Most mail servers overwrite the 'Return-path' header sent by the PHP mail() function by a default email address (httpd@hostingcompany.com or apache@drupal.org). This is bad as the bounced emails will not be routed back to the sender or the original Return-path address. If you have your own server you can change it in the php.ini, but in the case of a shared hosting or on a multidomain server, you need to specify it for your own site.
The PHP mail() offers the additional_parameters to fix that. -fme@mysite.com
will ensure that the Return-path of the email you send is me@mysite.com
This patch adds this line to the mail function of common.inc:
'-f'.$defaults['Return-Path']
and uses the site_mail variable as default Return-Path.
Comment | File | Size | Author |
---|---|---|---|
#170 | mail-131737-170.patch | 3.43 KB | jvns |
#169 | mail-131737-169.patch | 3.66 KB | jvns |
#168 | mail-131737-168.patch | 3 KB | Albert Volkman |
#161 | mail-131737-161.patch | 2.63 KB | oriol_e9g |
#156 | 131737.png | 124.89 KB | kattekrab |
Comments
Comment #1
Steven CreditAttribution: Steven commentedComment #2
scor CreditAttribution: scor commentedAll right. This should look better.
There are comments along with the code I added.
1. the default envelope Return-Path address is set: site-mail or ini_get('sendmail_from'). It will be overwritten by $from if it is present.
2. the return path is passed through mime_header_encode(), and then in the additional_parameters of mail().
Comment #3
Steven CreditAttribution: Steven commentedWhat happens if you're not using sendmail?
Comment #4
scor CreditAttribution: scor commentedNothing different than before. The patch makes sure that $return_path is not empty before applying it to the mail function.
If no sendmail value is found through ini_get('sendmail_from'), then the default site-mail value is used.
I tried with a fresh install of drupal, and if no sendmail address is found (no from, no sendmail_from and no site-mail), then the emails are sent with an empty from field.
Comment #5
drewish CreditAttribution: drewish commentedscor, why not just set the 'Return-Path' as part of the initial assignment of the $defaults array?
Comment #6
scor CreditAttribution: scor commentedThis is already done, but the point of this patch is to add the
-f
option in the mail function, otherwise PHP will overwrite our return-path by the one set on the server. See the first post for more details.Comment #7
scor CreditAttribution: scor commentedFrom the PHP Mail() function page:
- The additional_parameters parameter was added in PHP 4.0.5
- The additional_parameters parameter is disabled in safe_mode and the mail() function will expose a warning message and return FALSE when used (PHP 4.2.3)
That means they could be some issue on some configurations older than PHP 4.0.5.
There is a module here : http://drupal.org/project/returnpath
Don't you think it would be good to have this basic feature in the core instead of having to use an extra module?
Comment #8
drewish CreditAttribution: drewish commentedwe only support php 4.3.3 and higher
(personally i think it's silly some created a module for a one line patch)
Comment #9
scor CreditAttribution: scor commentedre The additional_parameters parameter is disabled in safe_mode and the mail() function will expose a warning message and return FALSE when used (PHP 4.2.3)
-> I added the safe_mode compatibility to the patch.
Steven, I got it working fine on 3 different servers: postfix, Exim 4.63 and qmail (all with safe_mode OFF).
before:
Return-Path: <httpd@web9.hostingcompany.com>
after:
Return-Path: <myemail@mysite.com>
is there any chance to get this committed before next month?
Comment #10
scor CreditAttribution: scor commentedDoes that patch need more testing before being commited?
I've been using it for a while now without any problem.
Comment #11
drewish CreditAttribution: drewish commentedit's a pain in the ass getting enough reviews to get something committed. but it needs testing because if it gets committed and breaks a bunch of people's sites it's a pain in everyone's butt.
Comment #12
drummI do not think this patch avoids or gracefully handles this:
http://us3.php.net/manual/en/function.mail.php
This patch especially needs testing on a Windows server.
Comment #13
Damien Tournoud CreditAttribution: Damien Tournoud commented#252502: Sent emails rejected by mail servers when using PHP mail() was a duplicate.
Also bumping release because that "issue" (I would say "inconvenience", because drupal_mail_wrapper() exists just for this purpose) is present in all supported versions.
Comment #14
arhak CreditAttribution: arhak commentedsubscribing
Comment #15
AmrMostafa CreditAttribution: AmrMostafa commentedI think this is a pretty important issue which I duplicated. But I also don't know of any portable way to achieve this (except not relying on PHP's mail()). The -f parameter is a sendmail option. Fortunately, all popular mail packages always come with a bin compatible with /usr/bin/sendmail. So -f should be fine across different *nixes.
