99% of web servers using php actually don't require authentication. In fact I haven't run into a popular hosting company that does. Where do you host?
Usually they will set up php with a default smtp server and use IP restrictions to allow requests from the web server so no additional security is required.