smtp.gmail.com vs ssl://smtp.gmail.com 使用 gmail smtp 服务器发送电子邮件
根据此
Gmail SMTP 服务器也可用于中继来自您的设备或应用程序.您可以使用连接到 Gmail 邮件服务器SMTP、SSL/TLS.如果使用 SMTP 连接,则只能发送邮件到Gmail 或 Google Apps 用户;如果您使用 SSL/TLS 连接,您可以发送邮寄给任何人.
Gmail SMTP Server could also be used to relay messages from your device or application. You can connect to Gmail mail servers using SMTP, SSL/TLS. If you connect using SMTP, you can only send mail to Gmail or Google Apps users; if you connect using SSL/TLS, you can send mail to anyone.
如果您的设备或应用程序支持 SSL - 连接到 smtp.gmail.com在 465 端口上.
If your device or application supports SSL - connect to smtp.gmail.com on port 465.
所以我尝试在端口 465 上连接到 smtp.gmail.com.我收到以下错误:
So I tried connecting to smtp.gmail.com on port 465. I got the following error:
无法使用 PHP SMTP 发送电子邮件.您的服务器可能不是配置为使用此方法发送邮件.
Unable to send email using PHP SMTP. Your server might not be configured to send mail using this method.
一些代码使用另一个地址ssl://smtp.gmail.com".
Some code uses another address "ssl://smtp.gmail.com".
当我还在端口 465 上使用 ssl://smtp.gmail.com 时,我的应用程序现在可以正常工作了.
When I use ssl://smtp.gmail.com also on port 465, my application now works correctly.
- 如果 ssl://smtp.gmail.com 和 smtp.gmail.com 也使用 ssl 有什么区别?
- 为什么我们不能在没有 SSL 的情况下向其他域发送电子邮件?出于安全目的,这是否仅由 gmail 完成?
我对此非常陌生.谁能解释一下?如果重要,我正在使用 php.
I am extremely new at this. Can anyone explain? I am using php if it matters.
推荐答案
主机名前加ssl://
和不加前缀的区别在于底层流是否为通过 OpenSSL 包装,或以纯文本形式说话.
The difference between the prefixing the hostname with ssl://
and without it is whether or not the underlying stream will be wrapped through OpenSSL, or speak in plain text.
当您在端口 465 上连接到 Gmail 时,它预计客户端将使用 TLS 加密.您看到的错误消息很可能是连接到一个期望加密连接的服务的一般结果,而该服务只是试图以纯文本形式写入和读取数据.
When you connect to Gmail on port 465, it expects the client will use TLS encryption. Most likely, the error message you were seeing was a general result of connecting to a service expecting an encrypted connection when it was just trying to write and read data in plain text.
当您使用 ssl://
包装器连接到支持 TLS 或 SSL 的服务时,PHP 为您创造了奇迹.它允许您以与未加密连接相同的方式在流上读取和写入(使用 fread/fwrite),并且所有握手、加密和解密都在后台完成,只需为主机添加前缀使用 ssl 包装器.
PHP does magic for you when you use the ssl://
wrapper to connect to a service that supports TLS or SSL. It allows you to read and write on the stream (using say fread/fwrite) in the same manner you would on an unencrypted connection and all the handshaking, encryption, and decryption is done in the background having to do no more than prefix the host with the ssl wrapper.
至于第二个问题,很可能与安全有关.为了中继(将邮件发送到另一个域),您需要通过 SMTP 进行身份验证,这绝不应该以明文形式完成,而您可以使用未加密的连接在端口 25 上进行连接,并将邮件发送给 Gmail 用户而无需进行身份验证(这是最外面的邮件服务器在其用户之一向 Gmail 发送邮件时执行此操作).但从技术上讲,没有什么可以阻止他们允许您使用未加密的连接发送邮件,甚至使用 Gmail 凭据进行身份验证(这称为开放中继,通常被垃圾邮件发送者严重滥用).
As to the second question, it is most likely security related. In order to relay (send mail to another domain) you need to authenticate over SMTP which should NEVER be done in cleartext while you can connect on port 25 using an unencrypted connection and send mail to a Gmail user without authenticating (this is what most outside mail servers do when one of their users which to send mail to Gmail). But technologically, there's nothing preventing them from allowing you to send mail using an unencrypted connection, or even authenticating with Gmail credentials (this is called an open relay and is usually badly abused by spammers).
您可以通过阅读 SMTP 协议、STARTTLS
命令和一般的 TLS 加密来了解有关第一个问题的更多信息.STARTTLS
允许客户端通过未加密的连接连接到邮件服务器,然后协商(升级)连接以使用加密,另一方面,到端口 465 的连接期望 TLS 握手发生建立连接后,在任何协议 (SMTP) 通信发生之前.
You can learn more about your first question by just reading about the SMTP protocol, the STARTTLS
command, and TLS encryption in general. STARTTLS
allows a client to connect to the mail server over an unencrypted connection and then negotiate (upgrade) the connection to use encryption, where on the other hand, connections to port 465 expect a TLS handshake to occur as soon as the connection is established and before any protocol (SMTP) communication occurs.
相关文章