Sending emails using Socket - a continuation of a good article turned into power online_PHP tutorial

Sending emails using Socket - continuation Author: limodou I have written an article before, introducing how to use socket programming to send emails to solve the problem that the web server does not support the mail() function. It works after my test. However, many free email providers (starting from 263, 163, and Sina soon) have added authentication functions to the SMTP function, making the original email sending class unusable. After studying the corresponding SMTP follow-up RFC and many experiments, I finally succeeded. So I introduce it to everyone with urgency. Introduction to SMTP authentication function I don’t want to introduce the SMTP authentication function to you in detail here, because I can’t explain it clearly. For details, please refer to the [RFC 2554] specification. The authentication function of SMTP mainly adds the AUTH command. The AUTH command has many uses, and there are many authentication mechanisms. The authentication mechanisms supported by AUTH mainly include LOGIN, CRAM-MD5[Note 1], etc. LOGIN should be supported by most free email servers, including 263 and Sina. Sina also supports the CRAM-MD5 mechanism. The authentication mechanism is generally only performed before the email is actually sent, and it only needs to be performed once. When the authentication is successful, the email can be sent as usual. The principle is Challenge-Response, that is, the server sends a command to ask the client to answer, and the client responds based on the information sent by the server. If the response is passed, the authentication is successful and the process can continue. Here is a brief introduction to these two productions. S: means returned by the server, C: means sent by the client. LOGIN It should be simpler. The password-response process is as follows: 1 C: AUTH LOGIN 2 S: 334 dXNlcm5hbWU6 3 C: dXNlcm5hbWU6 4 S: 334 cGFzc3dvcmQ6 5 C: cGFzc3dvcmQ6 6 S: 235 Authentication successful. 1 Send authentication instructions to the server for the client. 2 The server returns a base64 encoded string, and the success code is 334. The encoded string is decoded to "username:", indicating that the client is required to send the username. 3 The client sends the base64-encoded username, here "username:". 4 The server returns a base64 encoded string, and the success code is 334. The encoded string is decoded to "password:", indicating that the client is required to send the user password. 5 The client sends a base64-encoded password, here "password:". 6 After success, the server return code is 235, indicating that the authentication is successful and emails can be sent. For LOGIN authentication, the user name and password are actually encoded in base64 and issued separately according to the server's requirements. (In my opinion, since base64 is a public encoding standard, it does not provide much protection.) CRAM-MD5 mechanism For the mechanism of CRAM-MD5, please refer to the [RFC 2195] specification, which will not be explained in detail here. . Mainly through the password-response mechanism, the server sends an information string, which consists of a random number, a timestamp, and a server address, and is encoded in base64. After receiving it, the client sends a string consisting of the user name, a space, and a digest, and encodes it in base64. The summary is obtained through the MD5 algorithm. This mechanism requires that the server and client have the same encryption string. After the client sends the digest, the server verifies its validity and returns 235 after success. How do I know what authentication my mail server supports? In SMTP [RFC 821], after successfully connecting to the mail server, the first command is usually "HELO".But in a mail server that supports authentication, the first command should be changed to "EHLO" [Note 2]. After the command is successful, the return of 263 may be: EHLO hello 250-smtp.263.net [Note 3] 250-PIPELINING 250-SIZE 10240000 250-ETRN 250-AUTH LOGIN 250 8BITMIME It can be seen that 263 supports LOGIN authentication. Of course, if you already know what the mail server is, there is no need to automatically judge it, but if you don't know, you need to analyze the return result. However, most mail servers support the simplest LOGIN method. Okay, let’s start modifying the sendmail.class.php3 we wrote before. It doesn’t matter if you don’t. The package file of sendmail.class.php3 is provided at the end of this article and can be downloaded. As for the examples, I wrote them myself based on this article. Modify sendmail.class.php3 Here only the key points of the modification are stated, rather than a comprehensive analysis. First, let’s review the idea of ​​​​sendmail.class.php3 so that everyone can have an idea first. There are four functions in sendmail.class.php3, which are: The constructor of the send_mail class is used to initialize information. The send mail sending function executes the socket command and sends the mail. The do_command command execution function executes an smtp command and returns the processing. Result show_debug Display debugging information function First, the user should call the constructor of the class to initialize the necessary parameters. Such as SMTP server address ($smtp), welcome message ($welcome), and whether to display debugging information ($debug). At the same time, some internal variables must be initialized, such as the last executed command ($lalast), the last response message ($lastmessage), and the port number ($port=25). Then, the user generates email information and calls the send() function