Authentication with server IP.

[mstojanovv]

Hello.

There is an issue when using Eq. Google SMTP relay with authentication with server IP configured via G Suite configuration.

Consider this config:

$config['useragent']    = 'phpmailer'; // neither "codeigniter" works
$config['protocol']     = 'smtp';
$config['smtp_host']    = 'smtp-relay.gmail.com';
$config['smtp_user'] = '[email protected]';
// When using authentication with server IP, the password should be empty or false
$config['smtp_pass']    = '';
$config['smtp_port']    = '465';
$config['smtp_crypto'] = 'ssl';

When testing, the following error is thrown: Failed to authenticate password. Error: 535-5.7.8 Username and Password not accepted.

Actually, here the password and authentication is not required, it shouldn't require authentication, it just authenticates from the fact it's coming from an email associated with the domain name, and the IP address of the server.

The property boolean value _smtp_auth is set in a wrong way.

Take a look here:

https://github.com/ivantcholakov/codeigniter-phpmailer/blob/master/libraries/MY_Email_3_1_x.php#L704

https://github.com/ivantcholakov/codeigniter-phpmailer/blob/master/libraries/MY_Email_3_1_x.php#L720

In order this to work fine on line 704 should be:

$this->_smtp_auth = ($value != '' && $this->smtp_pass != '');

On line 720 should be:

$this->_smtp_auth = ($this->smtp_user != '' && $value != '');

I believe that this change won't break any current tests and implementation?

Regards.

[ivantcholakov]

Did you actually tried this change? Does it fork in your case?

[ivantcholakov]

Will it work if you simply set

$config['smtp_user'] = '';

?

[mstojanovv]

Hello.

Yes, I tried the change and worked good with the Google Suite, then I performed other tests other than Google Suite authentication, worked good too.

I extended your library and declared set_smtp_user and set_smtp_pass methods in my custom class with the code change I mentioned before.

In my app, I can't leave the $config['smtp_user']config blank if SMTP protocol is used because I'm using this config item to add FROM header while sending emails.

Technically leaving the $config['smtp_user'] empty will do the job, you can test by yourself too.

$smtp_user = '';
$password = '';
var_dump(!($smtp_user == '' && $password == ''));

The result will be false but I'm not sure also if there is a possibility to leave the $config['smtp_user'] config blank when using authentication with server IP like in this example, in this case, Google won't be able to identify the email address to send an email from.

I tested this on my customer server, I don't have a Google Suite to perform more tests but IMO the change should work well if you have more time and opportunity you can perform additional tests.

If I can be of some other help, don't hesitate to let me know.

Regards.

[ivantcholakov]

On your screenshot I can see the checkbox "Require SMTP Authentication". Also, I can see that PHPMailer has its own option 'SMTPAuth' by which authentication can be turned on/off explicitly. By analogy, I think, the easiest way to deal with this case is adding by me a new configuration option $config['smtp_auth']. If it is undefined/null, the library's behavior stays the same for BC. Otherwise its boolean interpretation ( !empty($config['smtp_auth']) ) will determine whether SMTP authentication is to be used.

And you will need simply to add

$config['smtp_auth'] = FALSE;

to your application's configuration file.

I am going to prepare a new release with the described solution.

[ivantcholakov]

Update to RELEASE 1.2.30.