phpMailer not arriving in Hotmail?

Question

After setting up SPF Record i still am here to verify why i cannot recieve this email to hotmail account. I am able to send it to gmail with no issues. Please confirm if the code is correct, and SPF record is correct:

<?php 

require_once 'PHPmailer/class.phpmailer.php';
$mail = new PHPMailer();


$body = "Thankyou for your Purchase. <br/><br/> Here is your Policy! You are now Protected during your Travels.";

$mail->AddAddress('$payer_email');
$mail->From = "[email protected]";
$mail->FromName = "Name";
$mail->Subject = "Thankyou for Your Purchase";
$mail->MsgHTML($body);
$mail->AddAttachment("tosend/xxx.pdf");
if(!$mail->Send()) {
echo "There was an error sending the message";
    $sql = "UPDATE purchases SET policy_sent = 'Not Sent' WHERE id = '$lastid' ";
    $stmt = $mysqli->query($sql);
    $mysqli->close();
exit;
}
echo "Message was sent successfully";
$sql = "UPDATE purchases SET policy_sent = 'Sent', email_to = '$payer_email' WHERE id = '$lastid'";
$stmt = $mysqli->query($sql);
$mysqli->close(); 
?>

Here is the SPF:

v=spf1 a mx include:secureserver.net ~all

Are all these correctly configured?

Answer 1

Use SMTP Auth, then Hotmail wouldn't complain anymore. Anonymous mails are considered as spam by almost all receiving servers.

$mail->SMTPAuth   = true;                  // enable SMTP authentication
$mail->Host       = "mail.yourdomain.com"; // sets the SMTP server
$mail->Port       = 26;                    // set the SMTP port
$mail->Username   = "yourname@yourdomain"; // SMTP account username
$mail->Password   = "yourpassword";        // SMTP account password

But ofc. depending on whether you have control over your SMTP or not, you should make sure, that basic stuff like reverse-dns-lookup is setup properly

---

Due to the discussion in the comments, I want to add a little bit more information about my thinking about why SMTP Auth will fix this:

IF you are using PHPMailer without the definition of an SMTP-Server, PHPMailer will operate in mail mode, which will just call the mail() function of php.

The mail-function itself will use the smtp-settings configured in the PHP-INI file, or the default values, which are listed here: http://php.net/manual/en/mail.configuration.php

defaults:

SMTP = "localhost" 
smtp_port = "25" 

Since the OP has configured a local mail server (or why would he setup MX-records?), php will now connect to this SMTP-Server without Authentication. The Server will accept the message and send it to the next server.

(Same applies if unix' sendmail is used)

Each Server in the chain and especially the receiving server can now see, that a private SMTP has been used and no Authentication has been provided. That is already Spam-Score over 9000 because with a setting like that (theoretically) everyone could use that server to send mails! Restrictions like only from localhost are ofc. not known by other servers, therefore that SMTP is considered to be an Open Mail Relay http://en.wikipedia.org/wiki/Open_mail_relay

Switching PHPMailer to SMTP-Auth (EVEN if still the local SMTP Server is used) will add This information to the Entry created by the server when forwarding the mail. The Entry will look like this:

Received: from SERVER1 ([xxx.xxx.xxx.xx]) by mydomain.de with ESMTPA 

The trailing A after ESMTPA now tells the receiving Server, that Server1 has used a valid user account on mydomain.de to start the sending-attempt, which means that the SMTP-Server knows the origin of the mail and could provide information about the sender.

Still, the local SMTP-Server is not a known one, so in this case it might end up beeing greylisted and checked on various RBLs, which shouldn't be any problem in this case.

If the (local) SMTP-Server now passes ALL checks (Reverse-DNS Lookup, Greylisting, RBLs and what not) - the mail has a good chance to be successfully delivered, even if no remote smtp is used, because the server could be successfully authenticated as well as the sender using that server. (Otherwise no company could setup own servers)

So, using SMTP-Auth (Or any other authentication method) will also have an impact, even if no remote-SMTP Server is used.

Authenticated Mails are not a guarantee for not beeing considered as spam - but unauthenticated Mails are definitly ranked higher in the Spam-Score of common systems.