[wp-trac] [WordPress Trac] #41344: Secure Email Integration

WordPress Trac noreply at wordpress.org
Mon Jul 17 14:45:05 UTC 2017 

#41344: Secure Email Integration
----------------------------+----------------------------------------
 Reporter:  ina2n           |       Owner:
     Type:  enhancement     |      Status:  new
 Priority:  normal          |   Milestone:  Awaiting Review
Component:  Administration  |     Version:  4.8
 Severity:  normal          |  Resolution:
 Keywords:                  |     Focuses:  administration, multisite
----------------------------+----------------------------------------

Comment (by ina2n):

 Replying to [comment:1 earnjam]:
 > A couple of questions:
 > 1) Why is this marked as specific to multisite and not just core in
 general?
 > 2) What is the rationale for integrating this into core instead of
 leaving it as a separate plugin, since it seems to function fine using the
 `phpmailer_init` hook?

 1) I run WP multisite, and have no need for single site setups. As WP
 moves forward, I don't see the WP single site as a viable product any
 more.  I can build and maintain a website for a customer using multisite
 at a significantly greater efficiency. I can reduce/eliminate the need for
 staff when using multisite, and manage individual user sites with ease.

 In my opinion, WP would be a much better solution for everyone if all
 sites were setup as multisite capable from the start. From the multisite
 environment, any user can create their own "dev" site within their own
 environment setup. This makes upgrades and design much easier to push, and
 more capable for even a novice.

 2) You're right. The `phpmailer_init` hook does work. But just like WP
 multisite was a plugin for years, I pushed for multisite integration into
 the core over a year ago. Integrating more email capabilities into core is
 just a natural progression, and I'm confident that many new WP users don't
 realize the complexities of getting their own private emails up and
 running within WP. The email integration is not a necessity because of WP,
 it's a necessity because of the natural progression of email security
 standards.

 Personally, I don't know of any hosting provider that allows emails to be
 sent over the non-secure Port 25. And no hosting provider allows emails to
 be sent without password authorization. Any hosting provider, I know
 because I am one, cannot allow an open relay on Port 25. We would all be
 blacklisted within 48 hours, and that's why the present WP core email
 provisions are lacking.

 When you review the file I uploaded, I explain every line and you'll see
 that it's only a handful of lines that would be added to core.  This makes
 WP significantly more email friendly, because everyone has a need to send
 emails via their WP console, and the load on the core is insignificant.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/41344#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list