I'm working on a web application. A user will create an email message that will be sent to another person.
我正在开发一个Web应用程序。用户将创建将发送给另一个人的电子邮件。
I would like the e-mail that gets sent to appear from the user's name and e-mail address of the user on my system. And if they reply to the e-mail then it should go directly to the sender's email address.
我希望发送的电子邮件显示在我系统上用户的用户名和电子邮件地址中。如果他们回复电子邮件,那么它应该直接转到发件人的电子邮件地址。
However I am worried about the email message looking like spam to email filters along the way.
但是,我担心电子邮件看起来像垃圾邮件到电子邮件过滤器。
Is there a proper way to do this?
有没有正确的方法来做到这一点?
I noticed on a "contact" page on a WordPress blog that something very similar is done. The e-mail headers look like:
我注意到在WordPress博客上的“联系”页面上发生了类似的事情。电子邮件标题如下所示:
To: email@domain.com
Subject: [Test Blog] =?UTF-8?B?aGVsbA==?=
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
From:=?UTF-8?B?aGVsbA==?=<sender@senderdomain.com>
Message-Id: <20090207234737.39C9522802F3@web7.sat.wordpress.com>
Date: Sat, 7 Feb 2009 23:47:37 +0000 (UTC)
Return-Path: donotreply@wordpress.com
What is interesting is that the display name in the "from" tag and the name that shows up in the subject line is encoded. I do not know if this helps with the spam filters or not, but thought it was at least worth mentioning.
有趣的是,“from”标签中的显示名称和主题行中显示的名称是编码的。我不知道这是否有助于垃圾邮件过滤器,但认为它至少值得一提。
Also, who would receive an undeliverable notification in this example? Would it go to sender@senderdomain.com or would it go to donotreply@wordpress.com?
此外,在此示例中,谁会收到无法投递的通知?它会发送到sender@senderdomain.com还是会转到donotreply@wordpress.com?
6 个解决方案
#1
Setting email fields is generally trivial, but the exact method of doing so depends on the language and framework you are using, which you don't mention. Usually it is a matter of creating a new email object, and just doing something along the lines of:
设置电子邮件字段通常是微不足道的,但这样做的确切方法取决于您使用的语言和框架,您没有提及。通常,这是创建一个新的电子邮件对象的问题,并且只是按照以下方式执行:
email.from = "From Name <fromemailaddress@example.com>";You can set the specific from address to your user's, if you like, it is not at all uncommon though I personally am not a fan. You could also set the from field to something like: "Sender Name (via Your Site Name) <yourresponseaddress@example.com>".
您可以设置具体的地址到您的用户,如果您愿意,虽然我个人不是粉丝,但这并不常见。您还可以将from字段设置为:“发件人名称(通过您的站点名称)
#2
Basically all you need to do is set the From header to the email address of the user sending the email. The value of From is what is displayed in a recipient's email client. Most spam detection systems in place today look only at the message content, not the email headers, so you currently wouldn't have that much of a problem based on what you set the From header to.
基本上,您只需将From标头设置为发送电子邮件的用户的电子邮件地址即可。 From的值是收件人的电子邮件客户端中显示的内容。现在大多数垃圾邮件检测系统只关注邮件内容,而不是电子邮件标题,因此根据您设置From标头的内容,您目前不会遇到太多问题。
However, there are some systems which are gaining popularity which could prevent you from sending email with somebody else's email address - most notably SPF, the Sender Policy Framework Basically, a mail server that implements SPF will check the domain of the From address of each email it receives and check with that domain directly to see if it authorizes the email. For example, if your server is mydomain.com, the email address of the user is abcdef@gmail.com, and the recipient is blah@example.com,
但是,有一些系统越来越受欢迎,可能会阻止您发送电子邮件与其他人的电子邮件地址 - 最明显的SPF,发件人政策框架基本上,实施SPF的邮件服务器将检查每封电子邮件的发件人地址的域它直接接收并检查该域名以查看它是否授权该电子邮件。例如,如果您的服务器是mydomain.com,则该用户的电子邮件地址为abcdef@gmail.com,收件人为blah@example.com,
-
mydomain.comcontactsexample.comvia SMTP to try to send the email -
example.comlooks up the SPF records forgmail.com -
example.comchecks whethermydomain.comis on the list of domains allowed to send email with the domaingmail.com - If it's not, the email is blocked
mydomain.com通过SMTP联系example.com尝试发送电子邮件
example.com查找gmail.com的SPF记录
example.com检查mydomain.com是否在允许使用域gmail.com发送电子邮件的域列表中
如果不是,则电子邮件被阻止
Also, I found a forum post suggesting that Return-Path is the intended destination for undeliverable notifications. Apparently that header is set based on the value of the SMTP MAIL FROM command.