Windows remains. Anyone on windows?
Comment #16
mustangduce CreditAttribution: mustangduce commentedOne key item to note here is the mail header. Unless the user that apache is running as is added to the /etc/mail/trusted-users file Sendmail will append a warning in the email header like this:
X-Authentication-Warning: webserver.hostingcompany.com: user set sender to address@somedomainname.com using -f
This is caught by most/all spam filtering agents (or at least the good ones). Make sure your provider has this configured, I have been with several that did not but after a brief call with thier support most agreed to make the change (one even changed thier server build SOP to add the apache user as a trusted user on every build!)
Comment #17
v1nce CreditAttribution: v1nce commentedSubscribing. Updated patch for d5.
Comment #18
scor CreditAttribution: scor commentedmarking http://drupal.org/node/165938 as duplicate.
Comment #19
PanchoHere is the working patch for D7 from the duplicate issue...
Comment #21
Pancho@Damien in #13:
No. This is not just an incovenience. We're passing the header wrongly to PHP's mail() function - that's nothing less than a bug in core.
We can't expect admins to install a contrib module, only to achieve Drupal's core functionality works correctly.
Plus: contrib can not even solve it correctly. Return path module (which currently fixes it) is not compatible with other mail backends (see #98412: Incompatible with smtp.module (redeclared function)), because they all use drupal_mail_wrapper(), and it can be used only by one module at the same time.
So please let's go on testing and improving this, so this enerving bug finally gets fixed.
Comment #22
Damien Tournoud CreditAttribution: Damien Tournoud commented@Pancho: in that case, you will need to do your homework. Will this "-f" flag works with non-sendmail backends? With Postfix? With Exim? With QMail? Under Windows? In safe mode? On shared hosting?
Also note that the "we can't have several mail backend" issue is being solved for D7 in #331180: fix pluggable smtp/mail framework.
Comment #23
PanchoSure. We can do all these tests on different backends, platforms and configurations. And surely I'm ready to take a major part of that work on me.
But since when is it the patch writer's duty to do all the testing work, "my homework" as you call it? I didn't say the patch were rtbc, did I? Sorry, but the way you put it is not okay.
Now, I'm working on another issue atm. But as soon as I'm done with that, I'll come back to this. Then I will check #331180, possibly rework this patch here and write a testing plan.
Comment #24
gpk CreditAttribution: gpk commented@22: #9 says this can work with postfix, Exim 4.63 and qmail. It won't work with safe mode (would be best not to try -f in this case). In Windows there is the possibility of ini_set()-ting sendmail_from. I have -f working very nicely on cPanel shared hosting (PHP running as Apache module) - without any X-Warning header. See also http://drupal.org/node/165938#comment-1153548). I think cPanel automatically sorts out the question of "trusted" users.
The X-Warning header may be the killer though - see #12 and #16. Even if that is not a problem, this is all a bit of a mess :P
BTW is there a use case for using returnpath and smtp contrib modules at the same time? SMTP servers seem to set the Return-Path: for you. (OK, returnpath and a mime email backend is a realistic but incompatible combination in D6/D5).
[slightly updated]
Comment #25
sunThe popular PHPMailer library just does the following (simplified):
I.e. the additional flag(s) are set if defined safe_mode is disabled, and 'sendmail_from' is overidden for Windows.
The same is done for the sendmail method.
Comment #26
gpk CreditAttribution: gpk commentedYes...
... and if it doesn't work on your particular server (i.e. you get X-Warning headers) then you can try another sending method, e.g. sendmail (as you mention), or smtp.
FWIW I think Joomla bundles PHPMailer, but from a quick glance at the code I couldn't work out which sending method it uses or how it handles this problem.
Comment #27
mfbSubscribe.
Comment #28
malc0mn CreditAttribution: malc0mn commentedI'm confused about these lines in http://drupal.org/files/issues/do-the-return-path-correctly_9_0.patch:
This does not allow you to override the Return-Path using the mail_alter hook. Was this intentional?
I've adapted the patch for a site I'm maintaining to:
Should this not be the intention instead of the original code? I'm guessing it was, since it was placed after the drupal_alter() call.
