• Hey Guest, don't forget to VOTE on each RFC topic. Your voting determine Chevereto development! No votes, no development.
  • Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

    • 😌 This community is user driven. Be polite with other users.
    • 👉 Is required to purchase a Chevereto license to participate in this community (doesn't apply to Pre-sales).
    • 💸 Purchase a Pro Subscription to get access to active software support and faster ticket response times.

Allow SMTP without credentials

G

Gorian

Chevereto Member
💡Describe your suggestion

I would like the option to use an SMTP server without credentials.(currently, if I enter an SMTP server without entering a username and password, I get an "invalid user" error) While I fully support the use of TLS + a good login for publicly accessible SMTP servers, I am hosting my instance of chevereto on-premise, where the SMTP server is secured via whitelisting IPs ranges / subnets vs. credentials, as it authenticates after it leaves the network.

2169

👏Where did you saw this?

Most applications that uses SMTP

🔥Interest outside our community

Discord - A New Way to Chat with Friends & Communities

Discord is the easiest way to communicate over voice, video, and text. Chat, hang out, and stay close with your friends and communities.
discordapp.com discordapp.com
 
Upvote 1 Downvote
I know this is an old post, but others may have similar needs.

This would be an -easy- thing to add if the developer wanted: A setting to have AUTH set to on or off (instead of forced on). It would instantly solve your problem.

A temp fix is to edit /lib/functions.php and /routes/route.dashboard.php and change '$mail->SMTPAuth = true;' to 'false'. That would work until the next software update/patch that affected those files.

In the backend dashboard, you would still have to enter in a username (but not a password), though the username would get ignored with SMTPAUTH turned off.

Even if you are passing mail through an intranet, it would still be recommended to turn on TLS in the backend. (Chevereto uses PHPMailer. In PHPMailer this would be '$mail->SMTPAutoTLS = true;', though there is a 'SMTP Security' setting in the Chevereto dashboard to turn on TLS).

If the developer wanted to get fancy, there could be a warning generated if TLS was off, and the email server entered wasn't pointing to a private IP range (192.168.x.x for example).

Besides people in their own tightly controller networks, a similar issue may arise if hosting at GoDaddy (see the GoDaddy section on this page: https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting )
 
Hi @mclemore

For your need you could also use postfix (or a modern alternative) which will enable to globally configure email send email using the built-in mail() function. I don't know if that's still a thing :)
 
You must log in or register to reply here.
Back
Top