Sendmail is dead! Long live SMTP!
As with many things in life, recommendations and advice can change as time passes. For many years, the sendmail and PHP mail() function have been perfectly acceptable methods of getting contact form messages sent to website owners and site visitors.
Times have changed though. As more and more email providers are tightening the restrictions of what they consider an acceptable message format, the way we are advising users to handle email generated by their websites has changed accordingly.
SMTP – the way forward
Routing contact forms to use SMTP holds many benefits over PHP and sendmail. Although all 3 protocols can and do support SPF verification, only SMTP also supports DomainKeys signed email, something which Gmail in particular are enforcing more and more.
SPF spam protection
A domain which publishes an SPF record in their DNS basically lists those servers which are permitted to send email on behalf of that domain, thereby rooting out messages which are spoofed. Any mail server which checks SPF records will see what server sent a message, and drop any that it receives from servers that are not on the SPF record list. Domains which publish an SPF record are also less likely to be tagged as spam. To enable this option, log into account.34sp.com, click on the Manage Sites button, choose your domain, click on DNS, then SPF records, and click the button to add the record.
DomainKeys is an email authentication method in which emails are digitally signed on a domain by domain basis. You can enable this on outgoing mail and it ensures end-to-end integrity of the message. On creation, a pair of related keys are created. One is published in the domain’s DNS, the other is attached to every message sent via SMTP for that domain. The receiving mail server recognises that a message has been digitally signed and checks the sending domain’s DNS for a matching key pair. Only if the 2 key halves match is a message considered valid.
Again, domains which digitally sign their mail messages are less likely to have messages tagged as spam. To enable this option, log into account.34sp.com, click on the Manage Sites button, choose your domain, select Advanced, then DomainKeys Identified Mail, and you can do so from here.
As changes involve updating DNS, please allow up to 24 hours for any modifications that you do make to propagate.
How to update forms to use SMTP mail
If using WordPress, things couldn’t be easier. There are myriad WordPress plugins that will handle this, but we have found https://wordpress.org/plugins/wp-mail-smtp/ to be one of the easiest to configure as you just need to enter a server name, email address, and password. We don’t even need to be the provider handling your email as long as the log in credentials you set are correct.
Options for most other CMS (Content Management Systems) do exist – if you’re having trouble locating the relevant setting, please consult your CMS documentation. If you are still having trouble, do feel free to contact us on email@example.com and we will do our best to help.
With custom written code, things do get a bit more complicated, but can be achieved using the freely available PHPMailer code found at https://github.com/PHPMailer/PHPMailer – it just needs several variables to be updated to use valid mailbox details. Again, if you’re unsure of what any of these should be, please contact us on firstname.lastname@example.org