2011 02:24
It is also advisable to set the return path in the headers; hence it will avoid the email to land in the spam folder!
eg:

$headers.="Return-Path:<name@example.com>\r\n";
Anda 05-Sep-2011 08:57
Send Multi attachment email

<?php
function multi_attach_mail($to, $files, $sendermail){
    // email fields: to, from, subject, and so on
    $from = "Files attach <".$sendermail.">";
    $subject = date("d.M H:i")." F=".count($files);
    $message = date("Y.m.d H:i:s")."\n".count($files)." attachments";
    $headers = "From: $from";
 
    // boundary
    $semi_rand = md5(time());
    $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
 
    // headers for attachment
    $headers .= "\nMIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\"";
 
    // multipart boundary
    $message = "--{$mime_boundary}\n" . "Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
    "Content-Transfer-Encoding: 7bit\n\n" . $message . "\n\n";
 
    // preparing attachments
    for($i=0;$i<count($files);$i++){
        if(is_file($files[$i])){
            $message .= "--{$mime_boundary}\n";
            $fp =    @fopen($files[$i],"rb");
        $data =    @fread($fp,filesize($files[$i]));
                    @fclose($fp);
            $data = chunk_split(base64_encode($data));
            $message .= "Content-Type: application/octet-stream; name=\"".basename($files[$i])."\"\n" .
            "Content-Description: ".basename($files[$i])."\n" .
            "Content-Disposition: attachment;\n" . " filename=\"".basename($files[$i])."\"; size=".filesize($files[$i]).";\n" .
            "Content-Transfer-Encoding: base64\n\n" . $data . "\n\n";
            }
        }
    $message .= "--{$mime_boundary}--";
    $returnpath = "-f" . $sendermail;
    $ok = @mail($to, $subject, $message, $headers, $returnpath);
    if($ok){ return $i; } else { return 0; }
    }
?>
epheterson at gmail dot com 16-Aug-2011 07:48
After banging my head against the wall, I realized after my host updated PHP that the From line in the header requires quotes around the name where before it worked regardless. Otherwise it will report success, and not sent.

$headers .= 'From: "'. $Name . '" <' . $Email . '>' . "\r\n";
vigo dot von dot harrach at gmx dot de 19-May-2011 11:49
If using sendmail as transport agent, setting the "DeliveryMode" to "background" (asynchronous) instead of the default "interactive" (synchronous) makes mail() a lot faster, while still sending immediately.
You can either use the "additional parameters", e.g. mail($to, $subject, $message, $headers, 'O DeliveryMode=b'), or make this mode default by changing php.ini's "sendmail_path" to 'sendmail -t -i -O DeliveryMode=b'.
buraks78 at gmail dot com 08-May-2011 04:02
If you are having problems changing the Sender and Return-Path headers, make sure that you are editing the right configuration file. On my CentOS 5.6:

[root@server mail]# ll /usr/sbin/sendmail
lrwxrwxrwx 1 root root 21 Oct 26  2009 /usr/sbin/sendmail -> /etc/alternatives/mta
[root@server mail]# ll /etc/alternatives/mta
lrwxrwxrwx 1 root root 23 Apr  9 07:48 /etc/alternatives/mta -> /usr/sbin/sendmail.exim
[root@server mail]# ll /usr/sbin/sendmail.exim
lrwxrwxrwx 1 root root 4 Apr  9 07:45 /usr/sbin/sendmail.exim -> exim

I spent some time trying to figure out why my changes to the sendmail.mc file were being ignored. Naturally, Exim configuration is different than Sendmail. You need to edit the /etc/exim/exim.conf file instead:

remote_smtp:
  driver = smtp
  return_path = bounce@example.com
  headers_rewrite = apache@* info@example.com s

^ Don't forget the "s" at the end. See this page for more information: http://www.exim.org/exim-html-2.00/doc/html/spec_32.html#SEC669

If you are OK with displaying the apache user name (ie "Sender: apache@subdomain.example.com") in the email header, then just update the qualify_domain configuration option in the same file.

