In October 2017, the most popular SMTP plugin “Postman SMTP” having 100k+ active installs, was removed from the WordPress repository due to an XSS vulnerability. This news was spread like a fire in the jungle.
The removal of the plugin was not just because of the vulnerability but due to the fact that it was not updated in the last sixteen months and was not compatible up to WordPress 4.4.
Some security researchers even tried to contact the plugin’s author but they were unsuccessful. Jason Hendriks, the man behind the plugin, did an excellent job for the WordPress users but later he also was unable to maintain the plugin.
For being an active user of the plugin and WordPress developer, I decided to fork the plugin so that all the hard work done by Jason cannot go to the garbage. I have named the fork as “Post SMTP Mailer/Email Log”, you can find the entire source code on Github. You can also get it from the WordPress repository. Within a few days, the Post SMTP plugin got more than thousands of active installs.
Anyhow, let me take you to a step-by-step guide on setting up Post SMTP WordPress plugin with Gmail/Google Apps and 0Auth so that Postman SMTP users and others can set it up properly.
Let’s Start the Installation Process
Download and install Post SMTP from the (above) Github link or directly from the WordPress Dashboard.
After installing and activating the plugin, you will see a message inviting you to start to configure the plugin. Click on Settings.
This is the main screen of WordPress Post SMTP plugin. To power the plugin, I have also introduced the troubleshooting screen on the right. It can be very handy in some situations.
Click on “Start The Wizard” button, enter your email address and the name you want to appear in the email From field.
Within a few moments, the plugin will auto resolve the Gmail SMTP server. After that, click on Next button.
The wizard will run a Connectivity Test and after that, you will see the connection screen.
The wizard will automatically recommend and select: SMTP-STARTTLS with OAuth 2.0 authentication to host smtp.gmail.com on port 587, click Next.
In the Authentication screen, you will need to input two parameters: Client ID and Client Secret.
To get the Client ID and the Client Secret. Visit this URL and log in to your Gmail Account if asked.
Select Create Project and then Continue.
After a few seconds, the next screen will appear, select Go to credentials.
Skip the current screen by clicking Client ID like the image below.
In this step, you will need to name your project, press the button on the right.
Enter the Email address, fill product field and then Save.
On the Create credentials drop-down, select OAuth client ID.
Select Web application, name your app and then copy the fields. I marked from the one with the same colors from the step number 8.
Now, copy the Client ID and Client Secret from above and paste them in their respective fields on step number 8 and save.
Now from the page of Post SMTP under actions, select Grant permission with Google.
From the dialog box, select the Gmail account you want to use sending emails.
Approve the APP Name you used to send emails.
To verify you configured everything correctly, just check that your status matches this one.
The last step is to use Send a Test Email option to verify that everything is working as expected.
Enter the destination email, if everything is configured properly, you should get a report like this one.
Good luck with the process, and you are all welcome to download the Post SMTP WordPress plugin.