Comment #29
rapsli CreditAttribution: rapsli commentedsubscribing
Comment #30
mrfelton CreditAttribution: mrfelton commentedsubscribing
Comment #31
mrfelton CreditAttribution: mrfelton commentedI agree with @malc0mn in #28. Attached is the modified patch:
Comment #32
nvanhove CreditAttribution: nvanhove commentedSubscribing.
@mrfelton: shouldn't the status be "needs review" right now?
Comment #33
mrfelton CreditAttribution: mrfelton commented@nvanhove: yes, forgot to update status. thanks.
Comment #34
mrfelton CreditAttribution: mrfelton commented@nvanhove: yes, forgot to update status. thanks.
Comment #36
nvanhove CreditAttribution: nvanhove commentedHmmm patch didn't work. Probably because it is so old.
@mrfelton: could you redo the patch?
Comment #37
nvanhove CreditAttribution: nvanhove commentedRecreated #31
Comment #38
nvanhove CreditAttribution: nvanhove commentedComment #39
malc0mn CreditAttribution: malc0mn commentedI can confirm that this has helped us out on numerous occasions. How about adding it to the core in a new release?
Comment #40
nvanhove CreditAttribution: nvanhove commented@malc0mn, if you can confirm the patch in #37 works in Drupal7, we could get it in :)
Comment #41
malc0mn CreditAttribution: malc0mn commentedGood point, I'll see what I can do!
Comment #42
Dries CreditAttribution: Dries commentedI think this is a valid bug report, and from what I can tell (and reading the PHP docs), the fix looks correct.
Comment #43
malc0mn CreditAttribution: malc0mn commentedJust finished setting up the latest dev release as a sandbox on our dev environment to test the patch.
EDIT:
Version used: February 3, 2010 - 14:04, drupal-7.x-dev.tar.gz, 2.19 MB e2145089f78c88d46660d7973906701b
Patching went nicely:
And for the testing:
1. Logs without patch:
Bad, baaaad! ;-)
2. Logs with patch:
Saweeet! ;-)
NOTE: the warning you see in the logs nicely shows the patch is doing what it should. The warning can be avoided by adding www as trusted mail user.
Comment #44
Nico Heulsen CreditAttribution: Nico Heulsen commentedNice work.. This realy should be into core!
Comment #45
mfbThe comments mention safe_mode but the current version of the patch doesn't actually check for safe_mode.
Comment #46
malc0mn CreditAttribution: malc0mn commentedBad news. If PHP is run in safe mode, this patch will trigger some errors:
Somwhere along the way we seem to have dropped this bit of code:
I have attached a modified patch to correct this, and looking into a 2nd problem that has been introduced by this line:
-f is not allowed in the safe mode.
Comment #47
nvanhove CreditAttribution: nvanhove commentedComment #48
nvanhove CreditAttribution: nvanhove commentedThat seems to be my patch instead of yours?
Comment #49
malc0mn CreditAttribution: malc0mn commentedOK, I think the patch attached here does the trick, please ignore or even better delete the patch in my previous post since I cannot seem to do this myself.
The annoying thing is that when we're in safe mode, the fifth parameter in the PHP mail() function is not allowed. You can pass whatever you want (null, an empty string, ...) PHP will complain about this, hence the somewhat silly approach in the patch to work around this. If someone has a better idea, please let me know!
My fix in attach which only patches the modules/system/system.mail.inc file, not the includes/mail.inc file.
The previous patch swapped the order of some variables in incudes/mail.inc which in my humble opinion, and proven during my testing, makes no difference.
Comment #50
malc0mn CreditAttribution: malc0mn commented@#48: only slightly modified. I should not have posted it, for which my apologies. If only I could delete it...
Comment #51
scor CreditAttribution: scor commented} else { should be in two lines. also, comments can run up to the 80th characters, so we could save some space here.
usually comments are not deleted from the issue queues.
Comment #52
malc0mn CreditAttribution: malc0mn commentedI will fix this!
Comment #53
malc0mn CreditAttribution: malc0mn commented@#51: revised patch in attach (formatted else & comments running to col 80)
Refer to #49 for more information concerning the patch.
Comment #54
scor CreditAttribution: scor commentedwe don't need so many empty lines here. Please also fix the whitespaces issues in both code blocks.
Comment #55
malc0mn CreditAttribution: malc0mn commentedI simply took them form the original patch, however I shall remove them.
Comment #56
malc0mn CreditAttribution: malc0mn commentedNew patch with fixed formatting attached, as requested.
Comment #57
nvanhove CreditAttribution: nvanhove commentedComment #58
sunMissing space after "if".
