-
-
Notifications
You must be signed in to change notification settings - Fork 9.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to unspoof my own Gmail and iCloud e-mails? #1110
Comments
What do you mean by "switch"? If gmail thinks you're spoofing messages, you probably are. Can you post your code? |
Here is the code:
|
You are spoofing the From address: $emailusuario = $_POST['email'];
$email->From = $emailusuario; Do it like the contact form example shows. |
No, I used it before several times and spent 3 days without sleeping, trying to repair it, it never worked with "switch". Look with attention to the switch. |
The switch has nothing to do with it. Spoofing only applies to the From address. |
I used this example and nothing worked. |
You need to define exactly how it doesn't work. I can't guess. You have a whole bunch of odd things in this script - You're not setting a message Body, you're not using the |
I replaced if Then I added:
I replaced I added and put the switch inside:
|
That looks better, but you're still sending an empty message body, and you're not showing any kind of error message if the email address is invalid (i.e. |
It is just an example. My body is looooonger. Do you want me to put 800 lines of code? :-)
It comes from the switch and is "echoed" inside $email->Body I want to remove
Does it seem better for you? |
I fixed my errors and updated my comment. |
I suggest putting a valid (i.e. within your domain) but non-responding address in the From address, like "noreply@...":
That should be all you need. The reply-to addresses will mean that your directors can simply reply to messages and they will go to submitters. Other little things - You're not validating |
No, it worked very well when I chose the determined subject, but without STMP and without these codes you suggested. The I have just had an interesting analysis after doing a test without STMP, if I sent my same own e-mail ([email protected]) as sender to my same own e-mail as receiver ([email protected]), Gmail classified it as spoof because I was spoofing myself. But if I sent my e-mail ([email protected]) as sender to my different e-mail ([email protected]) as receiver, Gmail didn't classify it as spoof because I wasn't spoofing myself. |
Ah, you didn't say you were sending through gmail - gmail doesn't allow sending from arbitrary addresses, though you can preset fixed aliases. This is mentioned in the troubleshooting guide. I saw where |
To validate that, I do not know how to fix or figure. :-/ Sorry! |
I copied my last code with your suggestions and it worked nothing. :-/ |
I don't know what problem you have now. Gmail won't let you spoof your from address; Nothing you put in your code will change that. Simple validation of the property would be to add a default case which will only be used if none of the expected values match, for example: default:
exit('Invalid option submitted'); |
It worked nothing either. |
Do you know why I put |
Yes - you're using it to switch between several different options for who to the send the message to and what subject line to use. But that has absolutely nothing to do with spoofing, and my point about validation was more about general coding technique, not as a spoofing solution. |
Then I want only the spoofing solution. To solution the spoofing problem, look that last code and does it look OK for you? |
No, because you're still using the user-submitted email address as the from address, which is straightforward forgery and won't work, as I said in my first response. |
I wrote up everything and copied and tested your example that you gave and nothing worked. |
I added many things from other examples, nothing worked. Your project has only errors. I gave up. I'm going to find an alternative. |
As I said before you're spoofing your from address and gmail won't allow that. It's nothing to do with your code, you've failed to say exactly how any of this has failed at all, and you've not shown a single error. It makes it very difficult to help you. Nobody will be able to help you find a solution if all you say is "it doesn't work". |
