-class SMTP {
- /**
- * SMTP server port
- * @var int
- */
- public $SMTP_PORT = 25;
-
- /**
- * SMTP reply line ending
- * @var string
- */
- public $CRLF = "\r\n";
-
- /**
- * Sets whether debugging is turned on
- * @var bool
- */
- public $do_debug; // the level of debug to perform
-
- /**
- * Sets VERP use on/off (default is off)
- * @var bool
- */
- public $do_verp = false;
-
- /**
- * Sets the SMTP PHPMailer Version number
- * @var string
- */
- public $Version = '5.2.1';
-
- /////////////////////////////////////////////////
- // PROPERTIES, PRIVATE AND PROTECTED
- /////////////////////////////////////////////////
-
- private $smtp_conn; // the socket to the server
- private $error; // error if any on the last call
- private $helo_rply; // the reply the server sent to us for HELO
-
- /**
- * Initialize the class so that the data is in a known state.
- * @access public
- * @return void
- */
- public function __construct() {
- $this->smtp_conn = 0;
- $this->error = null;
- $this->helo_rply = null;
-
- $this->do_debug = 0;
- }
-
- /////////////////////////////////////////////////
- // CONNECTION FUNCTIONS
- /////////////////////////////////////////////////
-
- /**
- * Connect to the server specified on the port specified.
- * If the port is not specified use the default SMTP_PORT.
- * If tval is specified then a connection will try and be
- * established with the server for that number of seconds.
- * If tval is not specified the default is 30 seconds to
- * try on the connection.
- *
- * SMTP CODE SUCCESS: 220
- * SMTP CODE FAILURE: 421
- * @access public
- * @return bool
- */
- public function Connect($host, $port = 0, $tval = 30) {
- // set the error val to null so there is no confusion
- $this->error = null;
-
- // make sure we are __not__ connected
- if($this->connected()) {
- // already connected, generate error
- $this->error = array("error" => "Already connected to a server");
- return false;
- }
-
- if(empty($port)) {
- $port = $this->SMTP_PORT;
- }
-
- // connect to the smtp server
- $this->smtp_conn = @fsockopen($host, // the host of the server
- $port, // the port to use
- $errno, // error number if any
- $errstr, // error message if any
- $tval); // give up after ? secs
- // verify we connected properly
- if(empty($this->smtp_conn)) {
- $this->error = array("error" => "Failed to connect to server",
- "errno" => $errno,
- "errstr" => $errstr);
- if($this->do_debug >= 1) {
- echo "SMTP -> ERROR: " . $this->error["error"] . ": $errstr ($errno)" . $this->CRLF . '<br />';
- }
- return false;
- }
-
- // SMTP server can take longer to respond, give longer timeout for first read
- // Windows does not have support for this timeout function
- if(substr(PHP_OS, 0, 3) != "WIN")
- socket_set_timeout($this->smtp_conn, $tval, 0);
-
- // get any announcement
- $announce = $this->get_lines();
-
- if($this->do_debug >= 2) {
- echo "SMTP -> FROM SERVER:" . $announce . $this->CRLF . '<br />';
- }
-
- return true;
- }
-
- /**
- * Initiate a TLS communication with the server.
- *
- * SMTP CODE 220 Ready to start TLS
- * SMTP CODE 501 Syntax error (no parameters allowed)
- * SMTP CODE 454 TLS not available due to temporary reason
- * @access public
- * @return bool success
- */
- public function StartTLS() {
- $this->error = null; # to avoid confusion
-
- if(!$this->connected()) {
- $this->error = array("error" => "Called StartTLS() without being connected");
- return false;
- }
-
- fputs($this->smtp_conn,"STARTTLS" . $this->CRLF);
-
- $rply = $this->get_lines();
- $code = substr($rply,0,3);
-
- if($this->do_debug >= 2) {
- echo "SMTP -> FROM SERVER:" . $rply . $this->CRLF . '<br />';
- }
-
- if($code != 220) {
- $this->error =
- array("error" => "STARTTLS not accepted from server",
- "smtp_code" => $code,
- "smtp_msg" => substr($rply,4));
- if($this->do_debug >= 1) {
- echo "SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF . '<br />';
- }
- return false;
- }
-
- // Begin encrypted connection
- if(!stream_socket_enable_crypto($this->smtp_conn, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
- return false;
- }
-
- return true;
- }
-
- /**
- * Performs SMTP authentication. Must be run after running the
- * Hello() method. Returns true if successfully authenticated.
