PHP4, IIS, Exchange, and SMTP mail on WIndows network

pts.
Tags:
Microsoft Exchange
PHP
Hi, I'm not sure who to ask this question, because it's an interoperability issue. I need to be able to send SMTP email through PHP4 on a Windows network. This is a large WAN situation (I think the mail servers are in OH. I'm in AZ, as is my PHP/IIS installation.), so I can't do much experimenting with changing settings on the server. I need to know what will work, before I request any changes. At the moment, I'm getting "Warning: mail(): SMTP server response: 454 5.7.3 Client was not authenticated. in c:inetpubwwwrootsendmail.php on line 6" errors, using the following code. This is sendmail.php <? $email = $_REQUEST['email'] ; $message = $_REQUEST['message'] ; mail( "user.name@domain.com", "Feedback Form Results", $message, "From: $email" ); ?> <form method="post" action="sendmail.php"> Email: <input name="email" type="text" /><br /> Message:<br /> <textarea name="message" rows="15" cols="40"> </textarea><br /> <input type="submit" /> </form> So...CAN these technologies play nicely together? If so, what do I need to do to make it happen? Thanks! (This is my first question. See if you can impress me. ;-D )

Answer Wiki

Thanks. We'll let you know when a new response is added.

Well, I doubt that my answer will impress you, but it’s an approach that works for me.

Call up the people who run the mail servers and ask them what sort of authentication they require for handling email.

Also ask whether or not they’re running the SMTP connection on a non-standard port, since many ISPs are going in that direction to fight spam, some organizations may also do that internally for the same reasons.

Bob

Discuss This Question: 5  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Aquaticous
    This is more of a coding problem than a server/ client authentication issue. The error is telling you that there is a problem with the coding. Double check your coding, especially around line 6 and this should correct the current issue.
    0 pointsBadges:
    report
  • Bobkberg
    I'm going to take your comment as an opportunity to dive into one of my favorite subjects - learning an organization from the inside out. I'll probably write a blog on the subject in the future, but here goes... First off, ask around to find out where the other offices/locations are - both geographically, by division name, and then phone numbers. Use phone books, whitepages.com, Google.com, etc. to find any pertinent data, and then call up the main number, and ask whoever answers to point you in the direction of their IS/IT people. If you hit voice menus, and are given no clues, then always aim for sales, and ask for a call back from a sales rep. When you get one, ask them. If they don't know, then ask to speak with their manager and ask that person. Look for (and ask others in your area) "official" IS/IT emails (announcing policy, outages, etc.), and look for contact names and phone numbers, and then ask those people. The key point here is persistence and thoroughness. You might even find someone within the organization who can help you with your code. Bob
    1,070 pointsBadges:
    report
  • Amigus
    DaveInAZ: It does look like an authentication problem. If you can't get assistance from the IT department in OH, telnet to the mail server and type "EHLO hostname.domainname" where hostname.domainname is that of the machine you're coming from. Typing that command should yield a list of directives one of which is "AUTH". An example (from Microsoft Exchange): 250-AUTH GSSAPI NTLM This line tells me that this server wants authentication either by GSSAPI (Kerberos usually) and NTLM (aka Windows authentication). Once you have that information you can figure out how to make your program authenticate to that server. Most likely you'll need to obtain an account suitable for use in a script, from the IT department, however, for testing you could use your own and not show anyone the code without first deleting your password. :-) bobkberg: A question: How exactly does running a mail server on a port other than 25 fight spam and were are you finding information leading you to believe that it's becoming a common practise by ISPs? A comment: Your "get to know a company from the inside out" guide sounds more like a "how to shoot yourself in the foot with a new job and risk getting fired in less than 8 hours." Alternatively if you don't work at said company it sounds like a decent chapter of a social engineering guide. :-) If it's sendmail
    0 pointsBadges:
    report
  • Bobkberg
    This is an off-topic reply to amigus - but it's kinda-sorta part of the thread. 1) Running a mail server on a port other than 25 is part of security by obscurity to make it harder for infected machines to find the outbound mail server - since they're likely to find the address in the outlook or outlook express configuration, but may be hard coded to use port 25. I didn't say that I approved of it - just noting that it's being done. As for what ISPs are doing this, my own (garlic.com) is - and they cite other ISPs. I can tell you from dealing with my customers that SBC, Verizon and others ARE blocking outbound port 25 to anywhere except their own mail servers. This is perhaps not as satisfactory an answer as you wanted, but it's what I've got. 2) Re:Social Engineering / Learning the organization: I did not go into much detail, since I didn't want to flood the discussion off-topic, but since you made a point of mentioning it, it's a sure bet that many others were thinking similar thoughts that went unvoiced. Personally, I've been using this approach for years. The key thing that I didn't mention is that I make a point of making sure that everyone I talk to knows my name (including spelling), who I work for, and my phone number and email address within the organization, and then I point out that since they don't know me from Adam, they are free to call back whoever my supervisor happens to be. That said, I've never been threatened with discipline, let alone firing by anyone. AND the approach does work. Admittedly, I developed this approach while being employed in fairly senior technical positions, and I'm extremely open about what I'm doing. 'Nuff said? Bob
    1,070 pointsBadges:
    report
  • Amigus
    Bob, I guess I misunderstood the comment about the alternate port though reading your explanation I guess it's really spyware that sends spam that this hack attempts to prevent. I could go on and on about how ISP's shouldn't do stupid things like this since it really doesn't stop anyone and only makes the malware writers increase the potency of their programs to work around it or the fact that simply implementing user authentication rather than address matching for relay permissions is a real fix, but I won't do that. :-) With respect to the social engineering thing; I think when you include the part about identifying yourself and the purpose of your reconnaisance it makes your suggestion less dangerous but I do know of organizations where doing such a thing might raise some eyebrows. I guess all I meant by calling attention to your comment was that it might not be a great idea in all circumstances and it might be something you'd wanna do after you've got some traction in the organization, etc.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following