qualify_domain = example.com

This will fix the domain only (ie "Sender: apache@example.com").
shuitest at gmail dot com 03-Nov-2010 06:50
If you use mutt, do as below,

/usr/bin/mutt -s '$subject' -f /dev/null -e 'set copy=no' -e 'set from = "{$GLOBALS[cfg][email_from]}"' -a '$attach_file_full_path' '{$GLOBALS[cfg][email_to]}' </dev/null 2>&1;
Porjo 07-Jul-2010 08:19
Make sure you enclose \r\n in double quotes (not single quotes!) so that PHP can translate that into the correct linefeed code
umangberi at gmail dot com 02-May-2010 10:41
Outlook 2007 seemed to be a little finicky with me to have carriage returns in the headers. So any \r\n resulted in messages that had default apache messages sent over to me.

As soon as I removed \r from all of the headers, the script started working fine. Hope that helped.
rch+php at online dot lt 02-Jan-2010 10:46
RFC-2822 is quite explicit, that "Though some message   systems locally store messages in this format (which eliminates the need for translation between formats) and others use formats that differ from the one specified in this standard, local storage is outside of the scope of this standard."

And it is not just "some", but most Unix mailers choke when you try pipe CRLF instead of Unix line endings to "sendmail" command.  PHP is using line endings as is, so you have better chances for success if you use Unix file format or line endings.
Systemx 04-Nov-2009 11:29
Bare LFs in SMTP

Use This

<?php
// Fix any bare linefeeds in the message to make it RFC821 Compliant.
$message = preg_replace("#(?<!\r)\n#si", "\r\n", $message);
   
// Make sure there are no bare linefeeds in the headers
$headers = preg_replace('#(?<!\r)\n#si', "\r\n", $headers);
?>
John 20-Oct-2009 08:38
A quick note about the optional flags that can be passed to sendmail. -f will set the From address, -r will override the default Return-path that sendmail generates (typically the From address gets used). If you want your bouncebacks to go to a different address than the from address, try using both flags at once: "-f myfromemail@example.com -r mybounceemail@example.com"
Clayton Ginsburg 18-Aug-2009 09:38
I recently had an issue where the mail() function would work fine from the php cli but not from apache.

I eventually traced this down to the fact that I was using apparmor

Specifically, I configured apparmor to deny the apache user the ability to use /bin/dash

After changing apparmor to /bin/dash rix
and reloading the apparmor profile, mail worked

In other words, mail requires the account/program executing the script to be able to use /bin/dash

I hope this helps someone
Edward 01-Aug-2009 11:08
Currently my hosting service is on Godaddy. When attempting to use the mail function without the fifth parameter containing "-f", my message headers would not work.

Whenever your message headers do not work, simply try using the fifth parameter:

<?php
mail($to, $subject, $message, $headers, "-femail.address@example.com");
?>
php at caves dot org dot uk 28-Jul-2009 04:32
Setting an envelope-sender address avoids mail bounces annoying your system administrator.

If your mail cannot be delivered, it will be rejected to the address specified as the "SMTP-envelope-from" (or the "envelope sender" or "return path", depending on the terminology you like to use )

If you do not explicitly set an envelope-from address then PHP will default to the php.ini setting which - if you have not set this yourself - could be nobody@[your-ISP-domain] or anonymous@[your-ISP-domain], for example.

To avoid bothering the person at that address - or indeed, if you are wondering why you are not receiving mail rejections yourself - you should use the "-f" option in the <$additional_parameters> argument to set a valid address.

(and, by the way: If you do this, but you do not set a From: address in the <$additional_headers> argument then PHP will set a default From: address of "From: Nobody <your-envelope-sender-setting>". ).
d dot r at usask dot ca 05-Jun-2009 06:44
The example indicates \r\n at the end of each line in the headers but this was causing me problems as emails showed some of the headers as part of the body.  I simply used only \n as in some of the other examples and the problem went away.
Erich at gasboysnospam dot net 19-Feb-2009 04:43
if your mail is failing (returns false) be aware that many servers are configured to kill mail going out with a bcc or cc header.

The ideal workaround is to use the smtp functions which servers allow because of its better audit trail. Alternatively call the mail function several times.

