I understand SMTP is often used to send mail to client addresses, because the host may be considered spam and blocked. In this case, suppose I have a website with a few contact forms, that sends an email to the administrator's email account (eg. gmail). Because the email is sent to the admin, does SMTP have any benefits in reliability or security? Additionally, if the host sends email directly, does the host server need an 'email account'?
There is nothing particularly wrong with this approach. Many large frameworks and CMS systems use email as a way of contacting the admins for internal messages (software updates needed) or for contact form submissions from users.
If your framework has built-in API calls for transactional mailers, check those out - eg: Laravel recommends a couple of mail providers that already have API calls baked into the framework.
If you are using pure PHP, I can strongly recommend the excellent PHPMailer library over the built-in mail() function - PHPMailer is far easier to set up for SMTP.
The admin will need an account to send mail from, but if this is purely for site -> admin communication you can use the same gmail account for both the sending and receiving.
Note about gmail:
If you are going to use a gmail account to send, the account needs to have access for less secure apps enabled. You will also need to ensure that you don't annoy the Google admins with the volume of mail. Things like spam detection can be ignored since all the mail is going to one account and that account can simply whitelist the sending address.
Note about SMTP:
SMTP is generally secure enough for this sort of thing, as long as you use SMTP over SSL/TLS. Do not send mail to an SMTP server unencrypted as the password will also travel unencrypted and your account will be hacked quickly. Do not use port 25.
I have a website on Azure Web Apps and want to enable SMTP settings to be able to receive emails through my websites contact form. One of the solutions that I found on this forum were to use an external SMTP. I went over to my web root and modified the php.ini file, changing the default SMTP settings to the external SMTP I want to use. I changed the SMTP server name and the port number.
However, that does not suffice. I need to provide credentials for SMTP relay, and I don't understand how SMTP authentication comes into play here. I am currently using the mail function in my HTML form with PHP handling.
If someone could please guide me on the process, I'd be highly grateful.
Actually, on Azure, you don't need to use External SMTP server to send emails in your app. You can easily use SendGrid to satisfy this.
Here is a detailed guide on how to use the SendGrid email service from PHP: https://azure.microsoft.com/en-us/documentation/articles/store-sendgrid-php-how-to-send-email/.
i am using Ubuntu based ec2 instance, recently i have shifted my code on aws and it seemed email functionality is not working. I am using gmail SMTP service
below is my code
'Smtpmail'=>array(
'class'=>'application.extensions.smtpmail.PHPMailer',
'Host'=>"smtp.gmail.com",
'Username'=>'username',
'Password'=>'password',
'From'=>'from addr',
'setForm'=>'from name',
'Mailer'=>'smtp',
'SMTPSecure'=>'tls',
'Port'=>25,
'SMTPAuth'=>true,
),
this code is working on my unix based server but on aws it is giving below error
Mailer Error: The following From address failed: test#email.com : MAIL not accepted from server,530,5.5.1 Authentication Required. Learn more at 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 y6sm27370508qen.21 - gsmtp
Please help
MAIL not accepted from server
Because of the spam abuse that has historically been sent from people using EC2 instances, virtually ALL popular mail providers block the receipt of email from EC2 instances. The world of email and anti-spam measures is part-technical, part-political. For this reason, AWS offers Amazon Simple Email Service.
AWS works with mail providers to ensure that the nodes used by SES have been whitelisted because we do proper authorization/verification up-front.
In this case, the ability to send email from one server but not AWS is, in all likelihood, due to EC2's IP range being blacklisted by Google.
Authentication Required
If the same user/pass works elsewhere without changes, I'm not sure what to say. I know that lots and lots of mail traffic no longer uses port 25, opting instead for 587 for non-SSL and 465 for SSL. That's the first place I'd start poking to find a solution.
Using a TLS connection (port number: 587) on AWS Lambda.
How I solved the problem:
In your GMAIL account, turn on 2-factor authentication. This can be found under security settings when you go to general settings for your account.
Create a new App Password. (The field is right below the 2-factor). You can call it whatever you want. Just make sure to copy it.
Use that for your previous password.
