brian_cee Posted February 26, 2018 Share Posted February 26, 2018 Site rebuild/upgrade from 2.2 to 2.3.4 almost done.....everything looking good until I make entire site SSL.....then emails don't work. Most of the threads I Google up are years old and refer to older versions of OSC......With Bootstrap, is it still the way to go to install PHPMailer so that OSC can send SMTP mail over SSL? When I try to send mail from the site, the bounces have that error about: SMTP error from remote mail server after end of data: 550 Messages should have one or no To headers, not 2. Because the return path and "To" don't match..... And when I run a test of my mail servers with MXtoolbox.com, it says the SMTP server is disconnected, as well as other SMTP-related warnings... Seems like SSL jacked everything up, mail-wise........I tried to find SMTP-related addons that folks mentioned they were working on years ago, and came up empty.......If anyone cares to point me in the right direction for 2.3.4BS, I say thanks in advance..... Quote Link to comment Share on other sites More sharing options...
Dan Cole Posted February 26, 2018 Share Posted February 26, 2018 4 hours ago, brian_cee said: Because the return path and "To" don't match Is it a return path issue? Dan Quote Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here. Link to comment Share on other sites More sharing options...
brian_cee Posted February 26, 2018 Author Share Posted February 26, 2018 7 hours ago, Dan Cole said: Is it a return path issue? Dan I think it might be several issues, but the return and the To don't match in the headers of the bounces. I also have not installed PHPMailer....So I don't know if installing that would fix all the issues or if I need to install that to start, and still have return path issues besides that.....So instead of just stabbing around at crap I don't understand, I thought I'd throw out a lifeline. I was kind of hoping the answer would be, "Just install PHPMailer and it fixes all that crap," or something. I know it's not that simple, but when I'm this lost I throw myself at the mercy of the forums.... Quote Link to comment Share on other sites More sharing options...
brian_cee Posted February 26, 2018 Author Share Posted February 26, 2018 To clarify, in that thread you linked to, you added other changes besides the ones mentioned by wdepot's addon/fix...You said: The contribution referenced here solves the problem when calling the tep_mail function but not when you create a new instance of the email class as one of my favorite contributions does. The email header seems to be set when the instance is created so I made the following change... // $mimemessage = new email(array('X-Mailer: osCommerce System Mailer')); $mimemessage = new email(array('X-Mailer: osCommerce System Mailer','Return-Path: <' . STORE_OWNER_EMAIL_ADDRESS . '>')); So, did you add those lines in addition to the lines he mentioned, or instead of, or something else? And, do I still need to install PHPMailer in order to send SMTP mails from OSC? On my old OSC 2.2 site, I never sent any mail from the server, I did everything from hotmail/gmail, so I am learning the mail functions from scratch, so I think I don't understand it even a little, so what may seem too obvious for you to mention might shine a light on my whole problem....... Quote Link to comment Share on other sites More sharing options...
Dan Cole Posted February 26, 2018 Share Posted February 26, 2018 It has been awhile but I think I added that line in addition to wdepot's fix....if you google for it there is another thread on the Return Path issue that might be a little more helpful. As I recall I'm just using the standard osC mail function with those return path changes. My email transport method is just set to sendmail. Dan brian_cee 1 Quote Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here. Link to comment Share on other sites More sharing options...
brian_cee Posted February 27, 2018 Author Share Posted February 27, 2018 3 hours ago, Dan Cole said: My email transport method is just set to sendmail. Interesting, I thought, for some reason, that it had to be SMTP after SSL was enabled.......Thanks for your time. Quote Link to comment Share on other sites More sharing options...