Duplicate space here.
Ideally, we should prepare those two arguments before the conditional execution logic, so 1) no duplicate code and 2) no missing docs in the else case.
This comment needs some love. :)
"The optional $additional_parameters argument to mail() is not allowed if safe_mode is enabled. Passing any value throws a PHP warning and makes mail() return FALSE."
Powered by Dreditor.
Comment #59
malc0mn CreditAttribution: malc0mn commented@58: very true concerning the preparation of the arguments... Why didn't I see/do that in the first place :(
New patch in attach solving:
- space issues 'if (' and ' = mail('
- lovely comments
- preparation of mail() arguments
Comment #60
scor CreditAttribution: scor commentedMake this a sentence: start with upper case and end with '.'
last trailing space to be removed
Comment #61
malc0mn CreditAttribution: malc0mn commentedDone...
Comment #62
sunThanks - looks good to me.
Comment #63
mfbThere is some wrong indentation (single space instead of two)
Comment #64
sunTakes a bit to see that there's one leading space too much here, right ;)
Powered by Dreditor.
Comment #65
malc0mn CreditAttribution: malc0mn commented@64: Removed those...
Comment #66
nvanhove CreditAttribution: nvanhove commented@malc0mn don't forget to set the status back to needs review so the testbot will pick it up.
Comment #67
malc0mn CreditAttribution: malc0mn commentedAh ratz, thanks nvanhove.
Comment #68
sunThanks! There we go.
Comment #69
malc0mn CreditAttribution: malc0mn commentedFantastic!
Shall I do one for the D6 branch as well?
Comment #70
sebas5384 CreditAttribution: sebas5384 commentedReturn-Path.patch queued for re-testing.
Comment #71
malc0mn CreditAttribution: malc0mn commented@70: that patch would break when running in safe mode... I have a D6 one ready, but want to test it first before submitting. Will be submitting tomorrow morning after testing.
But we'll have to change from 7.x to 6.x in the satus-settings-thingy, no?
Comment #72
scor CreditAttribution: scor commented@malc0mn: usually patches get committed to D7 first and then get backported to D6.
Comment #73
malc0mn CreditAttribution: malc0mn commented@scor: I was aware of that, hence my question for the D6 one. I have it ready and will post tomorrow.
Can I simply change the version of this issue to '6.x-dev' (& status to 'needs review')when posting the D6 patch or do I need to start a new issue?
Comment #74
scor CreditAttribution: scor commented@malc0mn: please leave the version of this issue to 7.x. If you like, post your D6 patch here for the records, and say it's for D6. It can later be picked up (and this issues switched to D6) when D7 is fixed.
Comment #75
malc0mn CreditAttribution: malc0mn commentedThanks scor, will do that!
Comment #76
malc0mn CreditAttribution: malc0mn commented@74: Scor, D6 patch attached. Made against latest Drupal6 HEAD branch.
Tested in both regular and PHP safe mode.
Comment #77
Dries CreditAttribution: Dries commentedCommitted to CVS HEAD. Moving to D6.
Comment #78
scor CreditAttribution: scor commentedpatch for D6 in #76 should be rerolled using cvs diff -up, see http://drupal.org/patch/create
Comment #79
malc0mn CreditAttribution: malc0mn commentedDang, I usually do that... Apparently forgot it here. Done properly now in attach.
Comment #80
malc0mn CreditAttribution: malc0mn commentedcomponent = mail system + needs review
Comment #81
malc0mn CreditAttribution: malc0mn commentedAnyone had a chance to review this one for D6...? Used it a while now and encountered no probs...
Comment #82
Shawn DeArmond CreditAttribution: Shawn DeArmond commented#17 worked for me for D5. However, I also had to add this to my theme in order for the Return-Path to be the right address when a webform is submitted and email is sent:
Comment #83
lostchord CreditAttribution: lostchord commentedSorry if this is a really dumb question...but where is the envelope address configured in the Site Configuration?
I'm assuming the intent here is to make it per-site rather than per-server so that in a multi-site environment the email is fully tailored to each site.
I don't see any way of doing this in the D6 configuration at present and as far as I could tell the patches don't seem to add an extra configuration option. So maybe it's there already and I'm just not looking in the right place?
cheers
Comment #84
nvanhove CreditAttribution: nvanhove commentedThere is no configuration option.
