The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Emails from PHP scripts have server's domain and USER NAME!

Discussion in 'E-mail Discussions' started by earthrat, Jul 7, 2014.

  1. earthrat

    earthrat Active Member

    Nov 8, 2010
    Likes Received:
    Trophy Points:
    Bend, OR
    cPanel Access Level:
    Root Administrator
    I just updated the server from Apache 2.2.27/PHP 5.3.28 to Apache 2.4.9/PHP 5.4.30 and now this is happening. I read a previous post where the user was having this problem and the reply was that is how cPanel does it. I can guarantee that is not how it was working with the prior version I was using.

    I am rather shocked that the cPanel username and hostname of the server is used to construct the envelope-sender address when a PHP form is not configured right. We try to keep information like cPanel user names from being discovered and cPanel is freely giving this out by default... WHY???

    I do not want to use a real email address on my forms that go to a person just because they fill out a form and I most certainly dont want them to know my cPanel login name. I don't want to use the SMTP feature as again it needs a real email address to make work and for my clients that us GoCrappy for their email host this fails anyway.

    I have contacted the developer regarding this and told him about their application using the 5th argument to the PHP mail() function to send the '-f' switch to sendmail so that it sets the correct "Return-Path" as was a recommendation to a prior post. However this same cPanel support person claims this is the only other way and I know there has to be something I can set on the server side to make this work as it worked fine prior to my update.
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello :)

    Using SMTP authentication for mailing purposes is the recommended solution to this problem. A real email address is actually required for SMTP purposes, and ensures a valid email address is used in the message header.

    Thank you.

Share This Page