For a registration system I need to send e-mails containing private information to future employees. When I first setup this system using PHPMailer, I used to following settings:
$mail->Port = 587;
$mail->SMTPSecure = "tls";
However, the company I work for has changed their mailing system, and now the only way I get my system working is using the following settings:
$mail->Port = 587; //or 465
$mail->SMTPSecure = "ssl";
I've read that SSL is outdated and deprecated, so am I still able to send messages securely?
I've read that SSL is outdated and deprecated, so am I still able to send messages securely?
The meaning of SSL in this context is not SSL vs. TLS but is implicit SSL/TLS vs. explicit SSL/TLS using the STARTTLS command.
$mail->SMTPSecure = "ssl";
This means to use implicit SSL/TLS, i.e. create the TCP connection and immediately upgrade to SSL/TLS. This is suitable for smtps, i.e. port 465.
$mail->SMTPSecure = "tls";
This means to use explicit SSL/TLS, i.e. create the TCP connection, do some plain commands and only upgrade to SSL/TLS after the STARTTLS command. This is suitable for port 25 and 587.
For a registration system I need to send e-mails containing private information to future employees.
Both ways protect the communication between the sender and the first mail server. None of these protect the communication between the sender and the final recipient. SMTP alone is not suitable for this and you would need PGP or S/MIME for this including the necessary infrastructure for the keys.