从PHP发送电子邮件时使用SSL/TLS [英] Using SSL/TLS when sending an email from PHP
问题描述
我对电子邮件服务器和使用PHP发送电子邮件非常陌生...
I am very new to email servers and sending email with PHP...
在发送给收件人的邮件服务器之前,是否可以使用SSL或TLS对服务器上的PHP脚本发送的电子邮件进行加密?
Is it possible to have email sent from a PHP script on my server encrypted using SSL or TLS before it is sent to the recipient's mail server?
我需要确保只有预定的收件人才能阅读电子邮件,以防传输到其邮件服务器的途中被拦截.
I need to ensure only the intended recipient can read the email, in case the transmission is intercepted on its journey to their mail server.
我不确定这是否可行,因为收件人的邮件服务器不知道公钥正确吗?那么如何解密电子邮件?
I am not sure if this is possible, as the recipient's mail server would not know the public key right? So how could it decrypt the email?
作为背景,我实际上并没有为任何人托管电子邮件帐户-因此,用户通过我的服务器进行身份验证并为托管在其中的用户下载电子邮件的情况并非如此.我只是有一个脚本触发从"notifications@danbaylis.com"(服务器上不是真实电子邮件地址,因此您无法回复)发送警报电子邮件到用户的真实电子邮件地址(我的应用程序)知道).我需要一种方法来确保将这封电子邮件从服务器上的PHP安全地发送到收件人邮件服务器.
As background, I am not actually hosting email accounts for anyone - so it is not a case of the users authenticating with my server and downloading emails for them hosted there. I just have a script triggering an alert email to be sent from "notifications@danbaylis.com" (which is not a real email address on the server so you can't reply to it) to the user's real email address (which my application knows). I need a way to make sure this email is securely sent from PHP on my server, to the recipients mail server.
我已经看过PHP中的mail()函数以及PHPMailer类-但我不确定如何配置这两种方法来安全地发送电子邮件.
I have looked at the mail() function in PHP, as well as the PHPMailer class - but I am not sure how I would configure either of these methods to securely send the email.
我的所有研究仅显示了如何在服务器上安装SSL,以便用户可以安全地下载服务器上存储的电子邮件-这不是我要在此处进行的工作.
All my research just shows how to install SSL in on my server so users can securely download email stored on my server - which is not what I am trying to do here.
我正在运行Centos5.7,我相信它已安装了邮件服务器,尽管我不确定PHP是否默认使用了该服务器.
I am running Centos5.7 which I believe has a mail server installed, though I am not sure if PHP actually uses that by default..
感谢您的帮助!
推荐答案
您要查找的加密类型不是SSL/TSL,它用于加密客户端(PHP)与将要发送的SMTP服务器之间的传输它在. SSL/TLS不能保证数据将一直加密到其端点.实际上,几乎可以肯定不会,因为数据是在SMTP服务器之间进行中继并一路转换的.
The type of encryption you are looking for is not SSL/TSL, which is used to encrypt transmission between the client (PHP) and the SMTP server which will send it on. SSL/TLS makes no guarantee that the data will be encrypted all the way to its endpoint. In fact, it almost certainly won't be as the data is relayed between SMTP servers and switches along the way.
您正在寻找PGP加密,可以使用 GnuPG函数在PHP中实现PGP加密.您必须使用收件人的公共密钥对邮件进行加密.然后只能将其解密,并使用接收者的私钥(仅由接收者持有)来读取.
Instead you are looking for PGP encryption, which can be implemented in PHP using the GnuPG functions. You must encrypt the message using your recipient's public key. It can then only be decrypted and read with the recipient's private key, held by the recipient alone.
要在mail()中实现此目的,您首先应加密消息正文,然后将加密的ascii铠装块作为第三个参数传递给mail().邮件标题不会被加密,只会被加密.
To implement this in mail(), you would first encrypt the message body, then pass the encrypted, ascii armored block to mail() as its third parameter. Message headers will not be encrypted, only the body.
附录
大多数银行和医疗服务机构(无论如何在美国)处理安全消息传输的方式根本就是不发送电子邮件.而是将必须保持安全的消息存储在网站的用户收件箱"中.用户必须登录(通过SSL)到网站才能阅读安全收件箱中的消息.发送电子邮件仅是为了通知用户有新消息正在等待.
The way secure message transmission is handled by most banks and medical services (in the US, anyway) is not to send email at all. Instead, messages which must be kept secure are stored in a user's "inbox" with the website. The user must login (over SSL) to the website to read messages in the secure inbox. Email is only sent to notify the user that new messages are waiting.
这篇关于从PHP发送电子邮件时使用SSL/TLS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
