PHPMailer explained
| PHPMailer |
|
| Author: | Brent R. Matzelle[1] [2] |
| Developer: | (2001-2007) Brent R. Matzelle
(2007-2012) Andy Prevost[3] [4]
(2010-2012) Jim Jagielski[5]
(July 2012-) Marcus Bointon[6] |
| Programming Language: | PHP |
| Operating System: | Cross-platform |
| Language Count: | over 50 |
| License: | LGPL |
PHPMailer is a code library to send (transport) emails safely[7] and easily via PHP code from a web server (MUA to the MSA server).
Sending emails directly by PHP code requires a high-level familiarity to SMTP protocol standards and related issues (such as Carriage return) and vulnerabilities about email injection for spamming. From 2001 PHPMailer is one of the popular[8] [9] solutions for these matters on PHP.
Features
Partial list of features:
- Plain text, HTML and multipart batched files
- SSL and TLS (Secure Sockets Layer and Transport Layer Security)
- SMTP, Qmail, POP3
- Debugging system
- PHP sendmail and mail methods
- IDN
- DKIM
History
- PHPMailer was originally written in 2001 by Brent R. Matzelle as a SourceForge project.
- Andy Prevost (codeworxtech) took over the project in 2007.
- Became an Apache incubator project on Google Code in 2010, managed by Jim Jagielski.[10]
- Marcus Bointon (coolbru on sourceforge) contributed to the project and joined as an admin in July 2012.
- Marcus created his fork on GitHub.
- Jim and Marcus decide to join forces and use GitHub as the canonical and official repo for PHPMailer.
- PHPMailer moved to the PHPMailer organization on GitHub.
- Late 2016, a serious security flaw was discovered in PHPMailer,[11] [12] that had to be patched twice.[13]
Popularity
Worx International Inc claimed in 2009[14] [15] that: "PHPMailer continues to be the world's most popular transport class, with an estimated 9 million [[[Email client|message user agents]]] worldwide. Downloads continue at a significant pace daily."
PHPMailer sends an SMTP extension command with the sent emails as below which can be used to get the usage report of PHPMailer on the ESPs (Email Service Providers):
X-Mailer: PHPMailer 5.2.13 (https://github.com/PHPMailer/PHPMailer)
This SMTP header may differ for different versions of PHPMailer, and can also be suppressed or modified by PHP code. It also comes with Integrated SMTP support which means you can send emails without a local mail server.
[16]
Notes and References
- Web site: PHPMailer – A full-featured email creation and transfer class for PHP. GitHub. 21 November 2021.
- https://www.linkedin.com/in/bmatzelle
- http://sourceforge.net/users/codeworxtech codeworxtech
- http://phpmailer.codeworxtech.com codeworxtech
- https://github.com/jimjag jimjag
- http://sourceforge.net/users/coolbru/ coolbru
- It is involved in sending emails safely without Email injection risk (not the html purification which is to prevent XSS)
- Worxware claims 9 million MUA use PHPMailer: Frozen web page for the update Dec2013 on phpmailer.codeworxtech.com
- "PHPMailer for e-mail sending support" in the requirements of Mantis Bug Tracker
- Web site: Google Code Archive - Long-term storage for Google Code Project Hosting.
- Web site: Millions of Websites Vulnerable Due to Security Bug in Popular PHP Script. Cimpanu. Catalin. 27 December 2016. Bleeping Computer. 14 February 2024.
- Web site: Santa Knows If Your Contact Form Uses PHPMailer < 5.2.18. Umbelino. Pedro. 25 December 2016. Hackaday. 14 February 2024.
- Web site: Why did the PHPMailer library vulnerability have to be patched twice?. Cobb. Michael. 4 May 2017. TechTarget. 14 February 2024.
- http://phpmailer.codeworxtech.com
- http://www.freezepage.com/1388347420CFDXLIQEKU?url=http://phpmailer.codeworxtech.com/ Frozen update
- Web site: 2021-09-11. What is PHPMailer and how does it work with WordPress?. 2021-10-24. Blogies Tools. en-US.
