从PHP发送电子邮件时使用SSL / TLS
I am very new to email servers and sending email with PHP...
Is it possible to have email sent from a PHP script on my server encrypted using SSL or TLS before it is sent to the recipient's mail server?
I need to ensure only the intended recipient can read the email, in case the transmission is intercepted on its journey to their mail server.
I am not sure if this is possible, as the recipient's mail server would not know the public key right? So how could it decrypt the email?
As background, I am not actually hosting email accounts for anyone - so it is not a case of the users authenticating with my server and downloading emails for them hosted there. I just have a script triggering an alert email to be sent from "notifications@danbaylis.com" (which is not a real email address on the server so you can't reply to it) to the user's real email address (which my application knows). I need a way to make sure this email is securely sent from PHP on my server, to the recipients mail server.
I have looked at the mail() function in PHP, as well as the PHPMailer class - but I am not sure how I would configure either of these methods to securely send the email.
All my research just shows how to install SSL in on my server so users can securely download email stored on my server - which is not what I am trying to do here.
I am running Centos5.7 which I believe has a mail server installed, though I am not sure if PHP actually uses that by default..
Thanks for any help!
我是电子邮件服务器和用PHP发送电子邮件的新手...... p> 在将服务器上的PHP脚本发送到收件人的邮件服务器之前,是否可以使用SSL或TLS加密发送的电子邮件? p>
我需要确保只有预期的收件人 可以阅读电子邮件,以防传输在其邮件服务器的旅程中被截获。 p>
我不确定这是否可行,因为收件人的邮件服务器不知道公钥 对? 那么它如何解密电子邮件? p>
作为背景,我实际上并不是为任何人托管电子邮件帐户 - 所以不是用户通过我的服务器进行身份验证并为他们下载电子邮件的情况 在那里举办。 我只是有一个脚本触发一条警报电子邮件,从“notifications@danbaylis.com”(这不是服务器上的真实电子邮件地址,因此你无法回复它)发送到用户的真实电子邮件地址(我的应用程序) 知道)。 我需要一种方法来确保将此电子邮件从我的服务器上的PHP安全地发送到收件人邮件服务器。 p>
我查看了PHP中的mail()函数,以及 PHPMailer类 - 但我不确定如何配置这些方法中的任何一个来安全地发送电子邮件。 p>
我的所有研究都只显示如何在我的服务器上安装SSL以便用户可以 安全地下载存储在我服务器上的电子邮件 - 这不是我想在这里做的。 p>
我正在运行Centos5.7我认为安装了邮件服务器,但我不确定 如果PHP在默认情况下实际使用它.. p>
感谢您的帮助! p> div>
The type of encryption you are looking for is not SSL/TSL, which is used to encrypt transmission between the client (PHP) and the SMTP server which will send it on. SSL/TLS makes no guarantee that the data will be encrypted all the way to its endpoint. In fact, it almost certainly won't be as the data is relayed between SMTP servers and switches along the way.
Instead you are looking for PGP encryption, which can be implemented in PHP using the GnuPG functions. You must encrypt the message using your recipient's public key. It can then only be decrypted and read with the recipient's private key, held by the recipient alone.
To implement this in mail(), you would first encrypt the message body, then pass the encrypted, ascii armored block to mail() as its third parameter. Message headers will not be encrypted, only the body.
Addendum
The way secure message transmission is handled by most banks and medical services (in the US, anyway) is not to send email at all. Instead, messages which must be kept secure are stored in a user's "inbox" with the website. The user must login (over SSL) to the website to read messages in the secure inbox. Email is only sent to notify the user that new messages are waiting.
You can't guarantee that an email will be delivered to the recipient's mailbox. The ONLY place you is the connection between your mail client, and your outgoing SMTP server. After that, it's utterly out of your hands.
If you need to guarantee privacy on the email, you'll have to encrypt the body of the email. What you want is an S/MIME or PGP message. Not that this still leaves SOME information publicly available - the mail body will be encrypted, but addressing information will necessarily still be readable - intermediate mail servers still need to know how to deliver the mail