I wish to generate a CRAM-MD5 response for an SMTP server.
I can see the theoretical details of how to do so here: CRAM-MD5 Implementation, but I’m looking for the specific PHP code in order to implement it.
How can I implement this in PHP?
Advertisement
Answer
The following PHP code will produce a valid response for CRAM-MD5:
$username = "username goes here"; $password = "password goes here"; $challenge = "challenge from server goes here"; $challenge = base64_decode($challenge); $digest = hash_hmac("md5", $challenge, $password, false); var_dump(base64_encode($username . ' ' . $digest));
In a telnet session, you can use it like this:
telnet your.smtp.server.com 25 Trying 123.123.123.123... Connected to your.smtp.server.com. Escape character is '^]'. 220 your.smtp.server.com EHLO your.server.com ... 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5 ... AUTH CRAM-MD5 334 <challenge from server> <output from var_dump goes here> 235 2.7.0 Authentication successful