Ah, it showed "Sorry, message failed". I have to add |
This is basic PHP debugging - check your web server logs, where it will give you a proper error message from PHP - probably a syntax error. If you don't have access to that, set display_errors = true in your php.ini. |
I do not have access to php.ini. Can I send the attached zip to you by e-mail? |
OK, so do what the guide says and set |
Like it says, you need to authenticate to send through gmail - look at how to do that in the gmail example provided with PHPMailer. |
Yes, you need to read the error message and do what it says. |
Gmail doesn't like you authenticating in new ways, wants to be sure it's really you. |
Too bad, I have just read: https://productforums.google.com/forum/#!topic/gmail/9KCgzXY4G_c |
I read again this whole discussion. Without STMP, would Gmail accuse the e-mails of spoofing? So you argued that only Then what is the diference between |
An email message can have several addresses associated with it - the from address (who sent it), the to address (where it's going), and it can also have a reply-to address (you can actually have more than 1), which is where replies should go. If you don't provide a reply-to address, replies will go to the from address. If you want a reply to go somewhere that you don't have rights to send from, you can send the mail from yourself, but put a different address in reply-to, which will mostly achieve the same thing as sending from the other address. It used to be common to forge/spoof the from address, but it was exploited so much by spammers and phishing that it was blocked by almost everyone and resulted in SPF, which provides checking of email sources for a domain. There is also another address called the envelope sender. This is not used directly in message headers, but at the SMTP level as part of the MAIL FROM command. Usually this is set to the same address as the From address, but there are some circumstances where you might want to control this separately (e.g. bounce routing), and PHPMailer lets you set that. The server that receives a message takes this address and adds it to your received message as a return-path header, and if a message delivery fails, this is where the message is sent. You shouldn't need to worry about this address though. |
Salut @Synchro , En utilisant l'ancienne version de PHPMailer et avant, tout allait bien et nous recevions normalement les e-mails. Mas comme vous avez fait l'upgrade de la nouvelle version du PHPMailer, j'ai ajouté l'upgrade de la nouvelle version. Depuis l'upgrade et avec les configurations du SMTP, je recevais normalement les e-mail parce j'utilisais l-email de Gmail. Mais comme l'association athlétique utilise le SMTP différent, ils ne reçoivent pas les e-mails, je devais reajouter et readjuster les configurations du SMTP et ça ne fonctionne rien. Leur SMTP utilise le port 587. Et le TLS ne connait pas leur SMTP. J'ai ajouté les commentaires en français pour que vous puisse comprendre. Vous m'avez suggéré que j'ajoutais Voici le code-source : use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
date_default_timezone_set('America/Sao_Paulo');
require 'phpmailer/src/Exception.php';
require 'phpmailer/src/PHPMailer.php';
require 'phpmailer/src/SMTP.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST')
{
$curso = $_POST['cursos']; // prénom du cours de qui envoie le formulaire
$emailusuario = $_POST['email']; // l'e-mail de qui envoie le formulaire
$faculdade = $_POST['faculdades']; // prénom de l'université de qui envoie le formulaire
$idade = $_POST['idade']; // âge de qui envoie le formulaire
$ip = $_SERVER['REMOTE_ADDR']; // IP de qui envoie le formulaire
$mensagem = $_POST['mensagem']; // message de qui envoie le formulaire
$navegador = $_SERVER['HTTP_USER_AGENT']; // le browser de l'utilisateur qui envoie le formulaire
$nomeusuario = $_POST['nome']; // prénom et nom de qui envoie le formulaire
$pais = json_decode(file_get_contents("http:https://ipinfo.io/")); // IP du pays de qui envoie le formulaire
$telefone = $_POST['phone']; // téléphone de qui envoie le formulaire
$email = new PHPMailer();
try
{
