Home » Php » email – How to change envelope from address using PHP mail?

email – How to change envelope from address using PHP mail?

Posted by: admin April 23, 2020 Leave a comment


I am using PHP with Apache on Linux, with Sendmail. I use the PHP mail function. The email is sent, but the envelope has the [email protected] in MAIL FROM (example [email protected]) and some remote mail servers reject this because the domain doesn’t exist (obviously). Using mail, can I force it to change the envelope MAIL FROM?

EDIT: If I add a header in the fourth field of the mail() function, that changes the From field in the headers of the body of the message, and DOES NOT change the envelope MAIL FROM.

I can force it by spawning sendmail with sendmail -t -odb -oi [email protected] and piping the email contents to it. Is this a better approach?

Is there a better, simpler, more PHP appropriate way of doing this?

EDIT: The bottom line is I should have RTM. Thanks for the answers folks, the fifth parameter works and all is well.

How to&Answers:

mail() has a 4th and 5th parameter (optional). The 5th argument is what should be passed as options directly to sendmail. I use the following:

mail('[email protected]','subject!','body!','From: [email protected]','-f [email protected]');


PHP Official documentation for mail()

bool mail ( string $to , string $subject , string $message [, string
$additional_headers [, string $additional_parameters ]] )

additional_parameters (optional)

The additional_parameters parameter can be used to pass additional
flags as command line options to the program configured to be used
when sending mail, as defined by the sendmail_path configuration
setting. For example, this can be used to set the envelope sender
when using sendmail with the -f sendmail option.

This parameter is escaped by escapeshellcmd() internally to prevent
command execution. escapeshellcmd() prevents command execution, but
allows to add additional parameters. For security reasons, it is
recommended for the user to sanitize this parameter to avoid adding
unwanted parameters to the shell command.

Since escapeshellcmd() is applied automatically, some characters that
are allowed as email addresses by internet RFCs cannot be used. mail()
can not allow such characters, so in programs where the use of such
characters is required, alternative means of sending emails (such as
using a framework or a library) is recommended.

The user that the webserver runs as should be added as a trusted user
to the sendmail configuration to prevent a ‘X-Warning‘ header from
being added to the message when the envelope sender (-f) is set using
this method. For sendmail users, this file is /etc/mail/trusted-users.


You can try this (im not sure tho):

ini_set("sendmail_from", [email protected]);


I would also recommend checking into PHPMailer. It’s great for creating and sending email, making the process a lot easier, along with support for SMTP.


What you actually need to do is change the hostname of the machine Apache is running on, plus the user Apache is running as.

In your current case it is:

  • Apache user:nobody
  • Server hostname: conniptin.internal

Changing those two values is pretty simple and will solve the root of your problem.

Although if you need to do it from PHP then perhaps use the system/exec functions. I do not think it will work in practice though, as you need to restart Apache and probably also the entire host for the new names to be used.