views:

252

answers:

2

How would one "sign" an outgoing email using PHP?

The proper header I am looking at is:

signed-by   mydomain.com
A: 

Pass this header to mail() :

$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/plain; charset=utf-8' . "\r\n";
$headers .= 'Some other headers' . "\r\n";
$headers .= 'Signed-by: mydomain.com';
mail ( $to, $subject, $msg, $headers );

Okay, i misunderstood that you were just asking about how to send the header. So if you want to crypt your mails, I don't think it's a good idea to deal with PHP. Asymmetric encryption is a very heavy (not sure this is very english ) process. You need to manipulate enormous numbers for example. And PHP is not good at it. Okay, you had the GMP lib to deal with that, but it will be slow if you want an efficient encryption.

swordofpain
So where does the asymmetric encryption come in?
Mike Curry
The question was about how to send this header with a mail. I thought that the encryption problem itself was solved. So I answered that.
swordofpain
+2  A: 

If I understand you correctly, you want to generate a signed e-mail using PHP.

The standard way to send signed e-mails is S/MIME (another less common way is PGP). S/MIME is basically a MIME message containing the base64-encoding of a CMS message (CMS is also sometimes called PKCS#7).

One way to do this from PHP is with the PHP-bindings to OpenSSL's openssl_pkcs7_sign.

I have no idea what the signed-by header should be used for.

Rasmus Faber