I've just spent about four hours trying to work out what I was doing wrong!!
orjtor 19-Jan-2009 09:17
This is my solution of problems with Windows Mail on Vista. I got some of the headers in the mail body as plain text. When I removed '\r' and left just '\n' at the end of the two last lines of header it worked. This error didn't show up in my yahoo mail.
<?php
    $body = "<html>\n";
    $body .= "<body style=\"font-family:Verdana, Verdana, Geneva, sans-serif; font-size:12px; color:#666666;\">\n";
    $body = $message;
    $body .= "</body>\n";
    $body .= "</html>\n";
   
    $headers  = "From: My site<noreply@example.com>\r\n";
    $headers .= "Reply-To: info@example.com\r\n";
    $headers .= "Return-Path: info@example.com\r\n";
    $headers .= "X-Mailer: Drupal\n";
    $headers .= 'MIME-Version: 1.0' . "\n";
    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
   
    return mail($recipient, $subject, $message, $headers);
?>
php at ontheroad dot net dot nz 04-Nov-2008 06:00
Another possible cause for the "501 5.5.4 Invalid Address" type errors when sending mail from Windows is specifying BCC or CC parameters with no value.
molotster on google mail com 13-Oct-2008 10:03
Note, that single line should not contain more than 78 character, but is not allowed to contain more than 998 characters.

The possible consequences are:
Over 78 - clients are allowed to display the message in a "harder to read" way.
Over 998 - clients and servers are allowed to drop the message or cause any buffer-limit error.

See:
http://www.faqs.org/rfcs/rfc2822 part 2.1.1.
webmaster at plumage dot nl 01-Sep-2008 11:53
The work-around for a large quantity of recipients is putting the adresses in the header-section as Bcc adresses.
In this way the mail()-function opens and closes the SMTP connection only once:

<?php
$count_recip= count($recip);//where $recip represents an array of mail-adresses, from MySql-query or otherwise
$count='0';
$headers.="Bcc: ";
while($count < $count_recip){
$headers.=$recip[$count].", ";
$count ++;
}
$headers.="admin@example.com\r\n";
?>
akam 28-May-2008 03:55
There differenece in body, headers of email (with attachment, without attachment), see this complete example below:
work great for me (LINUX , WIN) and (Yahoo Mail, Hotmail, Gmail, ...)
<?php
$to      = $_POST['to'];
$email   = $_POST['email'];
$name    = $_POST['name'];
$subject = $_POST['subject'];
$comment = $_POST['message'];

$To          = strip_tags($to);
$TextMessage =strip_tags(nl2br($comment),"<br>");
$HTMLMessage =nl2br($comment);
$FromName    =strip_tags($name);
$FromEmail   =strip_tags($email);
$Subject     =strip_tags($subject);

$boundary1   =rand(0,9)."-"
.rand(10000000000,9999999999)."-"
.rand(10000000000,9999999999)."=:"
.rand(10000,99999);
$boundary2   =rand(0,9)."-".rand(10000000000,9999999999)."-"
.rand(10000000000,9999999999)."=:"
.rand(10000,99999);

 
for($i=0; $i < count($_FILES['youfile']['name']); $i++){
if(is_uploaded_file($_FILES['fileatt']['tmp_name'][$i]) &&
   !empty($_FILES['fileatt']['size'][$i]) &&
   !empty($_FILES['fileatt']['name'][$i])){
    
$attach      ='yes';
$end         ='';

   $handle      =fopen($_FILES['fileatt']['tmp_name'][$i], 'rb');
   $f_contents  =fread($handle, $_FILES['fileatt']['size'][$i]);
   $attachment[]=chunk_split(base64_encode($f_contents));
   fclose($handle);

$ftype[]       =$_FILES['fileatt']['type'][$i];
$fname[]       =$_FILES['fileatt']['name'][$i];
}
}

/***************************************************************
 Creating Email: Headers, BODY
 1- HTML Email WIthout Attachment!! <<-------- H T M L ---------
 ***************************************************************/
#---->Headers Part
$Headers     =<<<AKAM
From: $FromName <$FromEmail>
Reply-To: $FromEmail
MIME-Version: 1.0
Content-Type: multipart/alternative;
    boundary="$boundary1"
AKAM;

#---->BODY Part
$Body        =<<<AKAM
MIME-Version: 1.0
Content-Type: multipart/alternative;
    boundary="$boundary1"

This is a multi-part message in MIME format.