$email->CharSet = 'utf-8';
$email->setLanguage('br', '/phpmailer/language/');
$email->isHTML(true);
$email->AddEmbeddedImage("imagens/logo-formulario.png", "logo-formulario", "logo-formulario.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/heart.png", "coracao", "heart.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/materialize.png", "materialize", "materialize.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/phpmailer.png", "phpmailer", "phpmailer.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/atom.png", "atom", "atom.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/apple.png", "apple", "apple.png", 'base64', 'image/png');
$email->SMTPDebug = 2; // Enable verbose debug output
$email->isSMTP(); // Set mailer to use SMTP
$email->Host = 'smtp.atleticaunisal.com.br'; // Specify main and backup SMTP servers
$email->SMTPAuth = true; // Enable SMTP authentication
$email->Username = '[email protected]'; // SMTP username
$email->Password = 'atleticaunisalorena'; // SMTP password
$email->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted
$email->Port = 587; // TCP port to connect to
$email->setFrom('[email protected]', 'Atlética UNISAL');
$email->From = $emailusuario; // l'e-mail de qui envoie le formulaire
$email->FromName = $nomeusuario; // prénom et nom de qui envoie le formulaire
switch ($_POST['sectores'])
{
case 'basqf':
$assunto = "Contato – Basquete Feminino";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Basquete Feminino";
$profissao = "diretora";
break;
case 'basqm':
$assunto = "Contato – Basquete Masculino";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Basquete Masculino";
$profissao = "diretor";
break;
case "dpf":
$assunto = "Contato – Departamento Financeiro";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Departamento Financeiro";
$profissao = "diretor(a)";
break;
case "dpm":
$assunto = "Contato – Departamento de Marketing";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Departamento de Marketing";
$profissao = "diretor(a)";
break;
case "dps":
$assunto = "Contato – Departamento Social";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Departamento Social";
$profissao = "diretor(a)";
break;
case 'duvidas':
$assunto = "Atlética UNISAL – Dúvidas";
$departamento = "[email protected]";
$indicao = "dúvidas";
$modalidade = "Atlética UNISAL";
$profissao = "gerente";
break;
case 'futebol':
$assunto = "Contato – Futebol";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "BFutebol";
$profissao = "diretor";
break;
case 'futsalf':
$assunto = "Contato – Futsal Feminino";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Futsal Feminino";
$profissao = "diretora";
break;
case 'futsalm':
$assunto = "Contato – Futsal Masculino";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Futsal Masculino";
$profissao = "diretor";
break;
case 'handf':
$assunto = "Contato – Handebol Feminino";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Handebol Feminino";
$profissao = "diretora";
break;
case 'handm':
$assunto = "Contato – Handebol Masculino";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Handebol Masculino";
$profissao = "diretor";
break;
case 'jiujitsu':
$assunto = "Contato – Jiu-jitsu Brasileiro";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Jiu-jitsu Brasileiro";
$profissao = "diretor";
break;
case 'sugestoes':
$assunto = "Atlética UNISAL – Sugestões";
$departamento = "[email protected]";
$indicao = "sugestões";
$modalidade = "Atlética UNISAL";
$profissao = "gerente";
break;
case 'tubatera':
$assunto = "Contato – Tubatera";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Tubatera";
$profissao = "diretor";
break;
case 'voleif':
$assunto = "Contato – Vôlei Feminino";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Vôlei";
$profissao = "diretor";
break;
case 'voleim':
$assunto = "Contato – Vôlei Masculino";
$departamento = "[email protected]";
$indicao = "dúvidas ou sugestões";
$modalidade = "Vôlei";
$profissao = "diretor";
break;
}
$email->Body = "<!DOCTYPE html><html> (...)";
$email->Subject = $assunto; // sujet di qui envoie le formulaire
$email->addAddress($departamento); // adresse di qui reçoit
