PHP email encryption

Question

I have a website with an SSL.

I would like to encrypt outgoing emails from my server. I've been digging around at this and I really don't know where to begin.

Here is my PHP email script so you have an idea of what I'm using:

public function email($to, $title, $message){
    $from = "angela@mysite.com";
    $headers = "From: {$from}\r\n";
    $headers .= "X-Confirm-Reading-To: {$from}\r\n";
    $headers .= "Reply-To: {$from}\r\n";
    $headers .= "Organization: InfiniSys, inc.\r\n";
    $headers .= "MIME-Version: 1.0\r\n";
    $headers .= "Content-type: text/html; charset=ISO-8859-1\r\n";
    $headers .= "X-Priority: 3\r\n";
    $headers .= "X-Mailer: PHP". phpversion() ."\r\n";

    $subject = $title;
    mail($to, $subject, $message, $headers);
}

Ubuntu 14.04

I'm not sure if this is a server setting or programming config.

Very interesting post: (can't remember where I got it)

<?php
// Setup mail headers.
$headers = array("From" => "someone@example.com",
    "To" => "someone-else@example.com",
    "Cc" => "spam@somewhere.org",
    "Subject" => "Encrypted mail readable with most clients",
    "X-Mailer" => "PHP/".phpversion()
);

// Get the public key certificate.
$pubkey = file_get_contents("C:\test.cer");

// Remove some double headers for mail()
$headers_msg = $headers;
unset($headers_msg['To'], $headers_msg['Subject']);
$data = <<

This email is Encrypted!

You must have my certificate to view this email!

Me

EOD;

//write msg to disk
$fp = fopen("C:\msg.txt", "w");
fwrite($fp, $data);
fclose($fp);

// Encrypt message
openssl_pkcs7_encrypt("C:\msg.txt","C:\enc.txt",$pubkey,$headers_msg,PKCS7_TEXT,1);

// Seperate headers and body for mail()
$data = file_get_contents("C:\enc.txt");
$parts = explode("\n\n", $data, 2);

// Send mail
mail($headers['To'], $headers['Subject'], $parts[1], $parts[0]);

// Remove encrypted message (not fot debugging)
//unlink("C:\msg.txt");
//unlink("C:\enc.txt");
?>

Answer 1

Check out this post where a user suggests to use PHP Mailer.

You can use phpmailer to send outgoing messages through gmail's SMTP server (smtp.gmail.com), and it has options to connect to the SMTP server by SSL. phpmailer is very simple to setup - just a few PHP files to copy to your server.

Here is a great tutorial

If you don't want to use a third library, you'll need to communicate with a SMTP server using socket and send all the commands manually.

Check out this RFC to know how the protocol works

Answer 2

Try Using PHPMAILER It's really Easy You can find all Username and password from your Cpanel Email Account option

$to= "example@gmail.com";
require 'phpmailerlibrary/PHPMailerAutoload.php';

$mail = new PHPMailer;

//$mail->SMTPDebug = 3;                               // Enable verbose debug output

$mail->isSMTP();                                      // Set mailer to use SMTP
$mail->Host = 'mail.example.com';  // Specify main and backup SMTP servers
$mail->SMTPAuth = true;                               // Enable SMTP authentication
$mail->Username = 'support@example.com';                 // SMTP username
$mail->Password = '*****';                           // SMTP password
$mail->SMTPSecure = 'tls';                            // Enable TLS encryption, `ssl` also accepted
$mail->Port = 25;                                    // TCP port to connect to

$mail->setFrom('support@twekr.com', 'example Inc.');
$mail->addAddress($to);     // Add a recipient
$mail->addReplyTo('support@example.com', 'Support');
$mail->addCC($to);
$mail->addBCC($to);


$mail->isHTML(true);                                  // Set email format to HTML

$mail->Subject = 'Subject of Email';
$mail->Body    = 'Content of your html email';
$mail->AltBody = 'Please Upgrade Your Browser to view this email';

if(!$mail->send()) {
echo "Unable to send email"; exit;
}

You should Use TLS as it is also encryption method 90% website uses including google too.