We set the Envelope to be as the "From" address:
$headers['From'] = $headers['Sender'] = $headers['Errors-To'] = $headers['Return-Path'] = $default_from;
Comment #85
mfbConfigurability could be a nice feature request for Drupal 8. My experience is you want the "From:" address to be customer service and the envelope "From" to be technical staff who can handle bounces etc.
Comment #86
lostchord CreditAttribution: lostchord commentedI was rather hoping that it would get dropped into D6. I'm using an edit to php.ini to fix this at present and it's not really the right solution. That's what started me searching the forums in the first place.
I think the configurable nature of this would be critical. It should (a) be configurable, and (b) the two addresses should have independent access control so that the envelope From can only be set by the technical staff.
The current solution would, I suspect, open up the possibility of an incorrect address entry silently killing all email from a site.
cheers
Comment #87
lostchord CreditAttribution: lostchord commentedFYI
Out of curiosity - and as part of trying to solve this in my own environment - I looked at the headers from a drupal.org email:
cheers
Comment #88
turadg CreditAttribution: turadg commentedWhy does the patch get the return path from the -f argument in sendmail_path instead of from sendmail_from?
(Referring to properly_formatted_mail_return_path_d6_0.patch )
Comment #89
mrf CreditAttribution: mrf commentedPatch in #79 works well for me in 6.17
Comment #90
guidot CreditAttribution: guidot commentedApplied #79 on two D6.17-installations. Works. Thanks very much!
Comment #91
Gábor HojtsyThis issue is going on for three years, and looks like only half of these notes were addressed, repeated by Steven, Damien and drumm:
From feedback above, looks like other tools are sendmail compatible, so we can reliably pass the -f argument to those. However, two things I've not seen solved:
1. Windows testing was requested multiple times but nobody said they did it.
2. The trusted user issue was not resolved so looks like we are trading one problem for another nasty one.
Who has the answers?
Comment #92
drupalfan2 CreditAttribution: drupalfan2 commentedI applied patch #79 correctly but no mails come back. Why?
How can I find out, why this does not work?
Comment #93
aspilicious CreditAttribution: aspilicious commentedScor told me to push this back to d7.
I got the following error on my hosting site when a user registrates.
I don't know why, I don't understand what's going on.
Warning: mail(): Policy restriction in effect. The fifth parameter is disabled on this system in DefaultMailSystem->mail() (regel 77 van /customers/chirohoepertingen.be/chirohoepertingen.be/httpd.www/modules/system/system.mail.inc).
Host: one.com
I'm open for any kind of experiment...
Comment #94
sunIf that also means that no e-mail was/is sent, then I suppose this issue needs to be critical, as users installing D7 may not be able to send or get any mails.
Comment #95
Damien Tournoud CreditAttribution: Damien Tournoud commentedmail()
is one of those PHP functions that gets abused by some hosters. I think we should do the same as for set_time_limit(), and just ignore the warnings triggered by this function using the@
operator. We do have the return value of the function to tell us if the mail was queued or not anyway.Comment #96
aspilicious CreditAttribution: aspilicious commentedNo problem at all with the mails. User gets created, mails arrive. Just a stupid warning that scares people ;).
Can someone write a patch to ignore this?
(so I can fix my website)
Comment #97
scor CreditAttribution: scor commented@aspilicious: want to try this patch? implements damz's idea.
Comment #98
aspilicious CreditAttribution: aspilicious commentedSolved my issue, for me this is rtbc, but I'm not a mail code guru.
Comment #99
dhthwy CreditAttribution: dhthwy commentedThe caution note for Windows on PHP's mail() doc page can be disregarded for 5.2 as it already handles this automatically (this may not be true for PHP < 5.2):
On Windows when there is no Sendmail, the 5th parameter passed to mail() is ignored, so it doesn't use -f as that's a Sendmail (and friends) parameter. PHP will use its own internal SMTP mail implementation which gets "Return-Path:" from the ini variable "sendmail_from" and if that is not set, it gets "Return-Path:" from "From:".
X-Authentication-Warning is a problem for any software that uses Sendmail with the -f parameter when its user is not on the trust list. This includes Wordpress, Web-based mailers such as Squirrelmail and popular forums such as Vbulletin, etc. This header is added by Sendmail itself and it's a server configuration problem. There is nothing Drupal can do to deal with this short of locating and parsing the server's Sendmail configuration files (and having a trusted-user file is optional btw).
Worst case scenario is that the email with the X-Authentication-Warning header set will be rejected by the receiving SMTP server, however, the SMTP server would have to have very strict policies for it to reject it based on that alone. And this header is not exactly uncommon, even for legit emails.