$email->send();
echo _enviada; // message de succès
}
catch (Exception $e)
{
echo _naoenviada; // message d'échec
echo _erro . $email->ErrorInfo . "</p></div>";
}
} Et les fautes :
|
Si vous voulez voir le fichier entier, le voici: Vous pouvez tester le formulaire du site de l'association athlétique: http:https://atleticaunisal.com.br/contacto.php?hl=fr. Il a déjà des versions française métropolitaine et québécoise. |
Regarde la sequence ici:
La faute est immédiatement après STARTTLS, avant authentication, donc c'est probablement votre certificates des CAs - lire la troubleshooting guide pour les remplacer. |
Référez-vous à l'Encryption Flavours ou au Certificate verification failure ? |
La deuxième. Essayer les tests dans la guide pour verifier. |
Malgré de mon macOS ne pas avoir $ php -i | grep cafile
openssl.cafile => no value => no value
$ echo QUIT | openssl s_client -starttls smtp -crlf -connect smtp.atleticaunisal.com.br:587
CONNECTED(00000005)
depth=1 C = US, O = "thawte, Inc.", CN = thawte SSL CA - G2
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=BR/ST=Sao Paulo/L=Sao Paulo/O=LOCAWEB LTDA/OU=Hospedagem de sites/CN=*.locaweb.com.br
i:/C=US/O=thawte, Inc./CN=thawte SSL CA - G2
1 s:/C=US/O=thawte, Inc./CN=thawte SHA256 SSL CA
i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2008 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA - G3
2 s:/C=US/O=thawte, Inc./CN=thawte SSL CA - G2
i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgIQJ0dIUx5xnvtgtbhKcUCdKjANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwODA0MDAwMDAwWhcNMTgwNjA1MjM1OTU5
WjCBhTELMAkGA1UEBhMCQlIxEjAQBgNVBAgMCVNhbyBQYXVsbzESMBAGA1UEBwwJ
U2FvIFBhdWxvMRUwEwYDVQQKDAxMT0NBV0VCIExUREExHDAaBgNVBAsME0hvc3Bl
ZGFnZW0gZGUgc2l0ZXMxGTAXBgNVBAMMECoubG9jYXdlYi5jb20uYnIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU9Mqs03GZyuD1DrbFoBfHnlyeanXz
r7X3TvbQf8bs6nvaSLqOwfF3LIPFrxrMAEa7VGkMOs52M9US7bXnAcaV7NBvBRPh
QetjmjzCQ/aADM9kGLSqSq6HEnupMzrsw1WogrOWXQyLon8YE925IhvwsqM0UM2/
d6102hTlddR3HCwHOa/3El0WxfD2DIsNJ4Su8WfNXKYIm1yBxkadLYIbq5ClLAI/
VBfjFXd/OnTsGY0FaJM515pK84pKzX5A/0Y0f3kCzkc92ktj0ac/t1yOUX+tGW/d
oxyvFJh/VhGFoGXLdnDdnlStd/ZFcinpe7CWcoJnxHvfDKowBe+fsJopAgMBAAGj
ggKKMIIChjArBgNVHREEJDAighAqLmxvY2F3ZWIuY29tLmJygg5sb2Nhd2ViLmNv
bS5icjAJBgNVHRMEAjAAMG4GA1UdIARnMGUwYwYGZ4EMAQICMFkwJgYIKwYBBQUH
AgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8GCCsGAQUFBwICMCMMIWh0
dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBaAw
HwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb2S61UmAwKwYDVR0fBCQwIjAgoB6g
HIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcmwwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDov
L3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3RqLnN5bWNiLmNvbS90
ai5jcnQwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwDd6x0reg1PpiCLga2BaHB+
Lo6dAdVciI09EcTNtuy+zAAAAV2umd06AAAEAwBIMEYCIQDcgkgGk49ufkI70RLD
rqglp4tuve7FGGka6Z2w9T9BWwIhAP3uCtUxgjJO+anvJqisjfUHEQAstQWBhtWX
on1GhJiXAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFdrpne
yAAABAMARjBEAiAZ8RmIjMcsI7zyggVB1kJVvMSvBKHBmzG7VmJgtyKalQIgftuB
wnJa7R1/A35zacemk7xKe/9uxj2aNQMKG4/i/QMwDQYJKoZIhvcNAQELBQADggEB
AKoqxuynHOThNY/GsNTaW51B2LDkfCQOyorS0Le5fdL/rdouKcH9KQ6irAIqCOeo
kNrEQ+P/E/lot+LZ4m3xWj/vannCfbAdNOoboJ63R/8UwVZYdU9hGwOnh1dTutAv
4uagtN5NDcyF6XY7rILtdBtI/R3XX5Xk8JPuybBZnl4F7kEtAM3coP3efDggogjg
kYh1pwjCKrb+OIbQ42YJQvU4h6rPLcyiMGNDfK1gZHuTtk8Hy9ZE10YTGUJWvc5X
gtH4MsLyzT7nKLEUSdc6GVeVeadQ1L9h9M8eh2Wm7z0fnXWPH4tTxnuZ/QcKs1M8
od4zKv+tRHxRQUq4gp7GLrc=
-----END CERTIFICATE-----
subject=/C=BR/ST=Sao Paulo/L=Sao Paulo/O=LOCAWEB LTDA/OU=Hospedagem de sites/CN=*.locaweb.com.br
issuer=/C=US/O=thawte, Inc./CN=thawte SSL CA - G2
---
No client certificate CA names sent
---
SSL handshake has read 4845 bytes and written 479 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: CBA5AA19FCA800D6ADF8EB621BBFF651619381643D1F869EEE9982A0CCD855FE
Session-ID-ctx:
Master-Key: A8AEF91DE91552FA516B44F708F0291373A7CB10612542EA424DE37411A06C4C6710EC369CB196F0CEC562EE8D47A3D3
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 2c fe d4 da 97 e4 5f 87-76 bc 45 14 20 0d c4 05 ,....._.v.E. ...
