PHP mail() is a great function to easily send emails from your website server. If you have ever used it before in action, or are currently using mail() to send out emails from your website or application, chances are you would find Gmail to be very persistent in attaching a ‘via’ field to the from address of your messages to the recipient. If you are on a shared host or have multiple websites on a VPS, the ‘via’ field would be the domain of a whole different website from that of the sending domain, which makes you very uncomfortable.
So how to make the ‘via’ field disappear in Gmail messages sent from your PHP mail() function? How to make the ‘mailed-by‘ field and the ‘signed-by‘ field to be the email-sending domain rather than the server hostname?
How to make Gmail trust your messages sent from the mail() function?
Get rid of Gmail ‘via’ field for PHP mail() messages and make your domain show up in ‘mailed-by’ and ‘signed-by’
Here are what you need to do to make Gmail completely trusts your domain and your PHP mail() messages sent from it.
1. SPF and DKIM
Firstly, you would need to set an SPF record for the domain you are sending emails from and enable DKIM as well. These are primarily for identifying your messages against spam.
2. "From: firstname.lastname@example.org"
Secondly, make sure you are setting the “From: ” header to be an email address on the domain you are sending messages from. Don’t pretend to be someone else. Use “From: email@example.com” if you are sending the messages from abc.com, rather than anything else, such as firstname.lastname@example.org, or email@example.com, or whatever. If you want the recipient to reply to your Gmail email instead of your domain email, use the “Reply-To: ” header. “From: ” must always be the domain email that you are sending the email from.
3. "Return-Path: firstname.lastname@example.org"
Thirdly and most importantly, set the “Return-Path: ” header to be the same domain as that of the “From: ” header. Use the 5th parameter of the mail() function for this:
mail('email@example.com', 'Subject', "Message Body", $headers, '-firstname.lastname@example.org')
So the Return-Path of this message would be “email@example.com” (the email address immediately following the -f switch). The $headers parameter should contain all the necessary message headers. Make sure “From: ” is firstname.lastname@example.org.
Now Gmail trusts all emails from yourdomain.com
After these steps and measures, Gmail should now completely trust your messages from yourdomain.com. The ‘via‘ field of your messages should be gone and the ‘mailed-by‘ field as well as the ‘signed-by‘ field should be correctly showing up as yourdomain.com.
Uploaded below is the screenshot of a message sent to my Gmail email from one of my websites (*ses.com) using the mail() function:
Both ‘mailed-by‘ and ‘signed-by‘ fields are correctly populated with the sending domain even though it is not the primary site nor hostname of the server that sends the email. The ‘via‘ field is also gone.
This site doesn’t have any SSL certificates installed.
Gmail is by far the best spam catcher of all email services so if they trust you, your emails sent by PHP mail() from yourdomain.com should look good in all other email inboxes. Our forum has also got a thread to cover this.
Thanks to Michael Gorven and Laura for the help.