Should I use the Reply-To header when sending emails as a service to others?
EmailSpamEmail HeadersPhishingEmail Problem Overview
Suppose we have an application that acts as a middleman, allowing Company A to send reports to their customers.
> Company A --> Company B (me)--> Company A's customers
After getting the report we send email notifications to the recipients, but they necessarily originate from our company notifications email address e.g.
> [email protected] --> [email protected] --> [email protected]
Now, customers tend to reply to those email notifications, wanting them to go back to whoever sent the report at Company A. Instead, they end up back at our address, [email protected].
A simple solution may be to change the Reply-To header on the notifications we send to the relevant Company A address e.g.
> [email protected] --> [email protected] [Reply-To: [email protected]] --> [email protected]
But my main concerns are:
- the complete discrepancy in email address and domain between the From and Reply-To fields might make spam or phishing filters more eager to flag the emails
- not all email clients may respect the Reply-To field when people actually click "Reply", and just use From instead. A lesser concern, unless widespread.
Are these concerns founded at all? Or, are there other concerns I should have?
Email Solutions
Solution 1 - Email
I tested dkarp's solution with gmail and it was filtered to spam. Use the Reply-To header instead (or in addition, although gmail apparently doesn't need it). Here's how linkedin does it:
Sender: messages-noreply@bounce.linkedin.com
From: John Doe via LinkedIn <member@linkedin.com>
Reply-To: John Doe <John.Doe@gmail.com>
To: My Name <My.Name@gmail.com>
Once I switched to this format, gmail is no longer filtering my messages as spam.
Solution 2 - Email
You may want to consider placing the customer's name in the From
header and your address in the Sender
header:
From: Company A <joe.bloggs@a.com>
Sender: notifications@b.com
Most mailers will render this as "From [email protected] on behalf of Company A", which is accurate. And then a Reply-To
of Company A's address won't seem out of sorts.
From RFC 5322:
> The "From:" field specifies the author(s) of the message, > that is, the mailbox(es) of the person(s) or system(s) responsible > for the writing of the message. The "Sender:" field specifies the > mailbox of the agent responsible for the actual transmission of the > message. For example, if a secretary were to send a message for > another person, the mailbox of the secretary would appear in the > "Sender:" field and the mailbox of the actual author would appear in > the "From:" field.
Solution 3 - Email
After reading all of this, I might just embed a hyperlink in the email body like this:
To reply to this email, click here <a href="mailto:...">[email protected]</a>
Solution 4 - Email
I was looking into this recently, my answer is same as others, however, I believe its definitions are clearer to a layman:
From
should be described as the author of the messageSender
should be described as the transmitter of the messageReply-To
should not be confused with 1 and 2, it simply means where the receipient should write to if they choose to respond
Thus in some clients (e.g. Outlook 2003), you will see
> From: Sender
on behalf of From
Solution 5 - Email
Here is worked for me:
Subject: SomeSubject
From:Company B (me)
Reply-to:Company A
To:Company A's customers