0010 - 37 71 6e 49 0c d9 8c 70-89 b3 4d aa 36 85 6f 4a 7qnI...p..M.6.oJ
0020 - 83 19 87 eb 5f 21 d5 41-32 85 2f b1 29 0e 56 2a ...._!.A2./.).V*
0030 - b0 98 0a 2b 68 c1 82 9e-35 29 c1 53 04 ec 6a a3 ...+h...5).S..j.
0040 - ac 28 4a 03 19 3e be 42-21 8c 34 e0 67 de c6 94 .(J..>.B!.4.g...
0050 - ff ab b2 2e 0f 0d e0 0c-3c 7f 91 5f 66 28 cb 07 ........<.._f(..
0060 - 70 27 87 eb 0b 51 0c c5-97 72 15 66 5b 0c 77 cd p'...Q...r.f[.w.
0070 - 69 e8 d9 1f 39 12 b1 b8-30 cd e6 fb 85 c7 5d fb i...9...0.....].
0080 - 55 8f 91 21 23 47 7d 33-42 d8 ff e5 78 2c f4 bf U..!#G}3B...x,..
0090 - ce a7 6a 06 83 dc 72 c6-66 93 58 c1 f0 5e 14 8c ..j...r.f.X..^..
Start Time: 1520984537
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
250 DSN
DONE Est-ce que c'est à cause de |
Pour éliminer les autre problèmes, télécharger le bundle CA et essayer à connecter avec ça:
Si cela fonctionne, vous savez que le bundle CA est le problème, vous pouvez donc mettre à jour votre fichier PHP.ini pour l'utiliser, or essayer le package |
J'ai exécuté ce commande-ci et ça fonctionne. J'ai installé ce paquet, mais après en utilisant $ composer require paragonie/certainty
Using version ^1.0 for paragonie/certainty
./composer.json has been created
Loading composer repositories with package information
Updating dependencies (including require-dev)
Package operations: 8 installs, 0 updates, 0 removals
- Installing paragonie/random_compat (v2.0.11): Downloading (100%)
- Installing paragonie/sodium_compat (v1.6.0): Downloading (100%)
- Installing paragonie/constant_time_encoding (v2.2.2): Downloading (100%)
- Installing guzzlehttp/promises (v1.3.1): Downloading (100%)
- Installing psr/http-message (1.0.1): Downloading (100%)
- Installing guzzlehttp/psr7 (1.4.2): Downloading (100%)
- Installing guzzlehttp/guzzle (6.3.0): Downloading (100%)
- Installing paragonie/certainty (v1.0.2): Downloading (100%)
paragonie/random_compat suggests installing ext-libsodium (Provides a modern crypto API that can be used to generate random bytes.)
paragonie/sodium_compat suggests installing ext-libsodium (PHP < 7.0: Better performance, password hashing (Argon2i), secure memory management (memzero), and better security.)