--$boundary1
Content-Type: text/plain;
    charset="windows-1256"
Content-Transfer-Encoding: quoted-printable

$TextMessage
--$boundary1
Content-Type: text/html;
    charset="windows-1256"
Content-Transfer-Encoding: quoted-printable

$HTMLMessage

--$boundary1--
AKAM;

/***************************************************************
 2- HTML Email WIth Multiple Attachment <<----- Attachment ------
 ***************************************************************/
 
if($attach=='yes') {

$attachments='';
$Headers     =<<<AKAM
From: $FromName <$FromEmail>
Reply-To: $FromEmail
MIME-Version: 1.0
Content-Type: multipart/mixed;
    boundary="$boundary1"
AKAM;

for($j=0;$j<count($ftype); $j++){
$attachments.=<<<ATTA
--$boundary1
Content-Type: $ftype[$j];
    name="$fname[$i]"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
    filename="$fname[$j]"

$attachment[$j]

ATTA;
}

$Body        =<<<AKAM
This is a multi-part message in MIME format.

--$boundary1
Content-Type: multipart/alternative;
    boundary="$boundary2"

--$boundary2
Content-Type: text/plain;
    charset="windows-1256"
Content-Transfer-Encoding: quoted-printable

$TextMessage
--$boundary2
Content-Type: text/html;
    charset="windows-1256"
Content-Transfer-Encoding: quoted-printable

$HTMLMessage

--$boundary2--

$attachments
--$boundary1--
AKAM;
}

/***************************************************************
 Sending Email
 ***************************************************************/
$ok=mail($To, $Subject, $Body, $Headers);
echo $ok?"<h1> Mail Sent</h1>":"<h1> Mail not SEND</h1>";
?>
richard at richard-sumilang dot com 22-Mar-2008 09:12
If you are using the sendmail app from an exim package or something you don't really need to change the normal parameters PHP gives it (-t -i) as other posts described.

I just added "-f myemail@example.com" and it worked.

One thing that got me stuck for a few hours was trying to figure out why the return-path was set as the user (user running php) and not what I was setting it with the -f option then I later found at that in order to forcefully set the return-path the user account running the command must be in exim's trusted users configuration! It helps to add trusted_groups as well then everything works fine :)
- Richard Sumilang
Gianluigi_Zanettini-MegaLab.it 10-Aug-2007 08:57
Please note that using an address in this format "Zane, CEO - MegaLab.it" <myaddrr@mydomain> (" are needed due to comma) works as expected under *nix, but WON'T WORK under Windows.

This is an example

<?php
mail("\"Zane, CEO - MegaLab.it\" <myaddrr@mydomain>", "prova da test_zane", "dai funziona...");
?>

It works under *unix, but it doensn't under Win: different error are reported:

Warning: mail() [function.mail]: SMTP server response: 553 5.0.0 <"Zane>... Unbalanced '"'

Warning: mail() [function.mail]: SMTP server response: 501 5.5.4 Invalid Address
Alex Jaspersen 31-May-2007 08:03
For qmail users, I have written a function that talks directly to qmail-queue, rather than going through the sendmail wrapper used by mail(). Thus it allows more direct control over the message (for example, you can adapt the function to display "undisclosed recipients" in to the To: header). It also performs careful validation of the e-mail addresses passed to it, making it more difficult for spammers to exploit your scripts.

Please note that this function differs from the mail() function in that the from address must be passed as a _separate_ argument. It is automatically put into the message headers and _does not_ need to be included in $additional_headers.

$to can either be an array or a single address contained in a string.
$message should not contain any carriage return characters - only linefeeds.

No validation is performed on $additional_headers. This is mostly unnecessary because qmail will ignore any additional To: headers injected by a malicious user. However if you have some strange mail setup it might be a problem.

