MichelleBlanchette
commented
10 months ago This is a higher priority as Post SMTP quickly becomes a more ridiculous plugin in the admin and I received a Patchstack vulnerability alert about it.
It just keeps feeling like such a bloated, vulnerable plugin that provodes such a basic functionality for my personal use case.
Also, it seems we will eventually implement WooCommerce on PTC for premium plugin licensing, so it's even more dire to secure the site and avoid unnecessary third-party code while still ensuring emails are being sent reliably.
Post SMTP has a lot of dependabot alerts pertaining to Composer dependencies for SMTP clients that I don't even use. This also tells me that there's probably a lot of code in there simply unrelated to my needs (as expected).
It seems actually super simple to route WordPress PHP emails through Mailgun: https://www.mailgun.com/blog/email/improve-wordpress-email/#chapter-3
Also, the article mentions you can simply view the email logs within Mailgun. However, I think we should still add some sort of logging on the WordPress side to ensure the emails are making their way to Mailgun. If there were ever authentication issues or code bugs, then I could still be able to see that this has happened and debug the situation.