- * @access public
- * @return bool
- */
- public function Authenticate($username, $password) {
- // Start authentication
- fputs($this->smtp_conn,"AUTH LOGIN" . $this->CRLF);
-
- $rply = $this->get_lines();
- $code = substr($rply,0,3);
-
- if($code != 334) {
- $this->error =
- array("error" => "AUTH not accepted from server",
- "smtp_code" => $code,
- "smtp_msg" => substr($rply,4));
- if($this->do_debug >= 1) {
- echo "SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF . '<br />';
- }
- return false;
- }
-
- // Send encoded username
- fputs($this->smtp_conn, base64_encode($username) . $this->CRLF);
-
- $rply = $this->get_lines();
- $code = substr($rply,0,3);
-
- if($code != 334) {
- $this->error =
- array("error" => "Username not accepted from server",
- "smtp_code" => $code,
- "smtp_msg" => substr($rply,4));
- if($this->do_debug >= 1) {
- echo "SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF . '<br />';
- }
- return false;
- }
-
- // Send encoded password
- fputs($this->smtp_conn, base64_encode($password) . $this->CRLF);
-
- $rply = $this->get_lines();
- $code = substr($rply,0,3);
-
- if($code != 235) {
- $this->error =
- array("error" => "Password not accepted from server",
- "smtp_code" => $code,
- "smtp_msg" => substr($rply,4));
- if($this->do_debug >= 1) {
- echo "SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF . '<br />';
- }
- return false;
- }
-
- return true;
- }
-
- /**
- * Returns true if connected to a server otherwise false
- * @access public
- * @return bool
- */
- public function Connected() {
- if(!empty($this->smtp_conn)) {
- $sock_status = socket_get_status($this->smtp_conn);
- if($sock_status["eof"]) {
- // the socket is valid but we are not connected
- if($this->do_debug >= 1) {
- echo "SMTP -> NOTICE:" . $this->CRLF . "EOF caught while checking if connected";
- }
- $this->Close();
+ /**
+ * Debug level to show client -> server and server -> client messages
+ */
+ const DEBUG_SERVER = 2;
+
+ /**
+ * Debug level to show connection status, client -> server and server -> client messages
+ */
+ const DEBUG_CONNECTION = 3;
+
+ /**
+ * Debug level to show all messages
+ */
+ const DEBUG_LOWLEVEL = 4;
+
+ /**
+ * The PHPMailer SMTP Version number.
+ * @type string
+ * @deprecated Use the `VERSION` constant instead
+ * @see SMTP::VERSION
+ */
+ public $Version = '5.2.10';
+
+ /**
+ * SMTP server port number.
+ * @type integer
+ * @deprecated This is only ever used as a default value, so use the `DEFAULT_SMTP_PORT` constant instead
+ * @see SMTP::DEFAULT_SMTP_PORT
+ */
+ public $SMTP_PORT = 25;
+
+ /**
+ * SMTP reply line ending.
+ * @type string
+ * @deprecated Use the `CRLF` constant instead
+ * @see SMTP::CRLF
+ */
+ public $CRLF = "\r\n";
+
+ /**
+ * Debug output level.
+ * Options:
+ * * self::DEBUG_OFF (`0`) No debug output, default
+ * * self::DEBUG_CLIENT (`1`) Client commands
+ * * self::DEBUG_SERVER (`2`) Client commands and server responses
+ * * self::DEBUG_CONNECTION (`3`) As DEBUG_SERVER plus connection status
+ * * self::DEBUG_LOWLEVEL (`4`) Low-level data output, all messages
+ * @type integer
+ */
+ public $do_debug = self::DEBUG_OFF;
+
+ /**
+ * How to handle debug output.
