authentication failure [SMTP: STARTTLS failed (code: 220, response: 2.0.0 Ready to start TLS)]

Question

i am trying to send email with attachment in PHP using SMTP and PEAR but getting the error as "authentication failure [SMTP: STARTTLS failed (code: 220, response: 2.0.0 Ready to start TLS)]"

<?php
require_once "Mail.php"; // PEAR Mail package
require_once ('Mail/mime.php'); // PEAR Mail_Mime packge

$from = "Your Mom <[email protected]>";
$to = "Me <recepient [email protected]>";
$subject = 'Call Me!';

$headers = array ('From' => $from,'To' => $to, 'Subject' => $subject);

// text and html versions of email.
$text = 'Hi son, what are you doing?nnHeres an picture of a cat for you.';
$html = 'Hi son, what are you doing?<br /><br />Here is an picture of a cat 
for you.';

// attachment
$file = 'fromc.xls';
$crlf = "n";

$mime = new Mail_mime($crlf);
$mime->setTXTBody($text);
$mime->setHTMLBody($html);
$mime->addAttachment($file, 'text/plain');

$body = $mime->get();
$headers = $mime->headers($headers);

$host = "smtp.gmail.com";
$username = "[email protected]";
$password = "xyz";

$smtp = Mail::factory('smtp', array ('host' => $host, 'auth' => true,
 'username' => $username,'password' => $password));

$mail = $smtp->send($to, $headers, $body);

if (PEAR::isError($mail)) {
echo("<p>" . $mail->getMessage() . "</p>");
}
else {
echo("<p>Message successfully sent!</p>");
}
?>`

PHP version:1.10.1 PEAR version:7.1.6
got the code from here please help me to clear the error...

Answer 1

The undocumented parameter: socket_options , let me authenticate when I got this error:
authentication failure [SMTP: STARTTLS failed (code: 220, response: TLS go ahead)].

I just need add :
'auth' => "PLAIN",
'socket_options' => array('ssl' => array('verify_peer_name' => false)),

Taken from: https://pear.php.net/manual/en/package.mail.mail.factory.php

---

I was getting this error, but even disabling STARTTLS (as several of the above comments suggest) didn't help, as it then reported an authentication error. I found the proper fix for at least my situation.

If you're using PHP 5.6, there are changes to SSL: http://php.net/manual/en/migration56.openssl.php

Mainly, there is extra verification done on the connection. This verification wasn't done on 5.5 so these issues were ignored. But in my situation, the server was sending the SMTP EHLO command with "localhost" and apparently that causes PHP's new verification to fail.

The solution is to patch osTicket's mail class at /include/pear/Net/SMTP.php - change this line:

$this->_socket_options =$socket_options;

to

$this->_socket_options = array('ssl' => array('verify_peer_name' => false));

This turns the verification off. For my setup, the mail server is on the same local network as the osTicket server, so I'm not overly concerned about the security.

The other solution is to downgrade to PHP 5.5 which doesn't have this extra verification.

It'd be nice if osTicket somehow offered a setting for this so patching the code isn't necessary every time.

Taken from: https://github.com/pear/Net_SMTP/issues/14

Answer 2

I have a better answer if you are self-certed.

Add:

'auth' => true,
'socket_options' => array('ssl' => array('verify_peer_name' => false, 'allow_self_signed' => true)),

To the $smtp = Mail::factory('smtp', line.

Essentially you are adding this to the array:

allow_self_signed' => true

Which clearly tells the code to allow selt certs.

In my case:

$smtp = Mail::factory('smtp',array ('host' => $host,'auth' => true,'socket_options' => array('ssl' => array('verify_peer_name' => false, 'allow_self_signed' => true)),'username' => $username,'password' => $password,'port' => '25'));

This is similar to what Vlax said, but that didn't work. I was looking at this link and reversed it:

https://github.com/PHPMailer/PHPMailer/issues/766