[wp-trac] [WordPress Trac] #25239: $_SERVER['SERVER_NAME'] not a reliable when generating email host names
WordPress Trac
noreply at wordpress.org
Fri May 5 22:42:36 UTC 2017
#25239: $_SERVER['SERVER_NAME'] not a reliable when generating email host names
-------------------------------------------------+-------------------------
Reporter: layotte | Owner:
Type: defect (bug) | SergeyBiryukov
Priority: normal | Status: reviewing
Component: Mail | Milestone: Future
Severity: normal | Release
Keywords: has-patch dev-feedback needs- | Version: 3.8
testing | Resolution:
| Focuses:
-------------------------------------------------+-------------------------
Comment (by tsimmons):
Replying to [comment:78 kitchin]:
> Empty return-path is the age-old way of preventing bounces. Bounces
themselves set an empty return-path, as do "out of the office" auto-
responders. Return-path is part of the SMTP envelope, unlike message
headers like return-to. Sorry if this information is bug spam for most
people, but maybe it's not.
>
> We could both try to stop bounces AND use the owner email address, which
we can assume has been affirmatively set up during install. It won't catch
everything, due to the variety of setups, pluggables, filters, etc. And
there might be legacy blowback. Imagine someone has written a filter that
detects wordpress@! Too bad.
>
> Could send a security email advisory to the owner address during the
upgrade.
Personally I'd prefer an option to set the from-address, so a user could
use their own email or a null-routed noreply@ if desired. Or even a user-
supplied account that can receive replies. It's up to the user to choose,
just use reasonable defaults for the less tech-savvy.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/25239#comment:79>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list