PHP mail() function and SSL

phillipe2002

Just a quick one... It seems that the mail() function in PHP doesn't like SSL encryption. For some reason, if you run a mail script via https it doesn't seem to work. Tested the same file without encyption - it works fine.

Can anyone shed some light on this for me?

Thanks in advance 🙂

superwormy

Post the script. Are you sure you dont have any other errors anywhere else? SSL shouldn't affect the mail() function, they're not related in any way...

tony_l

I have to agree, SSL should not affect your mail() function. Are you running your own server, or a using a web hosting service? If a service, make certain they do not put restrictions on outgoing mail.

phillipe2002

Thanks guys.

Your confidence that the script should not have been affected prompted me to look more closely. I'm using spam protection within the code that uses the $_SERVER[HTTP_REFERER] to allow or disallow the script to run from a previous page. When removed, the email script runs fine with SSL. I'll now investigate what I need to do to work around this. Any suggestions would be greatly appreciated.

superwormy

Are you doing something like this?

if ($_SERVER['HTTP_REFERER'] == "http://www.someurl.com/")
; // send mail
else
; // dont send mail

In that case, it won't send because the URL is 'https://' and not 'http://'...

phillipe2002

This is the spam code I'm using:

if (strpos($SERVER['HTTP_REFERER'], $SERVER['HTTP_HOST'])>7 ||
!strpos($SERVER['HTTP_REFERER'], $SERVER['HTTP_HOST']))
die("Bad referer");

I'm not sure how safe it is. I have used other code that did specify the exact URL but found problems compensating for appended query strings. This one seems to work best.

Weedpacket

Consider using [man]parse_url[/man] to isolate the hostname from the referrer URL.