[wp-trac] [WordPress Trac] #36125: Disable automatic TLS encryption in PHPMailer
WordPress Trac
noreply at wordpress.org
Sun Mar 6 10:27:18 UTC 2016
#36125: Disable automatic TLS encryption in PHPMailer
--------------------------------+------------------------------
Reporter: scara | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: External Libraries | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
--------------------------------+------------------------------
Comment (by BinaryKitten):
Hi @scara
Welcome to Trac and thank you for submitting this ticket.
I'm not sure turning off security by default should be the way to go.
Especially since the version you've mentioned has been in Core since July
of last year and "turning off" would leave users that are in need of or
use TLS, without that security.
Would a documentation update be a better choice here, since there is a
hook for phpmailer_init which will allow this to be achieved for those
with the issue.
{{{#!php
<?php
add_action('phpmailer_init', 'disableTLS');
/**
* @param \PHPMailer $phpmailer
*/
function disableTLS($phpmailer){
// Disable the automatic TLS encryption added in PHPMailer v5.2.10
(9da56fc1328a72aa124b35b738966315c41ef5c6)
$phpmailer->SMTPAutoTLS = false;
}
}}}
This is a simple plugin file that you could drop into mu-plugins to get
the same result without compromising security that is already there.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/36125#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list