Comment #100
dhthwy CreditAttribution: dhthwy commentedAs #95 points out, PHP error notices should be inhibited when calling mail(), since there's still a good probability that mail() succeeded.
In order to support Return-Path on Windows we need to set the sendmail_from ini variable. This is what the PHPMailer class in Wordpress does.
Comment #101
xtoc CreditAttribution: xtoc commentedComment #102
xtoc CreditAttribution: xtoc commentedI have added the patch from #79 with wincvs, but how can i set a return_path. Where do i need to config that?
Comment #103
bbista4u CreditAttribution: bbista4u commentedReturn-Path.patch queued for re-testing.
Comment #104
devonwarren CreditAttribution: devonwarren commentedReturn-Path.patch queued for re-testing.
Comment #105
pillarsdotnet CreditAttribution: pillarsdotnet commentedBumping and tagging as per standard policy.
Comment #106
pillarsdotnet CreditAttribution: pillarsdotnet commentedRe-rolled #100 against 8.x according to current patch guidelines. No other changes.
Comment #107
pillarsdotnet CreditAttribution: pillarsdotnet commented#106: DefaultMailSystem-return_path-131737-106.patch queued for re-testing.
Comment #109
pillarsdotnet CreditAttribution: pillarsdotnet commented#106: DefaultMailSystem-return_path-131737-106.patch queued for re-testing.
Comment #110
pillarsdotnet CreditAttribution: pillarsdotnet commentedImproved patch specifically tests for Windows before modifying the Windows-only setting.
Comment #111
pillarsdotnet CreditAttribution: pillarsdotnet commentedSorry; inadvertently included another patch.
Here's the correct one. (Wish there was some way to remove an inadvertently-added patch from the testing queue....)
Comment #112
pillarsdotnet CreditAttribution: pillarsdotnet commentedBetter title and comments.
Comment #113
pillarsdotnet CreditAttribution: pillarsdotnet commentedApplied patch in #112 to HTML Mail and Mail System:
Comment #114
sgabe CreditAttribution: sgabe commented@pillarsdotnet: Did you test this patch in safe_mode? You can't use additional parameters in safe mode, even if it's NULL it will throw a warning and mail() will return FALSE. However, the rest looks good.
Comment #115
sgabe CreditAttribution: sgabe commented@pillarsdotnet: I see you have fixed this in HTML Mail, a new patch here still would be nice.
Comment #116
pillarsdotnet CreditAttribution: pillarsdotnet commentedYeah, I found that out and had to fix it on the above projects. Re-rolling...
Comment #117
pillarsdotnet CreditAttribution: pillarsdotnet commented#116: DefaultMailSystem-return_path-131737-115.patch queued for re-testing.
Comment #118
pillarsdotnet CreditAttribution: pillarsdotnet commented#116: DefaultMailSystem-return_path-131737-115.patch queued for re-testing.
Comment #119
pillarsdotnet CreditAttribution: pillarsdotnet commented#116: DefaultMailSystem-return_path-131737-115.patch queued for re-testing.
Comment #120
starkos CreditAttribution: starkos commentedFWIW, on my host, mail sending fails with no error message. If I remove the space in the '-f ' flag, it works fine: '-f' . $message['Return-Path']
If it doesn't matter otherwise, might be worth removing the space.
Comment #121
pillarsdotnet CreditAttribution: pillarsdotnet commented@#120: Note that the patch in #116 does remove the space between
-f
and the return-path address.Comment #122
sos4nt CreditAttribution: sos4nt commentedOn my host (*nix system, safe mode disabled) mail sending fails when passing a fifth parameter to mail(). There should be a configuration option to disable the use of the fifth parameter.
Comment #123
geerlingguy CreditAttribution: geerlingguy commentedHitting some strange return-path issues with Windows server. Additionally, this issue could use a little better summary (if possible), as there's a lot of discussion since the OP that takes a bit of time to work through...
Comment #124
darnzen CreditAttribution: darnzen commentedI had this problem on one site and it was driving me crazy. The D6 patch posted #76 fixed it. I initially tried putting a ini_set('sendmail_path', '/usr/sbin/sendmail -i -t -fmyemail@returnaddr.com') in the settings.php file, but that didn't work for some reason. Might have something to do with the emails getting sent in a cron run.