The function returns false if the message fails validation or is rejected by qmail-queue, and returns true on success.

<?php
function qmail_queue($to, $from, $subject, $message, $additional_headers = "")
{
    // qmail-queue location and hostname used for Message-Id
    $cmd = "/var/qmail/bin/qmail-queue";
    $hostname = trim(file_get_contents("/var/qmail/control/me"));
   
    // convert $to into an array
    if(is_scalar($to))
        $to = array($to);
   
    // BEGIN VALIDATION
    // e-mail address validation
    $e = "/^[-+\\.0-9=a-z_]+@([-0-9a-z]+\\.)+([0-9a-z]){2,4}$/i";
    // from address
    if(!preg_match($e, $from)) return false;
    // to address(es)
    foreach($to as $rcpt)
    {
        if(!preg_match($e, $rcpt)) return false;
    }
   
    // subject validation (only printable 7-bit ascii characters allowed)
    // needs to be adapted to allow for foreign languages with 8-bit characters
    if(!preg_match("/^[\\040-\\176]+$/", $subject)) return false;
   
    // END VALIDATION
   
    // open qmail-queue process
    $dspec = array
    (
        array("pipe", "r"), // message descriptor
        array("pipe", "r") // envelope descriptor
    );
    $pipes = array();
    $proc = proc_open($cmd, $dspec, $pipes);
    if(!is_resource($proc)) return false;
   
    // write additional headers
    if(!empty($additional_headers))
    {
        fwrite($pipes[0], $additional_headers . "\n");
    }
   
    // write to/from/subject/date/message-ID headers
    fwrite($pipes[0], "To: " . $to[0]); // first recipient
    for($i = 1; $i < sizeof($to); $i++) // additional recipients
    {
        fwrite($pipes[0], ", " . $to[$i]);
    }
    fwrite($pipes[0], "\nSubject: " . $subject . "\n");
    fwrite($pipes[0], "From: " . $from . "\n");
    fwrite($pipes[0], "Message-Id: <" . md5(uniqid(microtime())) . "@" . $hostname . ">\n");
    fwrite($pipes[0], "Date: " . date("r") . "\n\n");
    fwrite($pipes[0], $message);
    fwrite($pipes[0], "\n");
    fclose($pipes[0]);
   
    // write from address and recipients
    fwrite($pipes[1], "F" . $from . "\0");
    foreach($to as $rcpt)
    {
        fwrite($pipes[1], "T" . $rcpt . "\0");
    }
    fwrite($pipes[1], "\0");
    fclose($pipes[1]);
   
    // return true on success.
    return proc_close($proc) == 0;
}
?>
bigtree at dontspam dot 29a dot nl 28-Feb-2007 01:46
Since lines in $additional_headers must be separated by \n on Unix and \r\n on Windows, it might be useful to use the PHP_EOL constant which contains the correct value on either platform.

Note that this variable was introduced in PHP 5.0.2 so to write portable code that also works in PHP versions before that, use the following code to make sure it exists:

<?php
if (!defined('PHP_EOL')) define ('PHP_EOL', strtoupper(substr(PHP_OS,0,3) == 'WIN') ? "\r\n" : "\n");
?>
johniskew2 19-Sep-2006 06:28
An important rule of thumb, because it seems few really follow it and it can alleviate so many headaches: When filtering your email headers for injection characters use a regular expression to judge whether the user's input is valid.  For example to see if the user entered a valid e-mail address use something like  [a-zA-Z0-9._%-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}.  Dont try to filter out bad characters (like searching for LF or CR), because you will ALWAYS miss something.  You can be sure your application is more secure going this route....provided the regular expression is valid!  This same point goes for any sort of form input not just for sending out emails.
thomas at p-devion dot de 24-Aug-2006 07:46
Change the function addattachment for multipartmail to auto detect the mime_content_type ...

