Opened 8 years ago
Closed 7 years ago
#41344 closed enhancement (duplicate)
Secure Email Integration
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 4.8 |
Component: | Keywords: | ||
Focuses: | administration, multisite | Cc: |
Description (last modified by )
By the time an entrepreneur decides to use WP multisite, the need for extensive email integration is a requirement. Whether the new startup company is on shared or dedicated hosting, the need for proper secure email integration into their WP sites is a must. The necessary code to deliver secure email with PHPMailer is minimal, and the need to do so in today's email environment is critical.
As you may know, Gmail (possibly others) has placed more strict requirements on using their SMTP email servers for outside accounts, and this has created a greater need for private email servers.
Please integrate secure email into WP multisite core with proper admin menus. I've been using the following code as a personal plugin for more than a year:
<?php defined( 'ABSPATH' ) OR exit; /** * Plugin Name: WP Simple SMTP Settings * Description: Simple SMTP server settings with SSL/TLS for PHPMailer, expressly designed to enable Wordpress to send emails with s self-signed certificate on their private email server. * Author: ina2n * Author URL: https://ina2n.com * License: GPLv2 or later * License URI: http://www.gnu.org/licenses/gpl-2.0.html */ add_action( 'phpmailer_init', 'phpmailerSMTP' ); function phpmailerSMTP( $phpmailer ) { $phpmailer->IsSMTP(); $phpmailer->Host = 'mail.youremailserver.com'; // SMTP Host $phpmailer->SMTPAuth = true; // Authentication, other option is false, but reckless and ill advised $phpmailer->Username = 'yourusername@youremailserver.com'; $phpmailer->Password = 'yourpassword'; $phpmailer->SMTPSecure = 'ssl'; // enable if required, 'tls' is another possible value $phpmailer->Port = 587; // SMTP Port $phpmailer->SMTPOptions = array ( 'ssl' => array('verify_peer' => false,'verify_peer_name' => false,'allow_self_signed' => true)); //Enable SMTP on email servers with self-signed certificates // The following settings are optional and can be set for static emails, however, if you're using a dynamic email newsletter plugin such as Woocommerce or SendPress, then you want to comment out these lines by leaving the // at the front of each line. Any variables placed here will override all other email sending plugins. You can change any one of these settings to override all email sending plugins. For example, you might want your email 'FromName' to read as your company name, regardless of what you have setup in Woocommerce, SendPress or other email sending plugins. // $phpmailer->From = 'yourusername@youremailserver.com'; // $phpmailer->FromName = 'Your Company Name'; //This can be your company, website, or your your name // $phpmailer->Subject = 'Your Company Title'; // Leave this blank '' if you don't want the subject line automatically populated // $phpmailer->SMTPDebug = 2; // 1: show client -> server messages only. Don't use this - it's very unlikely to tell you anything useful. // 2: show client -> server and server -> client messages - this is usually the setting you want // 3: As 2, but also show details about the initial connection; only use this if you're having trouble connecting (e.g. connection timing out) // 4: As 3, but also shows detailed low-level traffic. Only really useful for analysing protocol-level bugs, very verbose, probably not what you need. }
Attachments (1)
Change History (9)
#1
follow-up:
↓ 3
@
8 years ago
A couple of questions:
1) Why is this marked as specific to multisite and not just core in general?
2) What is the rationale for integrating this into core instead of leaving it as a separate plugin, since it seems to function fine using the phpmailer_init
hook?
#2
follow-up:
↓ 4
@
8 years ago
I agree with @ina2n that this should be core functionality nowadays, and not plugin territory. See #29069 for a similar Trac ticket.
#3
in reply to:
↑ 1
@
8 years ago
Replying to earnjam:
A couple of questions:
1) Why is this marked as specific to multisite and not just core in general?
2) What is the rationale for integrating this into core instead of leaving it as a separate plugin, since it seems to function fine using thephpmailer_init
hook?
1) I run WP multisite, and have no need for single site setups. As WP moves forward, I don't see the WP single site as a viable product any more. I can build and maintain a website for a customer using multisite at a significantly greater efficiency. I can reduce/eliminate the need for staff when using multisite, and manage individual user sites with ease.
In my opinion, WP would be a much better solution for everyone if all sites were setup as multisite capable from the start. From the multisite environment, any user can create their own "dev" site within their own environment setup. This makes upgrades and design much easier to push, and more capable for even a novice.
2) You're right. The phpmailer_init
hook does work. But just like WP multisite domain mapping was a plugin for years, I pushed for multisite mapping integration into the core over a year ago. Integrating more email capabilities into core is just a natural progression, and I'm confident that many new WP users don't realize the complexities of getting their own private emails up and running within WP. The email integration is not a necessity because of WP, it's a necessity because of the natural progression of email security standards.
Personally, I don't know of any hosting provider that allows emails to be sent over the non-secure Port 25. And no hosting provider allows emails to be sent without password authorization. Any hosting provider, I know because I am one, cannot allow an open relay on Port 25. We would all be blacklisted within 48 hours, and that's why the present WP core email provisions are lacking.
When you review the file I uploaded, I explain every line and you'll see that it's only a handful of lines that would be added to core. This makes WP significantly more email friendly, because everyone has a need to send emails via their WP console, and the load on the core is insignificant.
This ticket was mentioned in Slack in #core-multisite by ina2n. View the logs.
7 years ago
This ticket was mentioned in Slack in #core-multisite by pmbaldha. View the logs.
7 years ago
#8
@
7 years ago
- Milestone Awaiting Review deleted
- Resolution set to duplicate
- Status changed from new to closed
Thanks again for the ticket, but this really is plugin territory due to the huge variety of mechanisms and services for sending mail.
In addition, running your own SMTP server is increasingly less common for individuals, small businesses, and indeed large businesses. If you want to securely send mail through your own SMTP server, there is a plugin for that, and if you want to send mail via a hosted mail delivery service then there's almost certainly a plugin for that too.
Duplicate of #29069
Simple SMTP Email Integration