In today’s web hosting environment, email functionality is essential for communication, whether for notifications, user verification, or marketing. However, to maintain security and reliability, we have disabled the native php mail() function on our hosting servers. This decision was made to enhance security, reduce spam, and ensure better deliverability of emails.

Why Is the PHP Mail Function Disabled?

1. Security Concerns: The php mail() function is often exploited by malicious users or scripts to send spam or phishing emails. These activities can damage the reputation of our hosting servers and lead to blacklisting by major email providers.
2. Lack of Authentication: The php mail() function does not inherently support authentication, making it easier for emails to be spoofed. This can compromise trust in your emails and affect user engagement.
3. Poor Deliverability: Emails sent using the php mail() function are more likely to end up in spam folders or be outright rejected by receiving servers due to lack of proper authentication headers.

To address these issues, we recommend using SMTP (Simple Mail Transfer Protocol) for sending emails from scripts. SMTP supports authentication and allows you to send emails through a secure, authenticated channel, ensuring that your emails are delivered reliably.

Benefits of Using SMTP Authentication

• Enhanced Security: SMTP requires authentication before sending emails, reducing the risk of unauthorized use and spam.
• Better Deliverability: Emails sent using authenticated SMTP are more trusted by receiving servers, improving their chances of landing in the inbox.
• Traceability: SMTP provides better logging and tracking options, making it easier to troubleshoot email delivery issues.

Example of an Email Script Using SMTP Authentication

Here’s a simple PHP script that uses the PHPMailer library to send an email via SMTP:

<?php
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;

require 'path/to/PHPMailer/src/Exception.php';
require 'path/to/PHPMailer/src/PHPMailer.php';
require 'path/to/PHPMailer/src/SMTP.php';

// Create a new PHPMailer instance
$mail = new PHPMailer(true);

try {
    // Server settings
    $mail->isSMTP();
    $mail->Host = 'locallhost'; // Set your SMTP server
    $mail->SMTPAuth = true;
    $mail->Username = 'your-email@domain.com'; // SMTP username
    $mail->Password = 'your-password'; // SMTP password
    $mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; // Enable TLS encryption
    $mail->Port = 587; // TCP port to connect to

    // Recipients
    $mail->setFrom('from@domain.com', 'Mailer');
    $mail->addAddress('recipient@domain', 'Recipient Name');

    // Content
    $mail->isHTML(true);
    $mail->Subject = 'Test Email';
    $mail->Body    = 'This is a test email sent using SMTP authentication.';

    // Send the email
    $mail->send();
    echo 'Message has been sent';
} catch (Exception $e) {
    echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}";
}
?>

Users can download the PHPMailer library from the following sources:

1. Composer (Recommended):
   • Run the following command in the terminal to install PHPMailer using Composer:
     composer require phpmailer/phpmailer
2. GitHub:
   • Visit the PHPMailer GitHub repository to download the latest release as a ZIP file.
   • Extract the files and include them in your project.
3. Official PHPMailer Website:
   • Users can find detailed installation instructions and links to download at https://github.com/PHPMailer/PHPMailer.

Steps to Implement SMTP in Your Script

1. Configure SMTP settings: Update the SMTP host, username, password, and port as per your server’s configuration.
2. Secure Your Credentials: Always store your SMTP credentials securely, using environment variables or secure storage practices.

By using SMTP authentication, you help maintain the security and deliverability of your emails. This practice ensures that your emails reach your recipients without issue and preserves the reputation of our hosting servers.