I was playing around with my Postfix configuration, trying to get a setup working with multiple different domains. My goal was to be able to use a different relay host and authentication, based on the sender’s address in the message.
This turned out to be quite a simple solution — there’s a Postfix configuration setting called sender_dependent_relayhost_maps, which does exactly that. Problem solved, yeah? No.
Unfortunately it didn’t work with WordPress’ wp_mail(), which sent me on a fun digging journey. I found the ticket #37736 which is essentially trying to be really nice to hosting providers, who allow users to run sendmail
(which is what PHP’s mail()
executes), but if you happen to use the -f
flag, then it’s just going to fail silently.
The fix was to not set a Sender header, which honestly is a bit of a weird solution. It’s like writing a letter, sealing it in an envelope, writing the recipient address on the envelope, but leaving the sender address blank. In the old days the postman wouldn’t accept such an envelope, but in today’s digital world of e-mail, we have servers configured to provide “sane” defaults, like www-data@web0213.eu-ams4.rack09.crappyhost.info
.
In most cases it works, but there are quite a few things that can go wrong.
For example, if there’s a problem with mail delivery, the post office will try and contact you in Amsterdam on Rack 09. Another good example is when you’re sitting behind a DDoS protection service. The default Sender address will often give away your real origin IP, which an attacker can obtain by simply requesting a password reset or registration mail.
Anyway, if you’d like to set the Sender address to something that’s actually sane, you can do it on phpmailer_init
:
add_action( 'phpmailer_init', function( $m ) {
$m->Sender = $m->From;
} );
If your host doesn’t support the -f
flag for sendmail, and especially if it just fails silently, you should definitely get in touch with them and let them know you’re unhappy.
Not the other way around?
$m->Sender = $m->From;
Of course. Good catch, thanks!