MAIL FROM address on PHP form submission

MAN5 · January 23, 2022, 2:00pm

Hi team, Im using hestiacp for past ~5 years. Everything work great.

Latest Hestia v.1.5.4
Ubuntu 20x
Just installed fresh hestiacp

I just installed a new server with fresh hestia installation. Seems the latest PHPMAILER function (OR) may EXIM configs not like previous versions.

If i send PHP form submission with from email headers defined, the recieved email shows always from web hosting account’s admin email. Not followint the defined from email inside my php send file. This is the same file im using on the old server, it follows the defined FROM address but not this new server.

How to replicate:

Use any php form submission with below
$header .= “From: [email protected]”; // I auto forwarded this mail to my personal GMAIL
Check your GMail - it shows the from address as
‘[email protected]’ instead ’ [email protected]’ defined in this php form headers.
The same domain with same form works as expected but not this new server

Am I missing missing something plz…?

Raphael · January 23, 2022, 2:06pm

A lot of missing informations: OS, Codename, Exim Version, sample header of a sent mail…

MAN5 · January 23, 2022, 2:18pm

Hi, kindly find the attached image.

As i already mentioned…
Hestia version is latest 1.5.4
OS : Ubuntu 20.04
EXIM : version 4.93 #3 built 28-Apr-2021

thank you

eris · January 23, 2022, 3:43pm

It is caused by:

github.com

hestiacp/hestiacp/blob/7b6e4b7541a469d48bc7dc4b1867e40ed7288a3e/install/deb/templates/web/php-fpm/default.tpl#L21

    
      
          
          
pm = ondemand
          pm.max_children = 8
          pm.max_requests = 4000
          pm.process_idle_timeout = 10s
          pm.status_path = /status
          
          
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
          php_admin_value[session.save_path] = /home/%user%/tmp
          php_admin_value[open_basedir] = /home/%user%/.composer:/home/%user%/web/%domain%/public_html:/home/%user%/web/%domain%/private:/home/%user%/web/%domain%/public_shtml:/home/%user%/tmp:/tmp:/bin:/usr/bin:/usr/local/bin:/usr/share:/opt
          php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f admin@%domain%
          
          
env[HOSTNAME] = $HOSTNAME
          env[PATH] = /usr/local/bin:/usr/bin:/bin
          env[TMP] = /home/%user%/tmp
          env[TMPDIR] = /home/%user%/tmp
          env[TEMP] = /home/%user%/tmp

I would suggest using phpmailer instead of the default mail function.

MAN5 · January 23, 2022, 4:02pm

Ok noted. Thank you.

schiwe · January 23, 2022, 6:31pm

See my answer about Exim rewriting

MAN5 · January 24, 2022, 4:30am

The root cause already explained well by @eris .

Sorry… How it can be considered as spoofing if i send email from inside the real domain with real user account in the same domain ?

The root cause already explained well by @eris .

schiwe · January 24, 2022, 7:16am

It’s ok just trying to help. If you’re not using HestiaCP as your mail server E.g: Office365 or Exchange. It will be Spoofing… You can add HestiaCP ip to SPF Record but it’s not recommended for your organization security.

MAN5 · January 24, 2022, 12:40pm

Thank you @schiwe

system · February 23, 2022, 12:41pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.