+ * Options:
+ * * `echo` Output plain-text as-is, appropriate for CLI
+ * * `html` Output escaped, line breaks converted to `<br>`, appropriate for browser output
+ * * `error_log` Output to error log as configured in php.ini
+ *
+ * Alternatively, you can provide a callable expecting two params: a message string and the debug level:
+ * <code>
+ * $smtp->Debugoutput = function($str, $level) {echo "debug level $level; message: $str";};
+ * </code>
+ * @type string|callable
+ */
+ public $Debugoutput = 'echo';
+
+ /**
+ * Whether to use VERP.
+ * @link http://en.wikipedia.org/wiki/Variable_envelope_return_path
+ * @link http://www.postfix.org/VERP_README.html Info on VERP
+ * @type boolean
+ */
+ public $do_verp = false;
+
+ /**
+ * The timeout value for connection, in seconds.
+ * Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
+ * This needs to be quite high to function correctly with hosts using greetdelay as an anti-spam measure.
+ * @link http://tools.ietf.org/html/rfc2821#section-4.5.3.2
+ * @type integer
+ */
+ public $Timeout = 300;
+
+ /**
+ * How long to wait for commands to complete, in seconds.
+ * Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
+ * @type integer
+ */
+ public $Timelimit = 300;
+
+ /**
+ * The socket for the server connection.
+ * @type resource
+ */
+ protected $smtp_conn;
+
+ /**
+ * Error information, if any, for the last SMTP command.
+ * @type array
+ */
+ protected $error = array(
+ 'error' => '',
+ 'detail' => '',
+ 'smtp_code' => '',
+ 'smtp_code_ex' => ''
+ );
+
+ /**
+ * The reply the server sent to us for HELO.
+ * If null, no HELO string has yet been received.
+ * @type string|null
+ */
+ protected $helo_rply = null;
+
+ /**
+ * The set of SMTP extensions sent in reply to EHLO command.
+ * Indexes of the array are extension names.
+ * Value at index 'HELO' or 'EHLO' (according to command that was sent)
+ * represents the server name. In case of HELO it is the only element of the array.
+ * Other values can be boolean TRUE or an array containing extension options.
+ * If null, no HELO/EHLO string has yet been received.
+ * @type array|null
+ */
+ protected $server_caps = null;
+
+ /**
+ * The most recent reply received from the server.
+ * @type string
+ */
+ protected $last_reply = '';
+
+ /**
+ * Output debugging info via a user-selected method.
+ * @see SMTP::$Debugoutput
+ * @see SMTP::$do_debug
+ * @param string $str Debug string to output
+ * @param integer $level The debug level of this message; see DEBUG_* constants
+ * @return void
+ */
+ protected function edebug($str, $level = 0)
+ {
+ if ($level > $this->do_debug) {
+ return;
+ }
+ //Avoid clash with built-in function names
+ if (!in_array($this->Debugoutput, array('error_log', 'html', 'echo')) and is_callable($this->Debugoutput)) {
+ call_user_func($this->Debugoutput, $str, $this->do_debug);
+ return;
+ }
+ switch ($this->Debugoutput) {
+ case 'error_log':
+ //Don't output, just log
+ error_log($str);
+ break;
+ case 'html':
+ //Cleans up output a bit for a better looking, HTML-safe output
+ echo htmlentities(
+ preg_replace('/[\r\n]+/', '', $str),
+ ENT_QUOTES,
+ 'UTF-8'
+ )
+ . "<br>\n";
+ break;
+ case 'echo':
+ default:
+ //Normalize line breaks
+ $str = preg_replace('/(\r\n|\r|\n)/ms', "\n", $str);
+ echo gmdate('Y-m-d H:i:s') . "\t" . str_replace(
+ "\n",
+ "\n \t ",
+ trim($str)
+ )."\n";
+ }
+ }
+
+ /**
+ * Connect to an SMTP server.