Comment #125
pillarsdotnet CreditAttribution: pillarsdotnet commentedWe are still waiting for someone to review (and mark as RTBC) the patch in #116.
If nobody is willing to do that, we might as well mark this issue closed (won't fix).
Comment #126
pillarsdotnet CreditAttribution: pillarsdotnet commentedClosing for lack of interest. Please re-open only if you are willing to provide a patch review.
Comment #127
sunComment #128
aspilicious CreditAttribution: aspilicious commentedOk I had a lot of problems with this on my localhost (windows) and on my live sites. (one.com)
The patch works and removes all the warnings.
All mails get delivered.
On localhost there is one warning left: "Error occured, contact administrator if problem persist" (my own translation cause the site is in dutch. Anyway thnx for the patch :D
Note: tested in d7 had to reroll the patch in 116
Comment #129
aspilicious CreditAttribution: aspilicious commented#116: DefaultMailSystem-return_path-131737-115.patch queued for re-testing.
Comment #130
aspilicious CreditAttribution: aspilicious commentedHere is a D8 reroll if its needed
Comment #131
xjmIt seems that this solution is well-tested. See #128, #124, #120, and relevant affected contrib projects in #113.
(Note for reviewers, as I did a double-take on this: The lack of space between the
-f
flag and the return path is intended. See #120 / #121.)I can't think of a way to write a test for this bug, since it is tied to specific server/environment configurations.
If this passes testbot, I believe this is RTBC.
Comment #132
chx CreditAttribution: chx commentedThe thing is, even if we could write an automated test, it'd be written in a way that only runs when Windows is present so the testbot would happily ignore. We certainly wont be worse off this committed than not.
Edit: The problem with the test is not Windows but sending a mail for real and checking results.
Comment #133
webchickI would invert the logic of the if/then; this code is far more likely to run on non-Windows hosts, so that should be default check.
Comment #134
xjmOn it.
Comment #135
xjmInverted the logic and switched the order of the if/else. Sending for a date with testbot.
Comment #136
xjmComment #137
aspilicious CreditAttribution: aspilicious commentedWindows machine localhost fails:
"Unable to send e-mail. Contact the site administrator if the problem persists."
Could be a localhost xamp issue.
Other live hosts (not windows) don't report errors anymore.
Comment #138
aspilicious CreditAttribution: aspilicious commentedOk lets clarify :)
- Before patch:
* cheap shared hosts ==> mail arrives but warnings because of fifth parameter
* Localhost fails: this warning and mail doesn't arrive
Warning: mail() [function.mail]: Failed to connect to mailserver at "localhost" port 25, verify your "SMTP" and "smtp_port" setting in php.ini or use ini_set() in DefaultMailSystem->mail() (line 76 of C:\xampp\htdocs\drupal8\modules\system\system.mail.inc).
Unable to send e-mail. Contact the site administrator if the problem persists.
- After patch
* cheap shared host ==> mail arrives and no warning
* Localhost: only this warning but mail doesn't arrive
Unable to send e-mail. Contact the site administrator if the problem persists.
Comment #139
aspilicious CreditAttribution: aspilicious commentedOk as it turns out this was a xamp localhost mailing issue. Moving back to rtbc.
Comment #140
aspilicious CreditAttribution: aspilicious commentedSame patch applies to D7.
Comment #141
catchWe're still checking for safe_mode but the comment explaining why has disappeared from the patch (also there's no else { any more so what happens if it's enabled now?).
Comment #142
xjmClarifying after following up in IRC: This is the "else" condition and comment catch is referring to. There's no case now for when safe mode is true; both our cases are inside the first if. I'll look back in previous patches for when the change was made.
Comment #143
xjmIt looks like the safe mode else case went away as far back as #110. #114 and #122 refer to safe mode. There's also a lot of discussion about it earlier in the issue, but since it goes back to 2007 it's hard to say what's relevant and what's not. Can someone clarify what is supposed to happen when safe mode is enabled? Is it intended that the mail is simply not sent?
Comment #144
pillarsdotnet CreditAttribution: pillarsdotnet commentedNo, that was not the intent. Clearly there was a logic error in my patches.
Comment #145
xjmAlright, I'll quickly reroll with the deleted else condition then. Thanks!
Edit: Also, it looks like the windows condition can be the same regardless, so I'll refactor it a little.
Comment #146
catchfwiw since safe mode is deprecated in PHP 5.3 I'd be fine with throwing warnings when it's enabled in 8.x, but for backport we shouldn't change behaviour.