此外,我发现一个论坛帖子,建议Return-Path是无法投递通知的预定目的地。显然,该头是根据SMTP MAIL FROM命令的值设置的。
#3
Don't do this.
不要这样做。
It really depends on how your mail relay is set up, but actually just don't do it. From header should contain the email address that sent the email, in your case webmaster@whatever.com. If you want people to reply to a different address, you can always use the Reply-To header. Here are some notes.
这实际上取决于你的邮件中继设置如何,但实际上就是不这样做。来自标题应包含发送电子邮件的电子邮件地址,在您的案例中为webmaster@whatever.com。如果您希望人们回复其他地址,您始终可以使用“回复”标题。这是一些笔记。
#4
If I understand the standard (RFC 822) correctly, this is exactly what the Sender header is for (see §4.4.2. SENDER / RESENT-SENDER). Still, I'd go with a different approach and use your sites official contact address in the From header and put the user's address in the Reply-To header. Maybe add some boilerplate text that clearly states where the mail is coming from.
如果我正确理解标准(RFC 822),这正是Sender标头的用途(参见§4.4.2.SENDER/ RESENT-SENDER)。不过,我会采用不同的方法,在From标头中使用您的网站官方联系地址,并将用户的地址放在Reply-To标头中。也许添加一些样板文本,清楚地说明邮件的来源。
One further advice besides the technical stuff: don't let anonymous users use this facility, you'd become a perfect platform for spamming. Also, out of kindness, you probably want to make sure that your (registered) users know that their email addresses are exposed to the recipients.
除技术内容之外的另一个建议是:不要让匿名用户使用此功能,您将成为垃圾邮件的完美平台。此外,出于善意,您可能希望确保您的(注册)用户知道他们的电子邮件地址是向收件人公开的。
#5
Be aware that doing this will make spam filters more suspicious of your email. Combined with suspicious looking content your email may get filtered.
请注意,这样做会使垃圾邮件过滤器更加怀疑您的电子邮件。结合可疑的内容,您的电子邮件可能会被过滤掉。
#6
Whoever is in the "From" header will receive the undeliverable notification.
“From”标题中的任何人都将收到无法投递的通知。
For the filtering - it really depends more on the subject and body of your message than the From address. So with that said, a couple ideas....
对于过滤 - 它实际上更多地取决于消息的主题和正文而不是From地址。所以说,有几个想法....
- Use HTML encoding rather than Plain Text with simple formatting (I know there's probably an argument going the other way but in my personal experience HTML gets through more often)
- Always include a footer with ("This e-mail was sent to you from ... blah blah") to identify it; if you don't want people to know it's coming from your system (i.e. really impersonated from the "From" user) then you need to find a more legit way to take care of the requirement.
- If at all possible, use a real address from your system as the "From" address with the address of the user as the "Reply-To".
使用HTML编码而不是简单格式的纯文本(我知道可能有另一种说法,但根据我的个人经验,HTML会更频繁地通过)
总是包括一个页脚(“这封电子邮件是从......等等发送给你的”)来识别它;如果您不希望人们知道它来自您的系统(即真正冒充“From”用户),那么您需要找到一种更合法的方式来处理该要求。
如果可能,请使用系统中的实际地址作为“发件人”地址,并将用户地址作为“回复”。
#1
Setting email fields is generally trivial, but the exact method of doing so depends on the language and framework you are using, which you don't mention. Usually it is a matter of creating a new email object, and just doing something along the lines of:
设置电子邮件字段通常是微不足道的,但这样做的确切方法取决于您使用的语言和框架,您没有提及。通常,这是创建一个新的电子邮件对象的问题,并且只是按照以下方式执行:
email.from = "From Name <fromemailaddress@example.com>";You can set the specific from address to your user's, if you like, it is not at all uncommon though I personally am not a fan. You could also set the from field to something like: "Sender Name (via Your Site Name) <yourresponseaddress@example.com>".
您可以设置具体的地址到您的用户,如果您愿意,虽然我个人不是粉丝,但这并不常见。您还可以将from字段设置为:“发件人名称(通过您的站点名称)
#2
Basically all you need to do is set the From header to the email address of the user sending the email. The value of From is what is displayed in a recipient's email client. Most spam detection systems in place today look only at the message content, not the email headers, so you currently wouldn't have that much of a problem based on what you set the From header to.