<?php
     function addattachment($file){
         $fname = substr(strrchr($file, "/"), 1);
         $data = file_get_contents($file);
         $i = count($this->parts);
         $content_id = "part$i." . sprintf("%09d", crc32($fname)) . strrchr($this->to_address, "@");
         $this->parts[$i] = "Content-Type: ".mime_content_type($file)."; name=\"$fname\"\r\n" .
                           "Content-Transfer-Encoding: base64\r\n" .
                           "Content-ID: <$content_id>\r\n" .
                           "Content-Disposition: inline;\n" .
                           " filename=\"$fname\"\r\n" .
                           "\n" .
                           chunk_split( base64_encode($data), 68, "\n");
         return $content_id;
     }
?>
panoramical at gmail dot com 28-Jul-2006 01:19
Searched for ages on the internet trying to find something that parses EML files and then sends them...for all of you who want to send an EML files you first have to upload it, read it, then delete it. Here's my function...it's specialised for a single form where the user uploads the EML file.

<?php

if(isset($_POST['submit']))
{

// Reads in a file (eml) a user has inputted
function eml_read_in()
{

    $file_ext = stristr($_FILES['upload']['name'], '.');
   
    // If it is an eml file
    if($file_ext == '.eml')
    {
   
        // Define vars
        $dir = 'eml/';
        $file = $dir.basename($_FILES['upload']['name']);
        $carry = 'yes';
       
        // Try and upload the file
        if(move_uploaded_file($_FILES['upload']['tmp_name'], $file))
        {
       
            // Now attempt to read the file
            if($eml_file = file($file))
            {
           
                // Create the array to store preliminary headers
                $headers = array();
                $body = '';
                $ii = -1;

               
                // For every line, carry out this loop
                foreach($eml_file as $key => $value)
                {
               
                    $pattern = '^<html>';
                   
                    if(((eregi($pattern, $value)))||($carry == 'no'))
                    {
                   
                        // Stop putting data into the $headers array
                        $carry = 'no';
                        $i++;
                        $body .= $value;
                       
                    }
                   
                    else
                    {   
                       
                        // Separate each one with a colon
                        if(($eml_file_expl = explode(':', $value))&&($carry == 'yes'))
                        {

                       
                            // The row has been split in half at least...
                            if(isset($eml_file_expl[1]))
                            {
       
                                // Put it into the preliminary headers
                                $headers[$eml_file_expl[0]] = $eml_file_expl[1];
                           
                                // There might be more semicolons in it...
                                for($i=2;$i<=$count;$i++)
                                {
                           
                                    // Add the other values to the header
                                    $headers[$eml_file_expl[0]] .= ':'.$eml_file_expl[$i];
                                   
                                }
                           
                            }   
                           
                        }       
                   
                    }
                   
                }
               
                // Clear up the headers array
                $eml_values = array();
                $eml_values[to] = $headers[To];
                $eml_values[from] = $headers[From];
                $eml_values[subject] = $headers[Subject];
                $eml_values['reply-to'] = $headers['Reply-To'];
                $eml_values['content-type'] = $headers['Content-Type'];
                $eml_values[body] = $body;
               
                unlink($file);
       
                return $eml_values;
               
               
                       
            }
           
        }
       
        else
        {
       
            return '<p>File not uploaded - there was an error</p>';
                       
        }
       
    }
   
}   

// Takes information automatically from the $_FILES array...
$eml_pattern = eml_read_in()

// Headers definable...through eml_read_in() again, but I'm guessing they'll be the same for each doc...

if(mail($eml_pattern[to], $eml_pattern[subject], $eml_pattern[content], $headers)) echo 'Mail Sent';

?>
24-Jul-2006 05:55
correction for class multipartmail

<?php
function addmessage($msg = "", $ctype = "text/plain"){
         $this->parts[0] ....
?>

if you are adding attachment first and then addmessage you can easy overwrite added attachment - better use

<?php

function addmessage($msg = "", $ctype = "text/plain"){
         $this->parts[count($this->parts)] ....

?>
sander at cartel dot nl 20-Jul-2006 12:26
I found out that a ms server (ESMTP MAIL Service, Version: 5.0.2195.6713) also had the problem using CRLF in the headers:

If messages are not received, try using a LF (\n) only. Some poor quality Unix mail transfer agents replace LF by CRLF automatically (which leads to doubling CR if CRLF is used). This should be a last resort, as it does not comply with RFC 2822.

