Should I use the Reply-To header when sending emails as a service to others?

email spam email-headers phishing
124,293

Solution 1

You may want to consider placing the customer's name in the From header and your address in the Sender header:

From: Company A <[email protected]>
Sender: [email protected]

Most mailers will render this as "From [email protected] on behalf of Company A", which is accurate. And then a Reply-To of Company A's address won't seem out of sorts.

From RFC 5322:

The "From:" field specifies the author(s) of the message, that is, the mailbox(es) of the person(s) or system(s) responsible for the writing of the message. The "Sender:" field specifies the mailbox of the agent responsible for the actual transmission of the message. For example, if a secretary were to send a message for another person, the mailbox of the secretary would appear in the "Sender:" field and the mailbox of the actual author would appear in the "From:" field.

Solution 2

I tested dkarp's solution with gmail and it was filtered to spam. Use the Reply-To header instead (or in addition, although gmail apparently doesn't need it). Here's how linkedin does it:

Sender: [email protected]
From: John Doe via LinkedIn <[email protected]>
Reply-To: John Doe <[email protected]>
To: My Name <[email protected]>

Once I switched to this format, gmail is no longer filtering my messages as spam.

Solution 3

After reading all of this, I might just embed a hyperlink in the email body like this:

To reply to this email, click here <a href="mailto:...">[email protected]</a>

Share:
124,293
Gavin
Author by

Gavin

I work for a small company in Adelaide, Australia. You wouldn't think our software is all that interesting - we provide software for companies who test soil, asphalt, concrete and so on - yet I love the job and the company.

Updated on July 08, 2022

Comments

  • Gavin
    Gavin almost 2 years

    Suppose we have an application that acts as a middleman, allowing Company A to send reports to their customers.

    Company A --> Company B (me)--> Company A's customers

    After getting the report we send email notifications to the recipients, but they necessarily originate from our company notifications email address e.g.

    [email protected] --> [email protected] --> [email protected]

    Now, customers tend to reply to those email notifications, wanting them to go back to whoever sent the report at Company A. Instead, they end up back at our address, [email protected].

    A simple solution may be to change the Reply-To header on the notifications we send to the relevant Company A address e.g.

    [email protected] --> [email protected] [Reply-To: [email protected]] --> [email protected]

    But my main concerns are:

    • the complete discrepancy in email address and domain between the From and Reply-To fields might make spam or phishing filters more eager to flag the emails
    • not all email clients may respect the Reply-To field when people actually click "Reply", and just use From instead. A lesser concern, unless widespread.

    Are these concerns founded at all? Or, are there other concerns I should have?

  • Gavin
    Gavin over 13 years
    I don't really want my owner answer upvoted, but worth mentioning is this useful question and answer, which basically confirms dkarp's answer too: stackoverflow.com/questions/2231897/…
  • Sean
    Sean about 10 years
    Is [email protected] just a generic catch-all address, or should it actually read [email protected] in your example?
  • Alex Lauerman
    Alex Lauerman about 10 years
    @Sean No, only John Doe and My Name are edited for my example. "Member" is unchanged.
  • Brian H.
    Brian H. almost 10 years
    This is the method we've used. However, we're now having problems with a few servers (...ehmm.. AOL) bouncing messages, stating they don't comply with their policy. The only explanation we've received is that the reply-to header and from header have different domains, even though this seems to be the exact intent of having two different headers. It's starting to get really frustrating to rely on email for B2B communications on multi-tenant apps any more.
  • EML
    EML over 9 years
    @BrianH: AOL and Yahoo apparently now have agressive DMARC validation. This has caused me problems with the 'From:' address to AOL. emailonacid.com/blog/details/C4/….
  • smhg
    smhg almost 8 years
    The downside of this approach is that the recipient's address book (in many e-mail clients) now contains "John Doe via LinkedIn <[email protected]>". And when an unknowing recipient wants to contact John Doe again, this address pops up when writing his name in the To field of a new message (thus: "via LinkedIn" is of significant importance from a UX side).
  • Aridane Álamo
    Aridane Álamo over 7 years
    If it's for circularization it won't work @a and @b are different domains, most servers don't allow to send in behalf of someone from another domain. B will have to forward it, but you can always add a hidden multipart. Everybody knows how to forward to another address.
  • David Alan Hjelle
    David Alan Hjelle over 6 years
    Any updates from 2018 on deliverability when using the From field in this way?
  • Lambart
    Lambart over 5 years
    Updated link for the blog post @EML linked to: emailonacid.com/blog/article/industry-news/… ... it does go into some depth on the aol/yahoo.com issues.
  • Jens
    Jens over 4 years
    As a related note, it looks like sending an email with the suggested header through Gmail will create a new entry X-Google-Original-From and place the From there, then replace From with the Sender.
  • Jos Faber
    Jos Faber about 3 years
    This is a very elegant solution.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

how to avoid email header Received: from unknown and email going to spam
Sending email using smtp and setting the message-id
PermError SPF Permanent Error: Too many DNS lookup
As a recipient, is it possible to detect if an email was sent via Gmail's "Schedule Send" vs. "Send"?
PHP - Send email from other domain without being spam!
sending mail with php & escaping hotmails junk folder
Fake Bounce Spam Emails in Gmail - Are These Really That Fake?
Gmail is marking my emails as SPAM - Please help
How to avoid getting spam through a website?
My website's email is being marked as spam, how do I analyse a X-CNFS-Analysis email header?