基本上,您只需将From标头设置为发送电子邮件的用户的电子邮件地址即可。 From的值是收件人的电子邮件客户端中显示的内容。现在大多数垃圾邮件检测系统只关注邮件内容,而不是电子邮件标题,因此根据您设置From标头的内容,您目前不会遇到太多问题。
However, there are some systems which are gaining popularity which could prevent you from sending email with somebody else's email address - most notably SPF, the Sender Policy Framework Basically, a mail server that implements SPF will check the domain of the From address of each email it receives and check with that domain directly to see if it authorizes the email. For example, if your server is mydomain.com, the email address of the user is abcdef@gmail.com, and the recipient is blah@example.com,
但是,有一些系统越来越受欢迎,可能会阻止您发送电子邮件与其他人的电子邮件地址 - 最明显的SPF,发件人政策框架基本上,实施SPF的邮件服务器将检查每封电子邮件的发件人地址的域它直接接收并检查该域名以查看它是否授权该电子邮件。例如,如果您的服务器是mydomain.com,则该用户的电子邮件地址为abcdef@gmail.com,收件人为blah@example.com,
-
mydomain.comcontactsexample.comvia SMTP to try to send the email -
example.comlooks up the SPF records forgmail.com -
example.comchecks whethermydomain.comis on the list of domains allowed to send email with the domaingmail.com - If it's not, the email is blocked
mydomain.com通过SMTP联系example.com尝试发送电子邮件
example.com查找gmail.com的SPF记录
example.com检查mydomain.com是否在允许使用域gmail.com发送电子邮件的域列表中
如果不是,则电子邮件被阻止
Also, I found a forum post suggesting that Return-Path is the intended destination for undeliverable notifications. Apparently that header is set based on the value of the SMTP MAIL FROM command.
此外,我发现一个论坛帖子,建议Return-Path是无法投递通知的预定目的地。显然,该头是根据SMTP MAIL FROM命令的值设置的。
#3
Don't do this.
不要这样做。
It really depends on how your mail relay is set up, but actually just don't do it. From header should contain the email address that sent the email, in your case webmaster@whatever.com. If you want people to reply to a different address, you can always use the Reply-To header. Here are some notes.
这实际上取决于你的邮件中继设置如何,但实际上就是不这样做。来自标题应包含发送电子邮件的电子邮件地址,在您的案例中为webmaster@whatever.com。如果您希望人们回复其他地址,您始终可以使用“回复”标题。这是一些笔记。
#4
If I understand the standard (RFC 822) correctly, this is exactly what the Sender header is for (see §4.4.2. SENDER / RESENT-SENDER). Still, I'd go with a different approach and use your sites official contact address in the From header and put the user's address in the Reply-To header. Maybe add some boilerplate text that clearly states where the mail is coming from.
如果我正确理解标准(RFC 822),这正是Sender标头的用途(参见§4.4.2.SENDER/ RESENT-SENDER)。不过,我会采用不同的方法,在From标头中使用您的网站官方联系地址,并将用户的地址放在Reply-To标头中。也许添加一些样板文本,清楚地说明邮件的来源。
One further advice besides the technical stuff: don't let anonymous users use this facility, you'd become a perfect platform for spamming. Also, out of kindness, you probably want to make sure that your (registered) users know that their email addresses are exposed to the recipients.
除技术内容之外的另一个建议是:不要让匿名用户使用此功能,您将成为垃圾邮件的完美平台。此外,出于善意,您可能希望确保您的(注册)用户知道他们的电子邮件地址是向收件人公开的。
#5
Be aware that doing this will make spam filters more suspicious of your email. Combined with suspicious looking content your email may get filtered.
请注意,这样做会使垃圾邮件过滤器更加怀疑您的电子邮件。结合可疑的内容,您的电子邮件可能会被过滤掉。
#6
Whoever is in the "From" header will receive the undeliverable notification.
“From”标题中的任何人都将收到无法投递的通知。
For the filtering - it really depends more on the subject and body of your message than the From address. So with that said, a couple ideas....
对于过滤 - 它实际上更多地取决于消息的主题和正文而不是From地址。所以说,有几个想法....
- Use HTML encoding rather than Plain Text with simple formatting (I know there's probably an argument going the other way but in my personal experience HTML gets through more often)
- Always include a footer with ("This e-mail was sent to you from ... blah blah") to identify it; if you don't want people to know it's coming from your system (i.e. really impersonated from the "From" user) then you need to find a more legit way to take care of the requirement.
- If at all possible, use a real address from your system as the "From" address with the address of the user as the "Reply-To".
使用HTML编码而不是简单格式的纯文本(我知道可能有另一种说法,但根据我的个人经验,HTML会更频繁地通过)
总是包括一个页脚(“这封电子邮件是从......等等发送给你的”)来识别它;如果您不希望人们知道它来自您的系统(即真正冒充“From”用户),那么您需要找到一种更合法的方式来处理该要求。
如果可能,请使用系统中的实际地址作为“发件人”地址,并将用户地址作为“回复”。