guzzlehttp/guzzle suggests installing psr/log (Required for using the Log middleware)
Writing lock file
Generating autoload files
$ php -i | grep cafile
openssl.cafile => no value => no value
$ echo QUIT | openssl s_client -starttls smtp -crlf -connect smtp.atleticaunisal.com.br:587
CONNECTED(00000005)
depth=1 C = US, O = "thawte, Inc.", CN = thawte SSL CA - G2
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=BR/ST=Sao Paulo/L=Sao Paulo/O=LOCAWEB LTDA/OU=Hospedagem de sites/CN=*.locaweb.com.br
i:/C=US/O=thawte, Inc./CN=thawte SSL CA - G2
1 s:/C=US/O=thawte, Inc./CN=thawte SHA256 SSL CA
i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2008 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA - G3
2 s:/C=US/O=thawte, Inc./CN=thawte SSL CA - G2
i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgIQJ0dIUx5xnvtgtbhKcUCdKjANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwODA0MDAwMDAwWhcNMTgwNjA1MjM1OTU5
WjCBhTELMAkGA1UEBhMCQlIxEjAQBgNVBAgMCVNhbyBQYXVsbzESMBAGA1UEBwwJ
U2FvIFBhdWxvMRUwEwYDVQQKDAxMT0NBV0VCIExUREExHDAaBgNVBAsME0hvc3Bl
ZGFnZW0gZGUgc2l0ZXMxGTAXBgNVBAMMECoubG9jYXdlYi5jb20uYnIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU9Mqs03GZyuD1DrbFoBfHnlyeanXz
r7X3TvbQf8bs6nvaSLqOwfF3LIPFrxrMAEa7VGkMOs52M9US7bXnAcaV7NBvBRPh
QetjmjzCQ/aADM9kGLSqSq6HEnupMzrsw1WogrOWXQyLon8YE925IhvwsqM0UM2/
d6102hTlddR3HCwHOa/3El0WxfD2DIsNJ4Su8WfNXKYIm1yBxkadLYIbq5ClLAI/
VBfjFXd/OnTsGY0FaJM515pK84pKzX5A/0Y0f3kCzkc92ktj0ac/t1yOUX+tGW/d
oxyvFJh/VhGFoGXLdnDdnlStd/ZFcinpe7CWcoJnxHvfDKowBe+fsJopAgMBAAGj
ggKKMIIChjArBgNVHREEJDAighAqLmxvY2F3ZWIuY29tLmJygg5sb2Nhd2ViLmNv
bS5icjAJBgNVHRMEAjAAMG4GA1UdIARnMGUwYwYGZ4EMAQICMFkwJgYIKwYBBQUH
AgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8GCCsGAQUFBwICMCMMIWh0
dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBaAw
HwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb2S61UmAwKwYDVR0fBCQwIjAgoB6g
HIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcmwwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDov
L3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3RqLnN5bWNiLmNvbS90
ai5jcnQwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwDd6x0reg1PpiCLga2BaHB+
Lo6dAdVciI09EcTNtuy+zAAAAV2umd06AAAEAwBIMEYCIQDcgkgGk49ufkI70RLD
rqglp4tuve7FGGka6Z2w9T9BWwIhAP3uCtUxgjJO+anvJqisjfUHEQAstQWBhtWX
on1GhJiXAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFdrpne
yAAABAMARjBEAiAZ8RmIjMcsI7zyggVB1kJVvMSvBKHBmzG7VmJgtyKalQIgftuB
wnJa7R1/A35zacemk7xKe/9uxj2aNQMKG4/i/QMwDQYJKoZIhvcNAQELBQADggEB
AKoqxuynHOThNY/GsNTaW51B2LDkfCQOyorS0Le5fdL/rdouKcH9KQ6irAIqCOeo
kNrEQ+P/E/lot+LZ4m3xWj/vannCfbAdNOoboJ63R/8UwVZYdU9hGwOnh1dTutAv
4uagtN5NDcyF6XY7rILtdBtI/R3XX5Xk8JPuybBZnl4F7kEtAM3coP3efDggogjg
kYh1pwjCKrb+OIbQ42YJQvU4h6rPLcyiMGNDfK1gZHuTtk8Hy9ZE10YTGUJWvc5X
gtH4MsLyzT7nKLEUSdc6GVeVeadQ1L9h9M8eh2Wm7z0fnXWPH4tTxnuZ/QcKs1M8
od4zKv+tRHxRQUq4gp7GLrc=
-----END CERTIFICATE-----
subject=/C=BR/ST=Sao Paulo/L=Sao Paulo/O=LOCAWEB LTDA/OU=Hospedagem de sites/CN=*.locaweb.com.br
issuer=/C=US/O=thawte, Inc./CN=thawte SSL CA - G2
---
No client certificate CA names sent
---
SSL handshake has read 4845 bytes and written 479 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 4FF8158BC0664F35811923F14B8EF5A049E2AB547D36E6EEAA6C2E6024DD9E10
Session-ID-ctx:
Master-Key: C80F480E46EE162B168F864386D729920C9A91247C56C866DAC32E93C2003194A530FD8E4045147EC42D8455245219D4
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 16 4b 0a 61 41 68 af 81-04 c8 fc 10 74 c6 18 2e .K.aAh......t...
