Everyone knows spam. Everyone hates spam. And everyone who has his email-address written on the net (for example in the NIC-records for a domain) gets a lot of spam.

I am one of those guys who gets a lot of spam. Of course there are anti-spam solutions out there, but the best would be to not even receive spam. And spam filters need a lot of work and / or do not filter 100% perfect. That is why I decided to use a public email that has to go through a “gatekeeper”. A PHP-script that tells everyone that this is not my real mail address, but that there is another one where I could be contacted.

That email-address is not displayed in plain text but as an image to get rid of all those bots. SOME bots however should be able to get through: For example my hoster who needs to validate my email periodically. So these messages just are being forwarded.

I wanted to be as simple as possible. That’s why this script does not need much more than plain php. Only a replacement for phps “mail” was needed.

First step: Download swiftmailer. Just put the contents of the “lib” – directory onto your web space. That’s it. Ready to go.

Simple include the following line to access swiftmailer:

To access your mail you need to enter the IMAP-Settings. POP would work, too, but IMAP would be much more useful because we do not want to download the email-body of the messages processed:

Now enter your email-addresses. $targetMail is your real (“hidden”) email-address where valid emails should be forwarded to. $thisMail is the public address that receives the spam.

Next you need to create an image with your favourite picture editing tool (GiMP, Paint.NET, PaintShopPro, etc.) This image should only contain your private email. Take a font you like. You might also use a “Captcha”-font. I – personally – hate that… 🙂

Upload that image to your web server and enter the url of that image. PNG would be a good choice.

Next, enter the text the sender should receive. By default everyone receives $templateHtml. For those who do not have the capabilities to display html (or don’t want to) a simple text-mail ($templatePlain) will be displayed. Users with a html-browser will see your email-image directly in the mail. Plain-text mail-clienst will display a link to the image instead.

$templateForward defines the mail content YOU will see if a mail is forwarded to you from a valid sender

So it is time to be creative 🙂

As you can see there are two special tags in those templates. “__EMBED__” will be replaced with the embedded image (html-template only) and “__URL__” will contain a link to that image.

The last variable you can define is the white-list. Everything entered there is interpreted as a valid sender. Enter multiple values seperated by commas.

that’s all for configuration. Now just some explanation what the script does:

First of all the script checks your IMAP-Server for unread messages. It collects the header of each of those messages and compares the sender with the white-list. If the sender is recognized, the mail body is downloaded and sent as an attachment to the mail address you defined as $targetMail.

If the sender is not in the white-list, an automatic reply is generated using your html-template. It contains the image you downloaded as an attachment and embedded image of the mail. The last step is to mark the mail as read so it won’t be processed again.

In a perfect world…

Everything works now. But you can (and will) get problems sending the mail to the sender if the sender’s address does not comply with RFC 2822. While most spammers DO comply, mom DOESN’T… 🙂 That’s because there is a mail client from a tiny little software company in Redmond, where they do not know much about standards. But this is no big problem at all. Just open lib\classes\swift\Mime\Headers\MailboxHeader.php from swiftmailer and put /* */ around the throw-part of the last function:


So finally here is the complete script.


Just save this program as “reply.php”, send test-mails and open “reply.php” in your browser to test the settings. When everything works fine you can simply add a cronjob so this script is run automaticly. The following example runs the script every 5 minutes:


Just use the comments if you need any help