Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
A lot of examples I found online about sending emails with php set the header
"X-Mailer: PHP/" . phpversion()
But I find disclosing I’m using php and its version a very bad security practice.
Is this a required header?
Let’s look at what kind of header is generated.
According to RFC 2076, section 3.4, the header “X-Mailer” is, together with several others, non-standard. Which basically means that any mail software can treat it like it wants to, especially adding them or ignoring them. Absence of such headers cannot be used against the sender.
I’m pretty sure the “X-” prefix indicates “non-standard header” in SMTP message format as well, just as it does in HTTP headers or mime types.