+ * @param string $host SMTP server IP or host name
+ * @param integer $port The port number to connect to
+ * @param integer $timeout How long to wait for the connection to open
+ * @param array $options An array of options for stream_context_create()
+ * @access public
+ * @return boolean
+ */
+ public function connect($host, $port = null, $timeout = 30, $options = array())
+ {
+ static $streamok;
+ //This is enabled by default since 5.0.0 but some providers disable it
+ //Check this once and cache the result
+ if (is_null($streamok)) {
+ $streamok = function_exists('stream_socket_client');
+ }
+ // Clear errors to avoid confusion
+ $this->setError('');
+ // Make sure we are __not__ connected
+ if ($this->connected()) {
+ // Already connected, generate error
+ $this->setError('Already connected to a server');
+ return false;
+ }
+ if (empty($port)) {
+ $port = self::DEFAULT_SMTP_PORT;
+ }
+ // Connect to the SMTP server
+ $this->edebug(
+ "Connection: opening to $host:$port, timeout=$timeout, options=".var_export($options, true),
+ self::DEBUG_CONNECTION
+ );
+ $errno = 0;
+ $errstr = '';
+ if ($streamok) {
+ $socket_context = stream_context_create($options);
+ //Suppress errors; connection failures are handled at a higher level
+ $this->smtp_conn = @stream_socket_client(
+ $host . ":" . $port,
+ $errno,
+ $errstr,
+ $timeout,
+ STREAM_CLIENT_CONNECT,
+ $socket_context
+ );
+ } else {
+ //Fall back to fsockopen which should work in more places, but is missing some features
+ $this->edebug(
+ "Connection: stream_socket_client not available, falling back to fsockopen",
+ self::DEBUG_CONNECTION
+ );
+ $this->smtp_conn = fsockopen(
+ $host,
+ $port,
+ $errno,
+ $errstr,
+ $timeout
+ );
+ }
+ // Verify we connected properly
+ if (!is_resource($this->smtp_conn)) {
+ $this->setError(
+ 'Failed to connect to server',
+ $errno,
+ $errstr
+ );
+ $this->edebug(
+ 'SMTP ERROR: ' . $this->error['error']
+ . ": $errstr ($errno)",
+ self::DEBUG_CLIENT
+ );
+ return false;
+ }
+ $this->edebug('Connection: opened', self::DEBUG_CONNECTION);
+ // SMTP server can take longer to respond, give longer timeout for first read
+ // Windows does not have support for this timeout function
+ if (substr(PHP_OS, 0, 3) != 'WIN') {
+ $max = ini_get('max_execution_time');
+ // Don't bother if unlimited
+ if ($max != 0 && $timeout > $max) {
+ @set_time_limit($timeout);
+ }
+ stream_set_timeout($this->smtp_conn, $timeout, 0);
+ }
+ // Get any announcement
+ $announce = $this->get_lines();
+ $this->edebug('SERVER -> CLIENT: ' . $announce, self::DEBUG_SERVER);
+ return true;
+ }
+
+ /**
+ * Initiate a TLS (encrypted) session.
+ * @access public
+ * @return boolean
+ */
+ public function startTLS()
+ {
+ if (!$this->sendCommand('STARTTLS', 'STARTTLS', 220)) {
+ return false;
+ }
+ // Begin encrypted connection
+ if (!stream_socket_enable_crypto(
+ $this->smtp_conn,
+ true,
+ STREAM_CRYPTO_METHOD_TLS_CLIENT
+ )) {
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * Perform SMTP authentication.
+ * Must be run after hello().
+ * @see hello()
+ * @param string $username The user name
+ * @param string $password The password
+ * @param string $authtype The auth type (PLAIN, LOGIN, NTLM, CRAM-MD5)
+ * @param string $realm The auth realm for NTLM
+ * @param string $workstation The auth workstation for NTLM
+ * @access public
+ * @return boolean True if successfully authenticated.
