Swift Mailer Update - Speaker Deck

Slide 1

Slide 1 text

Swift Mailer Update PHP Conference Kansai 2016 @suzuki

Slide 2

Slide 2 text

About me

Slide 3

Slide 3 text

Twitter: @suzuki GitHub: @suzuki

Slide 4

Slide 4 text

PHP Conference Kansai 2015 https://speakerdeck.com/suzuki/guzzle-promisewoshi-tuta-fei-tong-qi-chu-li-niyoruapikorufalsegao-su-hua

Slide 5

Slide 5 text

Require PHP

Slide 6

Slide 6 text

PHP Conference Kansai 2014 https://speakerdeck.com/suzuki/swift-mailer-the-missing-manual-and-more

Slide 7

Slide 7 text

Swift Mailer

Slide 8

Slide 8 text

Swift Mailer http://swiftmailer.org/

Slide 9

Slide 9 text

Swift Mailer https://github.com/swiftmailer/swiftmailer

Slide 10

Slide 10 text

Update

Slide 11

Slide 11 text

BETWEEN '2014-06-28' AND now()

Slide 12

Slide 12 text

Between v5.2.1 and v5.4.3 https://github.com/swiftmailer/swiftmailer/releases

Slide 13

Slide 13 text

v5.2.1 (2014-06-13) * SECURITY FIX: fixed CLI escaping when using sendmail as a transport Prior to 5.2.1, the sendmail transport (Swift_Transport_SendmailTransport) was vulnerable to an arbitrary shell execution if the "From" header came from a non-trusted source and no "Return-Path" is configured. * fixed parameter in DKIMSigner * fixed compatibility with PHP < 5.4

Slide 14

Slide 14 text

v5.2.2 (2014-09-20) * fixed Japanese support * fixed the memory spool when the message changes when in the pool * added support for cloning messages * fixed PHP warning in the redirect plugin * changed the way to and cc-ed email are sent to only use one transaction

Slide 15

Slide 15 text

v5.3.0 (2014-10-04) * ﬁxed cloning when using signers * reverted removal of Swift_Encoding * drop support for PHP 5.2.x

Slide 16

Slide 16 text

v5.3.1 (2014-12-05) * ﬁxed cloning of messages with attachments

Slide 17

Slide 17 text

v5.4.0 (2015-03-14) * added the possibility to add extra certs to PKCS#7 signature * fix base64 encoding with streams * added a new RESULT_SPOOLED status for SpoolTransport * fixed getBody() on attachments when called more than once * removed dots from generated filenames in filespool

Slide 18

Slide 18 text

v5.4.1 (2015-06-06) * made Swiftmailer exceptions conﬁrm to PHP base exception constructor signature * ﬁxed MAIL FROM & RCPT TO headers to be RFC compliant

Slide 19

Slide 19 text

v5.4.2 (2016-05-01): part 1 * fixed support for IPv6 sockets * added auto-retry when sending messages from the memory spool * fixed consecutive read calls in Swift_ByteStream_FileByteStream * added support for iso-8859-15 encoding * fixed PHP mail extra params on missing reversePath

Slide 20

Slide 20 text

v5.4.2 (2016-05-01): part 2 * added methods to set custom stream context options * fixed charset changes in QpContentEncoderProxy * added return-path header to the ignoredHeaders list of DKIMSigner * fixed crlf for subject using mail * fixed add soft line break only when necessary * fixed escaping command-line args to Sendmail

Slide 21

Slide 21 text

v5.4.3 (2016-07-08) * fixed SimpleHeaderSet::has()/get() when the 0 index is removed * removed the need to have mcrypt installed * fixed broken MIME header encoding with quotes/colons and non-ascii chars * allowed mail transport send for messages without To header * fixed PHP 7 support

Slide 22

Slide 22 text

New Features

Slide 23

Slide 23 text

added the possibility to add extra certs to PKCS#7 signature (v5.4.0) • Possible to add intermediate Certs when S/MIME sending. • https://github.com/swiftmailer/swiftmailer/pull/561

Slide 24

Slide 24 text

added support for iso-8859-15 encoding (v5.4.2) • Possible to send mail encoded ISO-8859-15 • 8-bit single-byte coded graphic character sets — Part 15:  Latin alphabet No. 9 • https://github.com/swiftmailer/swiftmailer/pull/712

Slide 25

Slide 25 text

Fixed

Slide 26

Slide 26 text

SECURITY FIX: ﬁxed CLI escaping when using sendmail as a transport (v5.2.1) • Remote code execution when using sendmail • Lack of escapeshellarg() • https://github.com/swiftmailer/swiftmailer/pull/626

Slide 27

Slide 27 text

ﬁxed Japanese support (v5.2.2) • Mail was broken when it was encode by ISO-2022-JP • mb_convert_encoding() • From v5.2.1 • https://github.com/swiftmailer/swiftmailer/pull/475

Slide 28

Slide 28 text

ﬁxed MAIL FROM & RCPT TO headers to be RFC compliant (v5.4.1) • Remove unnecessary white spaces from SMTP request • NG: MAIL FROM:   OK: MAIL FROM: • https://github.com/swiftmailer/swiftmailer/pull/596

Slide 29

Slide 29 text

ﬁxed broken MIME header encoding with quotes/colons and non-ascii chars • MIME header was broken when using special chars such as ":", "[", "@", etc or non-ascii chars such as "Ö", "Ä", "Ü" etc. • https://github.com/swiftmailer/swiftmailer/pull/774

