md5 password with phpMailer

Question

I use the following code...

      $mail = new PHPMailer();  
      $mail->IsSMTP(); // send via SMTP
      $mail->SMTPAuth = true; // turn on SMTP auth         


        

Answer 1

You have to send plain password to SMTP. Hash functions are one-way, they just "obfuscates" the input, so SMTP can not authenticate you with it.

You could encrypt the password, probably AES, and you store the ciphertext, and the secret (maybe as env. variable), and pass the decoded pass to mailer.

Example:

Username = $USR_EMAIL; // SMTP username
$mail->Password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $secret_key, $cipher, MCRYPT_MODE_ECB); // SMTP password
?>