Dan Cole Posted February 27, 2018 Share Posted February 27, 2018 I have SSL enabled...in fact my whole site is SSL and sendmail works just fine. Dan brian_cee 1 Quote Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here. Link to comment Share on other sites More sharing options...
brian_cee Posted March 4, 2018 Author Share Posted March 4, 2018 Now I think I know why people use PHPMailer and SMTP, I see that if you want to not let your site's IP address be seen in headers of emails sent to customers (or hackers posing as customers) you need to use a different mail server than what your site is hosted on. Kind of pointless to use Cloudflare to hide your host and IP if you are going to mail that info to anybody that wants to know. Does anyone know if that's the only way to not pass your host and IP along in mail headers? Quote Link to comment Share on other sites More sharing options...
Dan Cole Posted March 4, 2018 Share Posted March 4, 2018 47 minutes ago, brian_cee said: Does anyone know if that's the only way to not pass your host and IP along in mail headers? Have you been down this road? Quote Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here. Link to comment Share on other sites More sharing options...
brian_cee Posted March 4, 2018 Author Share Posted March 4, 2018 1 minute ago, Dan Cole said: Have you been down this road? I have seen that, but I don't have a problem with the renamed admin showing up in mail headers, but I don't need attackers knowing my host and IP address, so I didn't go too far down that road........ Quote Link to comment Share on other sites More sharing options...
brian_cee Posted March 4, 2018 Author Share Posted March 4, 2018 By saying " I don't have a problem with the renamed admin showing up in mail headers" I didn't mean I was cool with it, I meant that I don't experience that. My mail headers don't show the admin's location or name... Quote Link to comment Share on other sites More sharing options...
Dan Cole Posted March 4, 2018 Share Posted March 4, 2018 Huh? Don't you need to include your IP etc in your headers to reach the recipients inbox these days? I'm probably wrong but won't messing with that just get you in their spam box or worst yet, just trashed by the recipients host? Dan Quote Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here. Link to comment Share on other sites More sharing options...
brian_cee Posted March 4, 2018 Author Share Posted March 4, 2018 43 minutes ago, Dan Cole said: Huh? Don't you need to include your IP etc in your headers to reach the recipients inbox these days? I'm probably wrong but won't messing with that just get you in their spam box or worst yet, just trashed by the recipients host? Dan I don't know anything about anything, but I bug people who do by asking them enough questions to start thinking I might have a clue. And I think the main reason folks use Cloudflare is to mask their IP, so it can't get attacked. But to send mail, I think you have to have a third party SMTP mail server, so they can attack that, but not your site itself, just the mail server. Quote Link to comment Share on other sites More sharing options...
Dan Cole Posted March 4, 2018 Share Posted March 4, 2018 I know nothing about nothing too and the minute I think I do, I realize I don't, but I think you've making this way to tough. It would never have occurred to me to worried about that. You can get a sites IP by just typing in the website address at places like http://get-site-ip.com/ so I'm not sure hackers are going to go the trouble of joining your email list or whatever to hunt down your IP. Dan Quote Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here. Link to comment Share on other sites More sharing options...
brian_cee Posted March 4, 2018 Author Share Posted March 4, 2018 7 hours ago, Dan Cole said: I know nothing about nothing too and the minute I think I do, I realize I don't, but I think you've making this way to tough. It would never have occurred to me to worried about that. You can get a sites IP by just typing in the website address at places like http://get-site-ip.com/ so I'm not sure hackers are going to go the trouble of joining your email list or whatever to hunt down your IP. Dan If one has properly configured their Cloudflare settings, http://get-site-ip.com/ will only return a Cloudflare IP, not the domain name that you typed in. That's the whole purpose of Cloudflare for most folks that use it, and that's the main complaint certain types have about CF, that they protect unpopular websites that people would like to attack, but can't, because they don't know, and can't find out, the domain's IP address. Quote Link to comment Share on other sites More sharing options...
Dan Cole Posted March 5, 2018 Share Posted March 5, 2018 That's interesting....thanks for taking the time to explain. Now I know something. I'm surprised they don't also offer some type of service to deal with the email issue you described ie offering up a Cloudflare IP but perhaps the nature of what they are doing prevents them from doing that. Good luck getting it figured out. Dan Quote Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here. Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.