to send the email. In the send() function, according to the SMTP specification, one command is executed one after another (see the previous article for details). When executing a command, this is achieved by calling do_command(). If there is an error in the execution of do_command(), the program returns immediately, otherwise it continues to execute downwards. If the display debugging information flag is set, do_command() will return debugging information when the command is sent and the information is responded. Okay, everyone now has an understanding of its operation. Here is how to modify it. Modify the constructor (send_mail) Since the previous send_mail class does not support the authentication function, the authentication information must be added first. Three parameters have been added, $auth, $authuser, and $authpasswd. $auth is a flag indicating whether to use the authentication function. $authuser and $authpasswd are the username and password for SMTP authentication. According to the requirements of the corresponding mail service provider, for example, 263 is consistent with pop3. The same should be true for most. In this way, three internal variables need to be added after the internal variable table of the class: $auth, $user, $passwd. Modify the sending function (send) and change the sending command HELO to sending EHLO. At the same time, it is necessary to determine whether authentication processing is required: //Change to support ESMTP EHLO command if($this->auth) { $this->lastact="EHLO "; } else $this->lastact="HELO "; That is , if authentication processing is required, the EHLO command is sent, otherwise the HELO command is also sent. Then, add authentication processing: //2000.02.28 Add authentication processing if($this->auth) { $this->lastat="AUTH LOGIN" . " "; if(!$this->do_command($this->lafact, "334")) { fclose($this->fp); return false; } //Return the user name, encoded in base64 $this-> lastact=base64_encode($this->user) . " "; if(!$this->do_command($this->lastat, "334")) { fclose($this->fp); return false; } //Return the password, encoded in base64 $this->lastat =base64_encode($this->passwd) . " "; if(!$this->do_command($this->lafact, "235")) { fclose($this->fp); return false; } } Note that only the AUTH LOGIN mechanism, CRAM-MD5, is implemented here Not implemented. And there is no judgment on the information returned by the server. The default is to ask for the user name for the first time and the password for the second time. Modify the command execution function (do_command). The original function cannot display the situation when the response string is multiple lines. : /* Modified on 2000.02.28, the returned information will be displayed completely $this->lastmessage = fgets ( $this->fp, 512 ); $this->show_debug($this->lastmessage, "in"); */ while (true) { $this->lastmessage = fgets ( $this->fp, 512 ); $this->show_debug($this->lastmessage, "in"); if(($this->lastmessage[3]= = ) or (empty($this->lastmessage))) break; } In this way, the class has been changed. Test the send_mail class. Below is a small test program I wrote for sending a letter, but for safety reasons, I Do not use real information for the username and password. If you want to test, please change it to your own information. The program is as follows (send.php): include("sendmail.class.php3"); $sendmail=new send_mail("smtp.263.net", true, "username", "password", "hello", true); $sendmail->send("toemail, "fromemail", "test", "This is a test!"); ?> Conclusion The test of 263 went smoothly and relatively quickly.But Sina is not easy to succeed, mainly because it times out, and it cannot be received even if it is successfully sent. I don’t know why? Note: Since sending SMTP requires a username and password, and most SMTP authentication uses the same username and password as pop3. So if you use this method, you may write the username and password into the program and upload them to the server. But it is not safe to do so. Encryption is not necessarily easy to use, because the information is placed on the server, and the corresponding decrypted information will also be placed on the server. My suggestion is to apply for a mailbox specifically for sending credit, so that others will not be afraid if they find out. ​Hope this program is useful to you. sendmail.class.php3 download. Attachment: Related RFC RFC 1869 SMTP Service Extensions RFC 2195 IMAP/POP AUTHorize Extension (which contains instructions about CRAM-MD5) RFC 2222 Simple Authentication and Security Layer RFC 2554 SMTP Service Extension for Authentication --------- -------------------------------------------------- --------------------- [Note 1] CRAM=Challenge-Response Authentication Mechanism Password-response authentication mechanism MD5 is a digest algorithm, mainly used in RSA, PGP middle. [Note 2] See [RFC 1869] for a description of EHLO. [Note 3] In the mail server response string, if the response code is followed by a space ( ), it means that the response string has only one line; if it is a minus sign (-), it means there are multiple lines, and the last line of the response code is followed by a space ( ). The ownership of this article belongs to limodou. Please keep this information if you want to reprint it. Note: sendmail.class.php3 download address: http://www.zphp.com/files/sendmail.class

http://www.bkjia.com/PHPjc/531874.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/531874.htmlTechArticleUsing Socket to send emails--continuation author: limodou I have written an article before, introducing how to Use socket programming to send emails to solve the problem that the web server does not support mail() letters...