0010 - f1 88 9b 52 13 f9 be b9-f6 8c 6b 13 c7 84 36 39 ...R......k...69
0020 - 18 c6 4a fa 4c 23 33 a9-a0 f3 47 65 b1 c5 51 0c ..J.L#3...Ge..Q.
0030 - 36 0b e7 cf 0b 3f ed 71-b6 3a 44 08 6c c8 61 5c 6....?.q.:D.l.a\
0040 - 9b 3f 2d 84 7e 51 d0 bb-e8 4d 10 6d fd a4 9a bd .?-.~Q...M.m....
0050 - e2 23 d4 7e e2 b2 71 4a-b5 5a 32 d4 9e 7a ef e6 .#.~..qJ.Z2..z..
0060 - 87 2c 6f bb 3e 85 01 27-44 c1 5b 22 5b ac 6a 9d .,o.>..'D.["[.j.
0070 - 67 53 57 89 f1 92 a5 f2-9e 92 93 d5 3c 60 e5 2b gSW.........<`.+
0080 - d8 a3 6f f8 d5 98 30 4c-f9 93 36 4f 18 b2 4a 92 ..o...0L..6O..J.
0090 - 89 d2 30 fd d7 cb 27 ed-20 d9 22 6a 3e 96 e6 6f ..0...'. ."j>..o
Start Time: 1520986296
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
250 DSN
DONE |
You have to actually run the Certainty code, it's not magic! I did suggest trying the manual download first. |
Then I have to copy the guzzlehttp, paragonie and par folders to web site server, because without them, it wouldn't work. |
The problem is that I do not have |
The guide tells you how to get that. |
I did everything what the guide taught, but it worked nothing. Maybe the guide didn't tell which fils to require. |
It's not that complicated - you download the CA cert file, then alter your php.ini to point at it - that's it. |
I am confused, are you referring to any CA cert of
The problem is that |
It doesn't matter how you get the CA file - they are the same either way. Certainty means you get control of it from inside your app rather than in your system config.
What? No. php.ini files live on your server, and as the server owner, you should be able to access them and alter the settings in there. Visitors have no access to php.ini. There will already be one there, because PHP ships with one as standard. There is another alternative: You can provide a path to a CA cert file in the
That will only fix that specific usage of PHPMailer, whereas fixing it in php.ini or the system will fix it for all PHP scripts or the entire system respectively. |
Which is one of them to uncomment? [openssl]
;openssl.cafile=
;openssl.capath= |
|
I need to know if it is all right, if the order is correct and if I need to add Paragonie too: try
{
$email->CharSet = 'utf-8';
$email->setLanguage('br', '/phpmailer/language/');
$email->isHTML(true);
$email->AddEmbeddedImage("imagens/logo-formulario.png", "logo-formulario", "logo-formulario.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/heart.png", "coracao", "heart.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/materialize.png", "materialize", "materialize.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/phpmailer.png", "phpmailer", "phpmailer.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/atom.png", "atom", "atom.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/apple.png", "apple", "apple.png", 'base64', 'image/png');
$email->SMTPOptions =
[
'ssl' =>
[
'verify_peer' => true,
'verify_peer_name' => true,
'allow_self_signed' => false,
'cafile' => 'paragonie/certainty/data/cacert-2018-03-07.pem'
]
];
$email->SMTPDebug = 2; // Enable verbose debug output
$email->isSMTP(); // Set mailer to use SMTP
$email->Host = 'smtp.atleticaunisal.com.br'; // Specify main and backup SMTP servers
$email->SMTPAuth = true; // Enable SMTP authentication
$email->Username = '[email protected]'; // SMTP username
$email->Password = 'atleticaunisalorena'; // SMTP password
$email->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted
$email->Port = 587; // TCP port to connect to
$email->Host = 'tls:https://smtp.atleticaunisal.com.br:587';
$email->setFrom('[email protected]', 'Atlética UNISAL'); or use ParagonIE\Certainty\RemoteFetch;
$latest = (new RemoteFetch())->getLatestBundle();
$latest->createSymlink('paragonie/certainty/data/cacert-2018-03-07.pem', true);
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
date_default_timezone_set('America/Sao_Paulo');
require 'phpmailer/src/Exception.php';
require 'phpmailer/src/PHPMailer.php';
require 'phpmailer/src/SMTP.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST')
{
$curso = $_POST['cursos']; // prénom du cours de qui envoie le formulaire
