Hi,
I recovered the maintenance of a Kirby site in which a php script sends a mail with the Kirby method $kirby->email() in a controllers.
I checked the config.php file and found no SMTP transport configuration. And the email sending works.
So my questions are:
Thanks for your help
Transport settings are needed for SMTP. In the absense of those transport settings, PHP mail() function is used.
In general, it is not advisable to send email via PHP mail(), at least not if you need reliable email.
Ha ok, so if I understand well, PHP mail() works only if the server has a mail server enabled? If not, we can use an external email service trough SMTP?
No, PHP mail() is usually configured to use a program called sendmail which is available on most Unixy systems.
And I suppose Sendmail includes its own SMTP functionality and configurations that’s why we don’t need to configure one in our config.php file?
sendmail is a mail transfer agent. You can use it to send emails to other MTAs, or it can also dispatch the emails locally. With PHPs mail function you don’t “connect” to it via SMTP though, but rather just run a command line utility (like /usr/sbin/sendmail). The sendmail program then probably (depends on config) connects directly to the target’s mail exchange server.
That’s why you don’t need to configure it. It’s all done on the OS level. It’s like in the good olden days where you could simply telnet to a server and write your email, no fancy encryption, authentication or anything…
The problem with sendmail is that, while the server admin could configure it so that it acts just as good as any other MTA software, it often isn’t done on stuff like shared hosting plans. Simply because it’s easier for them to run separate mailservers, which aren’t running on the same machine as the webserver. At that point those mailservers require authentication, which you couldn’t do with PHPs mail function anyway.
For this reason the webhost (where sendmail is running) is normally not the domain’s declared mailserver. It probably also isn’t even mentioned in the domain’s SPF record (and if it were, it would mean anyone on that machine could just send emails with your domain). All this contributes to the probability that the emails will be rejected by the target MTA.
By using the domains actual mail server, you make sure the emails you send with kirby get the same deliverability (except for the email’s contents, obviously) as every other normal email from that domain.
TL;DR: do what texnixe says and use an SMTP config (or any other authenticated mail transport config).
Thanks both of you for these explanations.
I was a bit confused on this subject.