[BlueOnyx:01437] Re: 'On behalf of' in the address from Sendmail

Support support at etmpacific.com.au
Wed Jun 17 22:56:43 PET 2009


Thanks for your response - after a lot more work I understood that what I
was trying to do was quite limited and as a result I did successfully
implement PHPMailer with a fallback to storing the email in MYSQL until it
could be delivered later by a cron task. This allowed me to track delivery
as required and meant that I could discard the queued email if required.

I will, at a later stage, do as you suggest and use one of the provided
links but for now it is running well and 'later on' will be for my own

By the way I did add apache to '/etc/mail/trusted-users' and then did the
make to rebuild the Sendmail configuration file (and restarted Sendmail) but
that didn't seem to have any affect on the issue.

I also tested with SMTP AUTH but that didn't solve it either... but then at
that time I had tried so many things that the fallback of using the upstream
mailer was the answer.

Thanks for your help, as always it is appreciated.


-----Original Message-----
From: blueonyx-bounces at blueonyx.it [mailto:blueonyx-bounces at blueonyx.it] On
Behalf Of Michael Stauber
Sent: Wednesday, 17 June 2009 23:41
To: BlueOnyx General Mailing List
Subject: [BlueOnyx:01429] Re: 'On behalf of' in the address from Sendmail

Hi Tony,

> I am trying RMail to send email by PHP and I get;
> 	Apache [apache at domain] on behalf of Sender [sender at domain]
> I have created the user but I still cannot figure out how to stop the 'on
> behalf of' being added by Sendmail.

There are like a dozen ways how a PHP script can send emails. Among them it 
can use the PHP mail() function, it can use one of the various PEAR modules,

can create a socket with Sendmail or use the SMTP protocol to establish 
communication with a smail server or it can launch a system call to fire up 
the sendmail binary.

Your script is doing something rather unsophisticated. It's using the mail()

function and sends an email, *claiming* to be sender at domain. 

For security reasons Sendmail then adds a warning, telling that Apache tried

to fake the sender address of the email.

The "easy" and unsecure way around that is to add "apache" to 
/etc/mail/trusted-users, so that Sendmail *trusts* Apache and allows it to 
fake the senders of email at hearts content.

The proper way however would be to use a more sophisticated email procedure
your script. 

For example you could use SMTP-Auth:



That way the script authenticates against Sendmail with a valid username and

password and uses SMTP to transmit the message.

With best regards

Michael Stauber

Blueonyx mailing list
Blueonyx at blueonyx.it

More information about the Blueonyx mailing list