+ */
+ public function authenticate(
+ $username,
+ $password,
+ $authtype = null,
+ $realm = '',
+ $workstation = ''
+ ) {
+ if (!$this->server_caps) {
+ $this->setError('Authentication is not allowed before HELO/EHLO');
+ return false;
+ }
+
+ if (array_key_exists('EHLO', $this->server_caps)) {
+ // SMTP extensions are available. Let's try to find a proper authentication method
+
+ if (!array_key_exists('AUTH', $this->server_caps)) {
+ $this->setError('Authentication is not allowed at this stage');
+ // 'at this stage' means that auth may be allowed after the stage changes
+ // e.g. after STARTTLS
+ return false;
+ }
+
+ self::edebug('Auth method requested: ' . ($authtype ? $authtype : 'UNKNOWN'), self::DEBUG_LOWLEVEL);
+ self::edebug(
+ 'Auth methods available on the server: ' . implode(',', $this->server_caps['AUTH']),
+ self::DEBUG_LOWLEVEL
+ );
+
+ if (empty($authtype)) {
+ foreach (array('LOGIN', 'CRAM-MD5', 'PLAIN') as $method) {
+ if (in_array($method, $this->server_caps['AUTH'])) {
+ $authtype = $method;
+ break;
+ }
+ }
+ if (empty($authtype)) {
+ $this->setError('No supported authentication methods found');
+ return false;
+ }
+ self::edebug('Auth method selected: '.$authtype, self::DEBUG_LOWLEVEL);
+ }
+
+ if (!in_array($authtype, $this->server_caps['AUTH'])) {
+ $this->setError("The requested authentication method \"$authtype\" is not supported by the server");
+ return false;
+ }
+ } elseif (empty($authtype)) {
+ $authtype = 'LOGIN';
+ }
+ switch ($authtype) {
+ case 'PLAIN':
+ // Start authentication
+ if (!$this->sendCommand('AUTH', 'AUTH PLAIN', 334)) {
+ return false;
+ }
+ // Send encoded username and password
+ if (!$this->sendCommand(
+ 'User & Password',
+ base64_encode("\0" . $username . "\0" . $password),
+ 235
+ )
+ ) {
+ return false;
+ }
+ break;
+ case 'LOGIN':
+ // Start authentication
+ if (!$this->sendCommand('AUTH', 'AUTH LOGIN', 334)) {
+ return false;
+ }
+ if (!$this->sendCommand("Username", base64_encode($username), 334)) {
+ return false;
+ }
+ if (!$this->sendCommand("Password", base64_encode($password), 235)) {
+ return false;
+ }
+ break;
+ case 'CRAM-MD5':
+ // Start authentication
+ if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) {
+ return false;
+ }
+ // Get the challenge
+ $challenge = base64_decode(substr($this->last_reply, 4));
+
+ // Build the response
+ $response = $username . ' ' . $this->hmac($challenge, $password);
+
+ // send encoded credentials
+ return $this->sendCommand('Username', base64_encode($response), 235);
+ default:
+ $this->setError("Authentication method \"$authtype\" is not supported");
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * Calculate an MD5 HMAC hash.
+ * Works like hash_hmac('md5', $data, $key)
+ * in case that function is not available
+ * @param string $data The data to hash
+ * @param string $key The key to hash with
+ * @access protected
+ * @return string
+ */
+ protected function hmac($data, $key)
+ {
+ if (function_exists('hash_hmac')) {
+ return hash_hmac('md5', $data, $key);
+ }
+
+ // The following borrowed from
+ // http://php.net/manual/en/function.mhash.php#27225
+
+ // RFC 2104 HMAC implementation for php.
+ // Creates an md5 HMAC.
+ // Eliminates the need to install mhash to compute a HMAC
+ // by Lance Rushing
+
+ $bytelen = 64; // byte length for md5
+ if (strlen($key) > $bytelen) {
+ $key = pack('H*', md5($key));
+ }
+ $key = str_pad($key, $bytelen, chr(0x00));
+ $ipad = str_pad('', $bytelen, chr(0x36));
+ $opad = str_pad('', $bytelen, chr(0x5c));
+ $k_ipad = $key ^ $ipad;
+ $k_opad = $key ^ $opad;
+
+ return md5($k_opad . pack('H*', md5($k_ipad . $data)));
+ }
+
+ /**
+ * Check connection state.
+ * @access public
+ * @return boolean True if connected.
+ */
+ public function connected()
+ {
+ if (is_resource($this->smtp_conn)) {
+ $sock_status = stream_get_meta_data($this->smtp_conn);
+ if ($sock_status['eof']) {
+ // The socket is valid but we are not connected
+ $this->edebug(
+ 'SMTP NOTICE: EOF caught while checking if connected',
+ self::DEBUG_CLIENT
+ );
+ $this->close();
+ return false;
+ }
+ return true; // everything looks good
+ }