Zend Framework中的SMTP身份验证
[英]SMTP Authentication in Zend Framework
问题描述
Here's a scenario; 
这是一个场景; I want to send email using PHP and Zend Framework. 我想使用PHP和Zend Framework发送电子邮件。 Here's an example on how this is usually done: 这是一个关于如何做到这一点的例子:
$smtp = new \Zend_Mail_Transport_Smtp(array(
'host'=> 'localhost'
, 'auth' => 'login'
, 'ssl' => 'TLS'
, 'username' => 'john'
, 'password' => '123'));
\Zend_Mail::setDefaultTransport($smtp);
$mail = new \Zend_Mail();
$mail->addTo('jane.smith@localhost', 'Jane Smith');
$mail->setSubject('Greetings');
$mail->setBodyText('Hi there');
$mail->setFrom('john.smith@localhost', 'John Smith');
$mail->send();
My question is, how can we make sure that the from address (in this case 'john.smith@localhost') actually exists and it belongs to the username and password provided to SMTP connection? 我的问题是,我们如何确保from地址(在本例中为'john.smith@localhost')实际存在并且它属于提供给SMTP连接的用户名和密码? Because if it is not, then I can send email on behalf of anyone! 因为如果不是,那么我可以代表任何人发送电子邮件!
[UPDATE] [UPDATE]
I believe I found a partial answer to my own question. 我相信我找到了自己问题的部分答案。 It should be done through IMAP / POP3 protocols. 它应该通过IMAP / POP3协议来完成。 But yet these two protocols take in a username and password in order to athenticate and so you can not check for the association between the provided username and an email address. 但是这两个协议接受用户名和密码以进行身份验证,因此您无法检查提供的用户名和电子邮件地址之间的关联。 So the question is how to authenticate an email address through IMAP / POP3 in PHP and Zend Framework? 那么问题是如何通过PHP和Zend Framework中的IMAP / POP3验证电子邮件地址?
1 个解决方案
解决方案1
2 已采纳 2012-03-05 14:37:52
SMTP does allow to send emails as anyone. SMTP允许以任何人的身份发送电子邮件。 This is why most security-oriented people promote the use of digital signatures. 这就是大多数面向安全的人促进使用数字签名的原因。
Validation can be done by the SMTP itself. 验证可以由SMTP本身完成。 Gmail's SMTP will refuse to send emails with an address not attached to the account for example. 例如,Gmail的SMTP将拒绝发送未附加到帐户的地址的电子邮件。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.