Slide 30

Slide 30 text

Supported PHP

Slide 31

Slide 31 text

%SPQ1)1 4VQQPSU1)1Y 4VQQPSU))7. https://github.com/swiftmailer/swiftmailer/blob/5.x/.travis.yml

Slide 32

Slide 32 text

8IBUJTNBJMDBUDIFS

Slide 33

Slide 33 text

MailCatcher

Slide 34

Slide 34 text

MailCatcher https://mailcatcher.me/

Slide 35

Slide 35 text

Install % ruby --version  ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-darwin15] % gem install mailcatcher  [snip]  17 gems installed

Slide 36

Slide 36 text

Execute % mailcatcher  Starting MailCatcher  ==> smtp://127.0.0.1:1025  ==> http://127.0.0.1:1080  *** MailCatcher runs as a daemon by default.  Go to the web interface to quit.

Slide 37

Slide 37 text

http://127.0.0.1:1080

Slide 38

Slide 38 text

HELO localhost % telnet localhost 1025  Trying 127.0.0.1...  Connected to localhost.  Escape character is '^]'.  220 EventMachine SMTP Server  HELO localhost  250 Ok EventMachine SMTP Server  MAIL FROM:  250 Ok  RCPT TO:  250 Ok DATA  354 Send it  To:   From:   Subject: Hello mailcatcher    Hi, MailCatcher.  .  250 Message accepted  QUIT

Slide 39

Slide 39 text

http://127.0.0.1:1080

Slide 40

Slide 40 text

http://127.0.0.1:1080

Slide 41

Slide 41 text

MailCatcher API

Slide 42

Slide 42 text

API: /messages [ { "id": 1, "sender": "", "recipients": [ "" ], "subject": "Hello mailcatcher", "size": "102", "created_at": "2016-07-07T23:18:27.000+00:00" } ] % curl -s localhost:1080/messages | jq

Slide 43

Slide 43 text

API: /messages/:id.json { "id": 1, "sender": "", "recipients": [ "" ], "subject": "Hello mailcatcher", "source": "To: \r\nFrom: \r\nSubject: Hello mailcatcher\r\n\r\nHi, MailCatcher.\r\n", "size": "102", "type": "text/plain", "created_at": "2016-07-07T23:18:27.000+00:00", "formats": [ "source", "plain" ], "attachments": [] } % curl -s localhost:1080/messages/1.json | jq

Slide 44

Slide 44 text

API: /messages/:id.plain Hi, MailCatcher. % curl -s localhost:1080/messages/1.plain

Slide 45

Slide 45 text

API: /messages/:id.html 404 Not Found % curl -s localhost:1080/messages/1.html

Slide 46

Slide 46 text

API: /messages/:id.source To: From: Subject: Hello mailcatcher Hi, MailCatcher. % curl -s localhost:1080/messages/1.source

Slide 47

Slide 47 text

Conclusion

Slide 48

Slide 48 text

Use MailCatcher Use Ruby

Slide 49

Slide 49 text

No content

Slide 50

Slide 50 text

MailCatcherTestCase

Slide 51

Slide 51 text

MailCatcherTestCase use PHPUnit\Framework\TestCase; class MailCatcherTestCase extends TestCase {   }

Slide 52

Slide 52 text

Assertions • assertMailCount • assertMailSubject • assertMailPlainBodyContains • assertMailHtmlBodyContains • assertMailPlainBodyEmpty • assertMailHtmlBodyEmpty

Slide 53

Slide 53 text

Sample TestCase use Suzuki\PHPUnit\MailCatcherTestCase; class SendMailTest extends MailCatcherTestCase { public function testSend() { $sendMail = new SendMail(); // Send plain text mail $sendMail->send(); $sendMail->send(); $this->assertMailCount(2); $this->assertMailSubject('This is a test mail'); $this->assertMailPlainBodyContains('Hi, it is test'); $this->assertMailHtmlBodyEmpty(); } }

Slide 54

Slide 54 text

phpunit-mailcatcher https://github.com/suzuki/phpunit-mailcatcher

Slide 55

Slide 55 text

phpunit-mailcatcher-samples https://github.com/suzuki/phpunit-mailcatcher-samples

Slide 56

Slide 56 text

2nd Conclusion

Slide 57

Slide 57 text

Use MailCatcherTestCase

Slide 58

Slide 58 text

No content

Slide 59

Slide 59 text

Thank you

Slide 60

Slide 60 text

We are hiring ! https://www.mercari.com/jp/jobs/

Slide 61

Slide 61 text

Another solution

Slide 62

Slide 62 text

Mailback http://mailback.me/

Slide 63

Slide 63 text

Appendix

Slide 64

Slide 64 text

References • Swift Mailer  http://swiftmailer.org/  https://github.com/swiftmailer/swiftmailer • MailCatcher  https://mailcatcher.me/  https://github.com/sj26/mailcatcher • Mailback  http://mailback.me/  http://k1low.hatenablog.com/entry/2015/08/03/212132

Slide 65

Slide 65 text

References • MailCatcherTestCase  https://github.com/suzuki/phpunit-mailcatcher • MailCatcherTestCase Samples  https://github.com/suzuki/phpunit-mailcatcher-samples