Web lists-archives.com

Re: [PHP] PHP mail() and SMTP Authentication ?






On 6/27/2015 7:33 AM, Richard wrote:

------------ Original Message ------------
Date: Saturday, June 27, 2015 08:08:44 AM +0100
From: Ashley Sheridan <ash@xxxxxxxxxxxxxxxxxxxx>


On 27 June 2015 00:28:36 BST, dealTek <dealtek@xxxxxxxxx> wrote:
Hi all,

I'm working on a server and want to send out mail either from a
form to email or get email address from database then send

I'm using PHP mail()

currently the mail send out fine with simple  PHP mail() ...

but do I need to us PHP mail() and some kind of SMTP
Authentication to lock it down?


PHPMailer... or some better way?
do I need to install something like this on the server?

https://github.com/PHPMailer/PHPMailer

If so what's best with PHP mail() ? or is there some more modern
way to lock it down...

What do you mean my locking it down? Do you mean to prevent it
being used in a spam relay?

You also need so provide a sense of how sending mail is handled in
your current environment. E.g., are you running an MTA on your
server and sending out directly; are you running an MTA that is
configured to pass mail to a "smarthost"; do you send mail via a[n
authenticated] submission port?

Whether authentication is required or not is really an MTA
configuration issue. If your server is running an MTA and able to
send mail out directly (or via a smarthost) then you need to manage
the MTA's configuration in order to control who/what can send.

just for an example, my system connects to a locally running MTA that only accepts mail on 127.0.0.1 and forwards to a smart host. Authentication is handled by the MTA. Make sure you've set up adequate security provisions to keep your system from being exploited by spammers and their ilk.

--Curtis

--
Curtis Maurand
curtis@xxxxxxxxxxx <mailto:curtis@xxxxxxxxxxx>
207-252-7748