Comment #147
xjmOops, lost this one in a crosspost.
Comment #148
xjmAlright, I re-added a case for safe mode on non-Windows systems. I also added a comment to indicate that the lack of space between
-f
and the optional parameter is intentional.One thing I noticed is that I can't find an explicit explanation here for the addition of
@
to suppress warnings frommail()
. The closest I can find is sun's comment in #25. We should probably add a comment justifying why we do this, since it's not exactly a best practice generally.Edit: Found that explanation in #95.
Comment #149
xjmComment #151
xjmWrong diff again... sorry.
Comment #152
xjmWith that comment explaining the
@
.Please test this patch with:
Comment #153
xjmPlease test #152 and report which of the three scenarios you tested and what the results were. Thanks!
Comment #154
xjm@aspilicious reported in IRC that he tested the patch on "a crappy host"
with safe mode enabledwith a limiting PHP configuration as well as on a Windows localhost, and in both cases the mail was sent successfully, without error messages. (Without the patch, he gets errors when attempting to send mail in both cases.)Comment #155
kattekrab CreditAttribution: kattekrab commentedTested on ubuntu / php5.3 / apache / postfix.
First test
Return path is set to site_mail with safe_mode disabled. : mail sent ok
Return path is set to www-data@... with safe_mode enabled. : mail sent ok
Second test
Unable to send mail at all - but this may be unrelated. Will reboot and try again.
Comment #156
kattekrab CreditAttribution: kattekrab commentedOk!
Sorry it's taken so long to get back to this. Patch tested. Screenshots attached.
All good. Double plus good for ubuntu 10.04 / php5.3 / apache / postfix
:)
Comment #157
aspilicious CreditAttribution: aspilicious commentedOMFG YEES!
Comment #158
xjmTo clarify, as I understand the error messages seen in #156 are the result of safe mode file system configuration issues unrelated to the mail issue. The emails were sent properly both with and without safe mode. :)
Comment #159
xjmAlright, posting with less New Year's Eve this time.
Comment #160
catchThanks folks. Committed/pushed to 8.x. Will need a re-roll for 7.x.
Comment #161
oriol_e9gComment #163
oriol_e9gPoll test error?? WTF! O.o I'm going to try a re-test.
Comment #164
oriol_e9g#161: mail-131737-161.patch queued for re-testing.
Comment #165
xjmComment #166
webchickCommitted and pushed to 7.x. Thanks!
Moving down to D6. Needs a re-roll there.
Comment #167
David_Rothstein CreditAttribution: David_Rothstein commentedNote that the D7 commit for this issue seems to have accidentally included the fix for #1353030: Increase length of "alt" and "title" text for images as well.
Comment #168
Albert Volkman CreditAttribution: Albert Volkman commentedD6 backport.
Comment #169
jvns CreditAttribution: jvns commentedIn the patch on #168,
$message['Return-Path']
never gets set, so the -f parameter never gets added. This is because the part of the code from system.mail.inc that sets$message['Return-Path']
is missing.Here's an updated patch which fixes this. Copied everything in the mail() function in system.mail.inc into the initial else{} clause of drupal_mail_send. I've tested it on a Linux server with postfix, and it seems to work correctly, where the patch in #168 doesn't.
Comment #170
jvns CreditAttribution: jvns commentedThe patch in #169 doesn't work. Here's an updated patch which I've tested more thoroughly and sends mail correctly on a Linux server with postfix.
Comment #171
mstrelan CreditAttribution: mstrelan commented#170 works for me on exim.
Comment #172
ifixyourpc CreditAttribution: ifixyourpc commentedHi all,
Total Drupal Noob here and wondered if you could assist..
I got my Template installed but am getting the return path error (i believe)..
Notice: mail(): Policy restriction in effect. The fifth parameter is disabled on this system in DefaultMailSystem->mail() (line 76 of /customers/2/0/a/samanthascakes.co.uk/httpd.www/modules/system/system.mail.inc).
Notice: mail(): Policy restriction in effect. The fifth parameter is disabled on this system in DefaultMailSystem->mail() (line 76 of /customers/2/0/a/samanthascakes.co.uk/httpd.www/modules/system/system.mail.inc).
Is it the "system.mail.inc" file i need to edit?
Comment #173
pillarsdotnet CreditAttribution: pillarsdotnet commentedComment #174
jerry CreditAttribution: jerry commentedThe D6 backport in #170 works fine for me on 6.34. Let's get this committed, if possible.