$emailusuario = $_POST['email']; // l'e-mail de qui envoie le formulaire
$faculdade = $_POST['faculdades']; // prénom de l'université de qui envoie le formulaire
$idade = $_POST['idade']; // âge de qui envoie le formulaire
$ip = $_SERVER['REMOTE_ADDR']; // IP de qui envoie le formulaire
$mensagem = $_POST['mensagem']; // message de qui envoie le formulaire
$navegador = $_SERVER['HTTP_USER_AGENT']; // le browser de l'utilisateur qui envoie le formulaire
$nomeusuario = $_POST['nome']; // prénom et nom de qui envoie le formulaire
$pais = json_decode(file_get_contents("http:https://ipinfo.io/")); // IP du pays de qui envoie le formulaire
$telefone = $_POST['phone']; // téléphone de qui envoie le formulaire
$email = new PHPMailer();
try
{
$email->CharSet = 'utf-8';
$email->setLanguage('br', '/phpmailer/language/');
$email->isHTML(true);
$email->AddEmbeddedImage("imagens/logo-formulario.png", "logo-formulario", "logo-formulario.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/heart.png", "coracao", "heart.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/materialize.png", "materialize", "materialize.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/phpmailer.png", "phpmailer", "phpmailer.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/atom.png", "atom", "atom.png", 'base64', 'image/png');
$email->AddEmbeddedImage("imagens/icones/apple.png", "apple", "apple.png", 'base64', 'image/png');
$email->SMTPOptions =
[
'ssl' =>
[
'verify_peer' => true,
'verify_peer_name' => true,
'allow_self_signed' => false,
'cafile' => 'paragonie/certainty/data/cacert-2018-03-07.pem'
]
];
$email->SMTPDebug = 2; // Enable verbose debug output
$email->isSMTP(); // Set mailer to use SMTP
$email->Host = 'smtp.atleticaunisal.com.br'; // Specify main and backup SMTP servers
$email->SMTPAuth = true; // Enable SMTP authentication
$email->Username = '[email protected]'; // SMTP username
$email->Password = 'contatoatleticaunisal'; // SMTP password
$email->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted
$email->Port = 587; // TCP port to connect to
$email->Host = 'tls:https://smtp.atleticaunisal.com.br:587';
$email->setFrom('[email protected]', 'Atlética UNISAL');
$email->From = $emailusuario; // l'e-mail de qui envoie le formulaire
$email->FromName = $nomeusuario; // prénom et nom de qui envoie le formulaire Which of them is better? And openssl.cafile='/Users/gus/paragonie/certainty/data/cacert-2018-03-07.pem'
openssl.capath='/Users/gus/paragonie/certainty/data/' Is it right? |
You shouldn't need to update your CA certs very often - they don't change that frequently - doing it inline with every email send is excessive. As I said before, it doesn't matter how you get hold of your CA certs. Either of those openssl php.ini settings should work; the second one is perhaps more likely to stay working if you download more certificates in future and put them in the same folder. |
Hi @Synchro Although PHPMailer and SendGrid are unrelated, it is the same problem of authorisation certificate. The problem isn't PHPMailer or SendGrid, it is Locaweb's server, because they use very old server and they do not have authentication, authorisation certificates and credentials. I have contacted Loacweb. Due to these lacks, e-mails are classified as spams. See the end of the topic: sendgrid/sendgrid-php#591. |
I don't think that explains it - if you get your own local copy of the CA certs and use it in your PHP ssl config (and you confirm that it actually works by running |
@Synchro, I found how to solve the Locaweb's authentication error. I had to reinstall PHP, using Homebrew to correct the curl, authentication and authorisation errors. I copied correctly Finally it worked. Surprisingly, the e-mails are no longer as spams. I will find how to solution the Locaweb server problem in SendGrid. It is solved. Merci beaucoup pour votre patience ! |
Hello,
I use PHPMailer but I do not use STMP because it never works with "switch", therefore, I removed STMP and it worked. But in spite of it having worked, Gmail reported my own e-mails as spoofing messages.
The text was updated successfully, but these errors were encountered: