correct email FROM header usage

I want to let users share information on my site by sending an email to a friend. Before I go to far I want to make sure I won't get blacklisted for doing something incorrectly.

If my domain is example.com can I set the mail FROM header to the email address supplied by the user?

For example, I want to share a page at example.com with my friend Bob. Bob's email address is bob@domain.com and my email address is me@anotherdomain.com. When example.com sends an email to Bob(bob@domain.com) it will set FROM to my email(me@anotherdomain.com).

Is this an issue since the email is being sent from example.com but the FROM header contains a domain other than itself?

The following would be sending from example.com

$to = 'bob@domain.com';
$subject = 'Some subject';
$msg = 'Some message';
$headers = 'From: me@anotherdomain.com <me@anotherdomain.com>' . "\n\r";

mail( $to, $subject, $msg, $headers );

Or do I need to do something like the following?

$headers = 'From: me@anotherdomain开发者_StackOverflow社区.com <share@example.com>' . "\n\r";

Any and all help will be greatly appreciated.

There are multiple email headers that give some indication of who "sent" an email and who to reply to. A fairly good, casual writeup of the concept can be found on the page discussing how FormMail handles things.

In general, the Sender is the actual originator of the email message. The From Address, in contrast, is simply a header line in the email that may or may not be taken to mean anything. The From Address can often be left out completely. Spammers can easily spoof the From Address. ISPs try to ensure that spammers cannot spoof the Sender.

It sounds like what you might want is:

• Sender : your site/program
• From : either your site or the user
• Reply-To : the user

What you write in the from header isn't that relevant. Important is that you you use an envelope sender address from your domain. This is checked against SPF for example. If you want the recipient to be able to reply to me@anotherdomain.com you need to add a reply-to header as well.

No, it really DOESN't matter which From: header email has been set

Why didn't you try it?

Many, if not most, email servers are not registered for a specific domain, the bigger issue is if your server correctly identifies itself (having a reverse lookup entry can help) and make sure it's not blacklisted. You can use a service like: http://www.dnsbl.info/ to check.

Most hosts with dynamic IPs are considered suspect, but even a dedicated VPS can be listed, so it's worth checking. You should also correctly format the headers as outlined in some of the other responses. If this is for a critical application (e.g., you are charging people and they expect to get mail), you should consider a 3rd-party SMTP which should take care of making sure you don't get blacklisted.