I did that and I can send emails from AWS Lambda with no problem.
Note: You can't have "Less Secure Apps" turned on for this option. This will require you to use the App password for every application you use this email for. I had to make a few different passwords for the different apps that I use a random Gmail account for.
I got the idea from SMTP Authentication Error 534.
This has nothing to do with your ec2 instance (unless the relevant outbound ports are closed) but with the fact that Gmail really doesn't like a connection it can't identify. As stated in the thread, make sure you go to https://www.google.com/settings/security/lesssecureapps.
Then, once your instance tries to connect to the SMTP server (by sending an email in your web app I suppose), connect to your mail client with the gmail account credentials used for the SMTP connection (Gmail, thunderbird, whatever you normally use). You will have then received an email from google stating that there was some suspicious activity and that they blocked the connection, just tell them that the ec2 instance IP was indeed you and you will be all set.
I was using a Gsuite account. For me, it worked with the following steps
Make sure you have 2 step verification enabled
Generate App password from myaccount.google.com -> security (from left panel) -> 2-step verification (under "signing in to google" section)
Once 2 step verification is enabled then generate the app password.
Use that app password in your config/mail.php on .env along with the following settings
MAIL_DRIVER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
MAIL_USERNAME=
MAIL_PASSWORD=
MAIL_ENCRYPTION=tls
Open the terminal/ command prompt and connect to the EC2 server and run the following commands to clear config and cache
php artisan config:cache
php artisan cache:clear
If that still does not work then click on the following link (Make sure you are logged in with the account which you want to use to send email via Gsuite)
https://accounts.google.com/DisplayUnlockCaptcha
This only need to verify gmail account when u login from another ip address it will ask for verification that you are the same person same thing happen here it is not verified from amazon web server IP so it require to authenticate your IP.
Do only one thing will solve the issue. Login remotely on aws server and login your gmail account from here it will ask for verification give it and your mail will work easily.
If you use port 25 for SMTP you need to open SMTP port on EC2 instance security group inbound rules.
Note: Gmail does not offer port 25 in an unsecured connection. For use port 25 secure connection are required as per gmail Configuration requirements
Read this question & answer
How do I use Gmail SMTP with port 587 on AWS EC2?
Go to https://www.google.com/settings/security/lesssecureapps and set Access for less secure apps to On
This gmail security option if on Off detects if there is inhabitual connexion pattern and block the connexion unless you verify your identity, but you need a web interface to do so.
Log into your AWS account, add rule under security group of your instance and allow the SMTP, it will work, check the port number is important.
I run a website that allows users to send email newsletters using their SMTP, not the host's SMTP. In that case the user can connect directly with his/smtp to send email. I am aware that some hosting companies do not allow this. Does anyone know the way around this? I need to move my website from the present host.
You can use SwiftMailer (http://swiftmailer.org/). The user would need to give you there login information, but then you can login to their email account and send the emails from their account. This will work all the time since the host can't tell if it's a standard mail client trying to send email. You can even send through a gmail account.
If that's not what you want, then you are probably referring to relaying, which you can just give up on. Open relay has been one of the biggest security holes on mail servers for over a decade. Nobody should have that issue anymore.
I have an IIS server running PHP on an Apache Module. I am running a domain on it, and this domain has a seperate setup for email which uses an exchange server. When I try to send email from the website using php mail() the exchange server rejects it. I.e. the header from line is sender#this-domain.com and it is sending to receiver#this-domain.com, both are email addresses set up in the exchange, even though the sender has no direct relationship with exchange.
The emails are not getting through. We tried using a Yahoo adress in the from line but nothing. Has anyone ever come across a problem like this.
You have to either configure the exchange server to accept relay requests based on the origin ip or some transparent authorization mechanism (don't know much about IIS and Exchange and integrated windows authentication, but the good people over at http://serverfault.com do. ). Or use some mailing library that can handle smpt authentication like e.g. http://swiftmailer.org
I once ran into a problem like this which involved the Exchange server not wanting to accept anonymous connections or that it would only accept mail from certain SMTP servers. Have you checked the configuration on your Exchange server to eliminate those possibilities?