The suggested fix works.

Sander
Ben Cooke 15-Dec-2005 02:34
Note that there is a big difference between the behavior of this function on Windows systems vs. UNIX systems. On Windows it delivers directly to an SMTP server, while on a UNIX system it uses a local command to hand off to the system's own MTA.

The upshot of all this is that on a Windows system your  message and headers must use the standard line endings \r\n as prescribed by the email specs. On a UNIX system the MTA's "sendmail" interface assumes that recieved data will use UNIX line endings and will turn any \n to \r\n, so you must supply only \n to mail() on a UNIX system to avoid the MTA hypercorrecting to \r\r\n.

If you use plain old \n on a Windows system, some MTAs will get a little upset. qmail in particular will refuse outright to accept any message that has a lonely \n without an accompanying \r.
fontajos at phpeppershop dot com 21-Sep-2005 05:24
Problems with Microsoft Exchange and PHP as ISAPI-module

We found out, that if you want to send multipart mime emails using the PHP mail-function on a Windows box using a Microsoft Exchange server, you have to use separate containers for the mail body and the mail header.

In many examples like in http://www.zend.com/zend/trick/html-email.php or in the book PHP developers cookbook you find html multipart/alternative mailing solutions that build the mime header and the mail body into one PHP variable and send this as fourth argument (header) to the PHP mail-function. This works fine on most systems but not on the above mentioned combination.

We found a rather trivial solution: Simply split the mime mail header and the mail body into two separate variables and give them separately to the PHP mail function, example:

<?php
//add From: header
$headers = "From: webserver@localhost\r\n";

//specify MIME version 1.0
$headers .= "MIME-Version: 1.0\r\n";

//unique boundary
$boundary = uniqid("HTMLDEMO");

//tell e-mail client this e-mail contains//alternate versions
$headers .= "Content-Type: multipart/mixed; boundary = $boundary\r\n\r\n";

//plain text version of message
$body = "--$boundary\r\n" .
   "Content-Type: text/plain; charset=ISO-8859-1\r\n" .
   "Content-Transfer-Encoding: base64\r\n\r\n";
$body .= chunk_split(base64_encode("This is the plain text version!"));

//HTML version of message
$body .= "--$boundary\r\n" .
   "Content-Type: text/html; charset=ISO-8859-1\r\n" .
   "Content-Transfer-Encoding: base64\r\n\r\n";
$body .= chunk_split(base64_encode("This the <b>HTML</b> version!"));

//send message
mail("root@localhost", "An HTML Message", $body, $headers);
?>
GwarDrazul 15-Sep-2005 01:01
The article mentioned below is quite good to understand the problem of header injection. However, it suggests the following as a solution: look for "\n" and "\r" inside your user input fields (especially in those used for the $header param) and, if found reject the mail.

Allthough this will probably work I still believe it is better to have a "white list" of allowed characters instead of a "black list" with forbidden characters.

Example:
If you want a user to enter his name, then allow characters only!
If you want a user to enter his email adress, then check if the entry is a valid email adress.

Doing so might automatically solve problems which you didn't think of when you created the "black list". For SMTP headers colons are needed. If you check for a valid email adress the hacker won't be able to enter colons inside that form field.

I suggest using regular expressions for those checks.

For more information about regular expressions see:
http://www.regular-expressions.info/
msheldon at desertraven dot com 15-May-2005 09:09
Just a comment on some of the examples, and as a note for those who may be unaware. The SMTP RFC 822 is VERY explicit in stating that \r\n is the ONLY acceptable line break format in the headers, though is a little vague about the message body. While many MTAs will deal with just \n, I've run accross plenty of them that will exhibit "interesting" behaviours when this happens. Those MTAs that are strict in compliance will definitely break when header lines are terminated with only \n. They will also most likely break if the body of the message contains more than 1000 consecutive characters without a \r\n.*

Note that RFC 821 is a little more clear in defining:
"line
      A a sequence of ASCII characters ending with a <CRLF>."

