Had a look around online and couldnt find any decent SMTP plugin for sending and receiving emails through wordpress. Seems like it makes a lot of people angry for wordpress to do such a thing which seemed odd, so I decided to start working on one myself.

The goal of this plugin is to add the following functionality to the wordpress dashboard.

  • Send Emails
  • Receive Emails
  • Log into any user inbox using SMTP servers user authentication.
  • Create WP database to log emails and better manage them.
  • Parse and display any email information.
  • Setup email blasts for newsletters.
  • Basic spam filter
  • Adminbar notifications for unread emails.

The wordpress side of things is the easy part so I have put the effort into extracting the emails from the IMAP server from a wordpress plugin. It took quite a bit of work to get this to display any useful information, but after a while I started to make some good progress on this. Using a linux server with postfix and dovecot installed as the SMTP and IMAP servers I was able to use PHP to pull the latest emails for an individual user.

Here is the base inbox page that lists the latest emails. This is going to need major touch ups to style, but I want to get the functionality working smooth before making it look pretty.

Wordpress Email Inbox

WordPress Email Inbox

 

This inbox page is a bit messy, but its working! The next thing was to be able to view the actual email body. This is also crazy messy, but it works and thats all that matters for the moment. I have listed the emails and dumped the email body below. Attachments still don’t show up, but the core components are correctly displaying.

Received Emails With Body

Received Emails With Body

The next stage to this would be making this a little more user friendly so emails can be read much better. I will create individual “view email” pages that will display the email and hopefully any attachments. I will work on adding controls to this page that will allow for replies, forwarding, attachments etc.

I do see some potential issues in the future with this. While it is working perfectly on my server, I am not confident its going to work straight up on another server that’s running a different operating system/mail server. Once i have a stable version of the plugin I will try to get a few people to test this out on various servers. I will work on creating a quick setup tool that will try to test various config options in order to determine what one will work best for the particular system. The install of php-imap and mail servers are requirements in order to make this work.

I’m very surprised this hasn’t been done in the past. WordPress is a CMS, but with the evolution of the web I for one would like to have everything related to my website kept in one area. Why go to a roundcube install or anything else when you can just do everything that you need to do within wordpress?

Most standard PDO tutorials from around the web are going to demonstrate using a MySQL database with apache as a web host. The PDO connection string for this setup is not going to work if you want to connect to a SQL Server database using Microsofts IIS server.

The first step is to make sure PHP is setup to connect to SQL Server. PHP is going to use the sqlsrv driver on IIS in order to connect to SQL Server. This will probably be installed already, but to make sure you will have to go to your php.ini file. If you are unsure where this file is located you can use phpInfo() to find out the file path of the php.ini file.

You need to open the file and check for the following line. If its commented out, uncomment it. If its missing then add it. If it’s not present then there is a chance that the driver is not installed at all, if so then you will need to install it.

If you don’t have the driver installed, you can get it here.

Once you are all setup with the driver and php is good to go, restart IIS to make sure that the changes with the php.ini are picked up by IIS.

 

When making a query the code stays the same, but the PDO connection string is going to be different. Use the following format and add the connection details for your server into the string.

This should be all you need to connect to an SQL Server database using PHP with IIS web host.

Reverse DNS is a common method used to help keep your emails out of the dreaded spam filters. Fortunately, once you know how, reverse DNS is a quick and easy way to improve the trustability of your emails. Reverse DNS alone is not enough to guarantee that your emails will successfully make it to a users inbox, but its a quick and easy way to start. I suggest you look at DKIM keys after you have this completed as these will also greatly help you out. Click here for a guide on setting up DKIM keys for emails.

So first things first. Where do you go to set this up?

Most people think that it’s the job of your domain registrar (i.e. GoDaddy) to do this, but this is not the case. Your hosting provider is responsible for this. If you are using a shared host, you may not have access to do something like this. Generally to have a reverse DNS your website will need to have its own dedicated IP address and not be shared as a virtual host on a server somewhere. If you are unsure about this get in touch with the company that host your website and they will help you out further.

If you have your own server, be it VPS, dedicated or some other system, you should be able to set this up very easily. When you register for an account you will be given an IP for your server. This is the IP that you enter for your domain name in Godaddy or whatever domain registrar you use.  This means that domain.com will map to the IP address of your server. Reverse DNS is making sure that that same IP address reverse maps back to your domain name.

Start by logging into whatever managment system your host has provided for you. If you don’t have one then get in touch with the host and they will tell you where to find the form. Generally there will be a simple form and you can just type the name of the domain into a box and after a few minutes, the IP of your server will map back to your name. It’s a very simple yet effective thing to do to combat the spam filter war!

Drag and drop is cool, but for me i found that it was causing more trouble than good. So if you are like me and are sick of accidentally dropping a folder into another sub directory, then it’s best to just disable it completely. Unfortunately this cannot be done directly using the init settings (at least as far as i know it cant), but not to worry, it’s very easy to disable it anyway.

To disable drag and drop, you will need to open up “elfinder.js”. For me this file was minified which made it a little difficult to work with, but you don’t need to do much so don’t worry. Do a search of the file and look for the following. Make not that this is the minified code, so if it returns null, try mess around with it a bit and you will find it.

In my case i just deleted the droppable functionality. This meant the drag still worked, but it didn’t do anything. You can disable both if you like but for me droppable was enough as I got weird icon issues sometimes when draggable was disabled.

Search through the file and look for following code and just delete the contents of the droppable value.

