Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 9132
  • Last Modified:

php.ini & SMTP= - how do you pass username & password

My ISP account requires that I send a username & password for outbound SMTP mail. How do I get PHP to use this when executing php.mail()? The php.ini file only contains entries for the server (SMTP= ) and From: (sendmail_from= ).

I suppose that I could run a localhost SMTP service which itself doesn't need username/password but which knows how to talk with my ISP and supply username/password, but this seems like overkill. Can't PHP send this directly?

John
0
john-m-calvert
Asked:
john-m-calvert
  • 4
  • 4
  • 2
  • +1
1 Solution
 
carchitectCommented:
0
 
john-m-calvertAuthor Commented:
Thanks for your reply. I'm aware of this link and http://www.php.net/manual/en/function.mail.php as well, neither of which mentions how to specify a username / password for outgoing SMTP mail. The php.ini has settings for host and port (SMTP= and SMTP_port= ) but what about SMTP_user= and SMTP_pwd= ?
0
 
pcaylorCommented:
Just add these two lines into your PHP.INI file

SMTP_user=username
SMTP_pwd=xxxxx

-Peter
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
carchitectCommented:
does this really work....
0
 
Richard QuadlingSenior Software DeverloperCommented:
Not according to the source.

No mention of smtp_user or smtp_pwd.

Also, the source has no code to deal with logons for smtp servers.

It does ...


sprintf(Buffer, "HELO %s\r\n", LocalHost);
snprintf(Buffer, MAIL_BUFFER_SIZE, "MAIL FROM:<%s>\r\n", RPath);
snprintf(Buffer, MAIL_BUFFER_SIZE, "RCPT TO:<%s>\r\n", token);

No USER or PASS.

So, basically not supported.

Richard.
0
 
Richard QuadlingSenior Software DeverloperCommented:
A solution would be to do the whole job manually with sockets.

That way you are in TOTAL control. But that would be wheel re-invention.

Do any of the mail classes (MIME_HTML, etc) support secured SMTP access?
0
 
john-m-calvertAuthor Commented:
Thank you Richard for that informed answer. My original mention of "SMTP_user=" and "SMTP_pwd=" was pure wishful thinking, although perhaps that wasn't clear to the other respondents.

Could you add one more detail to your reply? You mention referencing the source code. Source for what module exactly, and where can mere mortals view this?
0
 
Richard QuadlingSenior Software DeverloperCommented:
Source of PHP.

You can download it from www.php.net (or the mirrors).

When you unpack the source, look in ...

php-4.3.1\win32\sendmail.c

Richard.
0
 
pcaylorCommented:
Ok, this code should do the trick.  It manages the SMTP connection via sockets, so you can add or remove authentication as you need it.

<?php
$smtp_server = "smtp.acme.com";
$port = 25;
$mydomain = "acme.com";
$username = "user"; // MS Exchange servers will probably require a
valid NT domain name as part of the username.  E.g., "ntdomain\user"
$password = "password";
$sender = "me@acme.com";
$recipient = "joe@company.com";
$subject = "test";
$content = "test";

// Initiate connection with the SMTP server
$handle = fsockopen($smtp_server,$port);
fputs($handle, "EHLO $mydomain\r\n");

// SMTP authorization
fputs($handle, "AUTH LOGIN\r\n");
fputs($handle, base64_encode($username)."\r\n");
fputs($handle, base64_encode($password)."\r\n");

// Send out the e-mail
fputs($handle, "MAIL FROM:<$sender>\r\n");
fputs($handle, "RCPT TO:<$recipient>\r\n");
fputs($handle, "DATA\r\n");
fputs($handle, "To: $recipient\n");
fputs($handle, "Subject: $subject\n\n");
fputs($handle, "$content\r\n");
fputs($handle, ".\r\n");

// Close connection to SMTP server
fputs($handle, "QUIT\r\n");
?>
0
 
john-m-calvertAuthor Commented:
Thank you pcaylor for this sample PHP script. It works great.

I'm a little rusty with my C, and I'm totally new to PHP, but if I'm reading the PHP C source code correctly, the critical function is SendText()in php-4.3.1\win32\sendmail.c which has the same socket conversation as the above PHP sample. So, if an ambitious C programmer wants to extend PHP to offer an authenticated version of mail(), that would be super duper! I'm not quite there yet as I don't have the appropriate build environment for the PHP C source code, but maybe next month ;)

All that is needed is a few lines of C and a convention as to where to retrieve the usr/pwd from in order to send the SMTP command and reply on the socket:
AUTH
username
password

John
0
 
john-m-calvertAuthor Commented:
Following pcaylor's PHP example SMTP socket code I was able to hack the PHP source code in C and add authentication to the mail() function. Thanks again for pointing me in the right direction.
0
 
Richard QuadlingSenior Software DeverloperCommented:
Can you share the PHP Source mods? Or have you passed it up to cvs?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now