RFC 821 makes no distinction between header lines and message body lines, since both are actually transmitted during the DATA phase.

Bottom line, best practice is to be sure to convert any bare \n characters in the message to \r\n.

* "The maximum total length of a text line including the <CRLF> is 1000 characters" (RFC 821)
jonte at macnytt dot com 25-Apr-2005 01:16
Users of Mac OS X Server need to activate SMTP part of the Mailserver before this is working.

Also note that if the ISP has blocked port 25 outgoing, you run into problems. You can find more info about this in the SMTP server log in Server Admin application if you run OSX Server.
php dot net at schrecktech dot com 03-Mar-2005 01:07
When sending MIME email make sure you follow the documentation with the "70" characters per line...you may end up with missing characters...and that is really hard to track down...
nospam at mingo dot ath dot cx 09-May-2004 03:55
If you're using a linux server using Postfix, and your server hasn't the host name set to a valid name (because it's behind a firewall in an intranet), it's possible that when sending mails using the mail function, some mail servers reject them. This is because they can't check the return path header. If you want to change the Return-Path used by sendmail init the php.ini and edit the sendmail_path variable to this:

sendmail_path = "sendmail -t -i -F webmaster@example.com -f webmaster@example.com"
Paul 25-Feb-2004 11:51
My mime multipart/alternative messages were going ok, until I switched to qmail with php .. after years of painfull searching, I came across this on the Life With Qmail 'Gotchas' section:

G.11. Carriage Return/Linefeed (CRLF) line breaks don't work

qmail-inject and other local injection mechanisms like sendmail don't work right when messages are injected with DOS-style carriage return/linefeed (CRLF) line breaks. Unlike Sendmail, qmail requires locally-injected messages to use Unix newlines (LF only). This is a common problem with PHP scripts.

So now, I can go back to sending emails with text AND html components :)
f dot touchard at laposte dot net 31-Jan-2003 04:46
***Encoding plain text as quoted-printable in MIME email***

If you don't want to install IMAP and use imap_8bit() to encode plain text or html message as quoted-printable
(friendly french special characters encoding :-) in MIME email, try this function.
I haven't fully tested it ( like with microtime with long mails). I send html message as 7-bit, so I didn't try yet with html.
If you have good html practise, you don't really need to encode html as quote-printable as it only uses 7-bit chars.
F.Touchard

<?php
function qp_encoding($Message) {
   
    /* Build (most polpular) Extended ASCII Char/Hex MAP (characters >127 & <255) */
    for ($i=0; $i<127; $i++) {
        $CharList[$i] = "/".chr($i+128)."/";
        $HexList[$i] = "=".strtoupper(bin2hex(chr($i+128)));
    }

    /* Encode equal sign & 8-bit characters as equal signs followed by their hexadecimal values */
    $Message = str_replace("=", "=3D", $Message);
    $Message = preg_replace($CharList, $HexList, $Message);

    /* Lines longer than 76 characters (size limit for quoted-printable Content-Transfer-Encoding)
        will be cut after character 75 and an equals sign is appended to these lines. */
    $MessageLines = split("\n", $Message);
    $Message_qp = "";
    while(list(, $Line) = each($MessageLines)) {
        if (strlen($Line) > 75) {
            $Pointer = 0;       
            while ($Pointer <= strlen($Line)) {
                $Offset = 0;
                if (preg_match("/^=(3D|([8-9A-F]{1}[0-9A-F]{1}))$/", substr($Line, ($Pointer+73), 3))) $Offset=-2;
                if (preg_match("/^=(3D|([8-9A-F]{1}[0-9A-F]{1}))$/", substr($Line, ($Pointer+74), 3))) $Offset=-1;
                $Message_qp.= substr($Line, $Pointer, (75+$Offset))."=\n";
                if ((strlen($Line) - ($Pointer+75)) <= 75) {               
                    $Message_qp.= substr($Line, ($Pointer+75+$Offset))."\n";
                    break 1;
                }
                $Pointer+= 75+$Offset;
            }
        } else {
            $Message_qp.= $Line."\n";
        }
    }       
    return $Message_qp;
}
?>