 

To delete the draggable functionality you will also need to edit the elfinder.js file. Look for a line of code like the following

All you need to do is remove the text from the variable.

Drag and drop is now disabled for elfinder.

DomainKeys Identified Mail (DKIM) is a process used to validate emails preventing someone from sending spam email using an unauthorised email address. The process works using 2 encrypted SSL keys. A public key which is obviously made available to the public and a private key which only you / your web server will know. When you send an email you will attach your private key to the email. When gmail or any other web server gets the email, it will check to see if the public key that you have made available via your DNS zone file, matches up with the private key that was sent with the email. DKIM is a one useful method to prevent your emails ending up in spam folders.

Setting up DKIM for your web server may seem like it is incredibly complicated and there is no denying..it sucks! but as long as you have some experience working with a web server and have access to everything needed, you should be able to get this setup. To make life as easy as possible I will break this down into a series of individual steps.

Step 1 – Generate a private and public key
Creating your public and private keys are less complicated than you might think. SSL keys can be generated by any machine, you don’t have to register for an account anywhere or setup anything special. You simply download an application and it will generate the keys for you. It’s best to do this on your own machine rather than use an online service as you don’t know if the online service could be saving these keys.

So to create the keys you will need to download a command line SSL tool. You can find a download link here http://slproweb.com/products/Win32OpenSSL.html . Download and install this tool. In order to run it you will need to open up a command shell window (command prompt) in administrator mode if you are running windows vista or newer.

When in a command window run the following commands. You might need to give the direct path of the .exe file in order for the command to work. This will generate 2 files (rsa.private and rsa.public) in whatever folder you are currently in. It will be best to change directory to the desktop or the root of the C drive in order to get at these files quickly.

You now have a public and private key!

Step 2 – Add DNS records
The DNS record is where you are going to store the public key. When gmail gets an email from your server it will check the dns record for the domain and see if there is a key available. If there is one there is will have the public key which it can use with the private key that was send with the email.

This part of the guide will depend on where your DNS zone file is hosted. For most people godaddy will likely be the place where the zone file is hosted. If you don’t use godaddy then you will have to find out how to edit your zone file. This is a very important file, so if you dont know how to edit it you will have bigger issues than setting up domain keys.

You need to add 2 TXT records to your zone file. I wanted to create a record for a noreply email address so that my server could send out emails to users automatically and the emails would make it to the inbox folder and not the spam folder.

Add the following data to the Host and TXT fields of your zone file.

 

NOTE!! Make sure the public key is one long string with out any whitespace or line breaks. The SSL tool will generate the file with line breaks so make sure you remove them all and make it one long file.

Save these changes and in an hour or so (up to 48 hours in on a bad day) this TXT record will be live.

Step 3 – Sending the private key with an email
This part very much depends on your programming language and the email client you are using with that programming language.

So for example if you are using PHPMailer, you can setup the private DKIM key by adding the following lines to your code

So this is it, you are finished! Not so bad right? May take a while for the updates to show up since DNS zone file changes can take a while to update across the internet, but once they do you will be all set with DKIM keys correctly setup for your emails. Remember that this is only 1 method of improving the odds of your emails not ending up in a spam folder, but doesn’t guarantee it. You may also need to setup a reverse lookup in order to make yourself 100% safe.

mediawiki

When trying to upload any files i was getting an error “could not acquire lock for …”. I initially thought this was some sort of permission error since it makes sense. I tried setting the permissions for the entire images folder to 777 and made sure the ownership of the directories was correct, yet it didn’t make a difference. After a lot of googling It would seem that a common cause of the issue is SELinux.

In order to get over this problem you need to navigate to the images directory for your Mediawiki install. E.g. /var/www/html/mediawiki/images. When in this directory execute the following command.

If you are using a command line tool you should see that the highlighting of the folder has changed to a green color. Go back to Mediawiki and check the file upload again. The file should now correctly upload without any error with acquiring a lock with the lock dir.

If this solution didn’t work there are a few other things to try as the problem might not be related to SELinux.

Set permissions of the directory to 777 and make sure apache is the owner and can correctly write to this directory.
Delete the contents of the lockdir folder.

Adding the following to LoadSettings.php will hopefully dump some additional error information to use for debugging.

Apache Logo

In order to be able to use RewriteEngine to rewrite URLs you will need to have mod_rewrite installed for Apache. To Install it enter the line of code below into terminal. The following line will install for CentOS. This command may differ for different Linux distributions.

Once installed you will need to open your httpd.conf file which should be located in /etc/httpd/conf/httpd.conf. Scroll down and make sure the mod_rewrite module is uncommented. Note: There will be a # in front of the line if it is commented out. Remove the # if it is there.

The final step is to allow URLs to be rewritten in your websites directory. E.G. If your site is located in /var/www/html you will need to look for a DocumentRoot block that contains the path. This was listed twice for me so make sure you check to see there isnt a DocumentRoot entry for your path more than once.

You need to change this to

Now restart apache and you should be able to add rewrite rules to your .htaccess file.

Apache Logo

There are several ways to protect a directory from URL access but most of these will also block your website from being able to access them. Heres what you do to protect a directory from being accessed by a URL but still let your website access the contents of the directory.

Open the directory you want to protect and create a new file called “.htaccess”. Open the file and add the following line of code.

Save the file and try access the directory. You should get a forbidden error e.g. “You don’t have permission to access /images/ on this server.”. If you check your website the images should still be showing up.

You will need to add a .htaccess file to every directory that you want to protect.