Photo Gallery Forums

Not sure what is happening here, but it seems that the testing I have done all the emails come in with the ROOT User and not their email address, so I was checking here fore any clues and did not find anything that I could try. Strange, but is driving me sort of crazy.

I have tried my Gmail account and it does the same thing, and comes back with Root User.
Anyone running into the same problem?

Thanks in advance.

Dennis

Make sure setting is correct.
Setting > Setting > Mail > Recipient
Provide your email address here.

Dennis kaczor wrote:Not sure what is happening here, but it seems that the testing I have done all the emails come in with the ROOT User and not their email address, so I was checking here fore any clues and did not find anything that I could try. Strange, but is driving me sort of crazy.

You need to set the FROM field in email settings:

This field is not always required, but often you will have to set it as the SAME email as the recipient. Why? For some of you this may seem strange ... why have the same emails in FROM and RECIPIENT? This is simply because its NOT really the visitor who is sending the email ... They are just sending the message. It is your server that is sending the email, and that email should be valid. To avoid issues with spam (etc), technically your email should be sent FROM an email address, often on the same domain as the website (or in the case of using SMTP, from the same email account as the SMTP). When you receive the email from the contact form, it will be FROM the email added in the from field, but when you click REPLY-TO it will have the email address of the visitor.

This is just how modern email works from servers. If you don't add a FROM field, it will use the server ROOT user to send emails. Some servers don't require the FROM field, and will use the visitors email for sending, but technically this is old-fashioned and does not respect modern requirements from email, and is considered "spoofing" (thus may easily trigger spam filters).

mjau-mjau wrote:

Dennis kaczor wrote:Not sure what is happening here, but it seems that the testing I have done all the emails come in with the ROOT User and not their email address, so I was checking here fore any clues and did not find anything that I could try. Strange, but is driving me sort of crazy.

You need to set the FROM field in email settings:

This field is not always required, but often you will have to set it as the SAME email as the recipient. Why? For some of you this may seem strange ... why have the same emails in FROM and RECIPIENT? This is simply because its NOT really the visitor who is sending the email ... They are just sending the message. It is your server that is sending the email, and that email should be valid. To avoid issues with spam (etc), technically your email should be sent FROM an email address, often on the same domain as the website (or in the case of using SMTP, from the same email account as the SMTP). When you receive the email from the contact form, it will be FROM the email added in the from field, but when you click REPLY-TO it will have the email address of the visitor.

This is just how modern email works from servers. If you don't add a FROM field, it will use the server ROOT user to send emails. Some servers don't require the FROM field, and will use the visitors email for sending, but technically this is old-fashioned and does not respect modern requirements from email, and is considered "spoofing" (thus may easily trigger spam filters).

Thanks for the explanation, and you are right it does sound some what strange for having both from and to. I will add the email address in both fields and all should be good.

Dennis

Dennis kaczor wrote:Thanks for the explanation, and you are right it does sound some what strange for having both from and to. I will add the email address in both fields and all should be good.

Yes it may sound strange. Basically it's YOU (your website) sending to YOU (your email), and from a technical perspective, this is important. The visitor just adds the message and the reply-to address, but they are not really technically sending any email.

mjau-mjau wrote:

Dennis kaczor wrote:Thanks for the explanation, and you are right it does sound some what strange for having both from and to. I will add the email address in both fields and all should be good.

Yes it may sound strange. Basically it's YOU (your website) sending to YOU (your email), and from a technical perspective, this is important. The visitor just adds the message and the reply-to address, but they are not really technically sending any email.

That now makes sense to me Karl.

Thanks again for explaining this, much appreciated.

Dennis

Glad I found this thread.... Tried to work this out, but alas I would have never guessed to "hit" the reply button on one
of these incoming test messages with from / to being the same. In my case, however, NOT using the smtp option, would
even when hitting the reply button in my mail client show the same "To" address as the one configured. When using
SMTP and the 'From' field empty, the message comes as root@localhost, but retains the senders name and input e-mail, which
is becoming visible when trying to "reply" and the fields are populated with the e-mail of the message sender.
Thanks to all for helping to solve another issue that I couldn't work out by myself....

Just for some more information about WHY it works like this: In a world of increasing spam, email services and hosts have a lot of "demands" for the incoming email. One factor is the FROM address, which incoming mail servers use to help diagnose the legibility of the email ... If the FROM field can be populated by any address from the website-visitor, they could use "bill.gates@ microsoft.com" ... This is obviously SPOOFING, and would cause your server to get a "bad reputation". If your FROM field is populated by a real email, that is authorized to send, and normally on the same domain, then this is a good hint that the sent email is not spoofed ...

Most servers now REQUIRES a FROM field for email being sent, simply because lack of adding the field could lead to bad reputation for the server / smtp.

An email being sent is sent from your server, and not from the visitor who just inputs their email. The server needs to comply with modern email-sending policies to avoid getting a bad reputation, and to avoid emails being tagged as spam. To do this, the email being sent should have a verified sender (from) that is allowed to send on behalf of the website ... It can't just "send emails" without following modern policies and requirements.

To make things more complicated ( :/ ), one should really use SPF and DKIM to clearly verify to that your server is authorized to send on behalf of the FROM email. This implementation will basically tell all email hosts (google, hotmail, server-based spam-filters): "Hey I am an email and you can be 100% sure I am not spam because I have SPF and DKIM records in my domain DNS explaining that this sending-server is allowed to send for this email@domain!" ... It's basically the ultimate key to avoid emails being tagged as spam

Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain's administrators.

At Imagevue and Flamepix, we use Mandrill email service, which helps setup a proper framework for sending, and makes it simpler to diagnose. We have added SPF/DKIM records to our www.photo.gallery DNS, and use an authorized valid email for sender (from):

... which gives us an excellent sending reputation:

Any incoming email hosts (including Google/hotmail) will see our emails as a VIP "hey, let this guy through!".

So, even if you don't setup SPF or DKIM, it is important to understand that the FROM field should be valid, as it is used to verify the authenticity of the incoming email. If it was set to the person who visited the page, then your server is technically "spoofing" emails that it is not allowed to send from.

When we receive emails, it may look like this:

To: me, From: me (server), Reply-to: the guy who sent the email. It may sound strange, but there is nothing wrong with this verified setup.

SMTP
Normally, if you use an SMTP service like gmail, I believe the FROM field will automatically be forced to the same as the account email ... which makes sense.

I thought that was normal that's why I did not raise this issue hahaha... thanks OP and Karl.