search

deliciousbrains / wp-offload-ses-lite

WP Offload SES Lite sends all outgoing WordPress emails through Amazon Simple Email Service (SES) instead of the local wp_mail() function.
https://wordpress.org/plugins/wp-ses/
13 stars 11 forks source link

verified domains added by subsite are available to all other subsites. #4

Open robert-hopla opened 5 years ago

robert-hopla commented 5 years ago

on a multisite, when you allow users to overwrite network settings, they can add a domain.

however, when they add a domain, this will be visible/available to all other subsites, too.. We cannot have subsite owner able to send emails with other subsite owners their domain...

Also, it would be helpful to allow subsites to overwrite network settings on a site-by-site basis, instead of everybody/nobody is allowed (currently)

Thanks!

mattgrshaw commented 5 years ago

Yep, I think that's expected behavior at this point in time.

It's a good idea to allow specific subsites to override settings without allowing every other subsite. I've raised an issue on our internal issue tracker to take a look at that for a future release.

In the meantime, the best workaround I think would be to have the different subsites use different AWS accounts so that the verified domains, etc. aren't shared between the subsites.

Alternatively, you could use the WPOSES_HIDE_VERIFIED constant in your wp-config.php file to hide the verified senders page. I don't recommend this approach since the subsites would still be sharing an AWS account, but it would prevent them from seeing that directly.

robert-hopla commented 5 years ago

How would I go about having subsites use their own creds?

So basically, if they want to override the network settings / add verified senders, they will have to add their own keys.

That would work for me.

On Thu, Aug 8, 2019 at 3:04 PM Matt Shaw notifications@github.com wrote:

Yep, I think that's expected behavior at this point in time.

It's a good idea to allow specific subsites to override settings without allowing every other subsite. I've raised an issue on our internal issue tracker to take a look at that for a future release.

In the meantime, the best workaround I think would be to have the different subsites use different AWS accounts so that the verified domains, etc. aren't shared between the subsites.

Alternatively, you could use the WPOSES_HIDE_VERIFIED constant in your wp-config.php file to hide the verified senders page. I don't recommend this approach since the subsites would still be sharing an AWS account, but it would prevent them from seeing that directly.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/deliciousbrains/wp-offload-ses-lite/issues/4?email_source=notifications&email_token=AJBM2UGJ22BS3ZSEV77PAEDQDRU2LA5CNFSM4IKM44SKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD34THNA#issuecomment-519648180, or mute the thread https://github.com/notifications/unsubscribe-auth/AJBM2UACUNBVUOIBATFWQV3QDRU2LANCNFSM4IKM44SA .

mattgrshaw commented 5 years ago

@robert-hopla Currently the only way would be to allow subsites to override settings, and then have them add their own keys. There won't be a way to force the subsites to use their own keys, short of not configuring keys at the network level.