Swift Mailer Update

Transcript

1. Swift Mailer Update PHP Conference Kansai 2016 @suzuki

2. About me

3. Twitter: @suzuki GitHub: @suzuki

4. PHP Conference Kansai 2015 https://speakerdeck.com/suzuki/guzzle-promisewoshi-tuta-fei-tong-qi-chu-li-niyoruapikorufalsegao-su-hua

5. Require PHP

6. PHP Conference Kansai 2014 https://speakerdeck.com/suzuki/swift-mailer-the-missing-manual-and-more

7. Swift Mailer

8. Swift Mailer http://swiftmailer.org/

9. Swift Mailer https://github.com/swiftmailer/swiftmailer

10. Update

11. BETWEEN '2014-06-28' AND now()

12. Between v5.2.1 and v5.4.3 https://github.com/swiftmailer/swiftmailer/releases

13. v5.2.1 (2014-06-13) * SECURITY FIX: fixed CLI escaping when using

    sendmail as a transport Prior to 5.2.1, the sendmail transport (Swift_Transport_SendmailTransport) was vulnerable to an arbitrary shell execution if the "From" header came from a non-trusted source and no "Return-Path" is configured. * fixed parameter in DKIMSigner * fixed compatibility with PHP < 5.4

14. v5.2.2 (2014-09-20) * fixed Japanese support * fixed the memory

    spool when the message changes when in the pool * added support for cloning messages * fixed PHP warning in the redirect plugin * changed the way to and cc-ed email are sent to only use one transaction

15. v5.3.0 (2014-10-04) * fixed cloning when using signers * reverted

    removal of Swift_Encoding * drop support for PHP 5.2.x

16. v5.3.1 (2014-12-05) * fixed cloning of messages with attachments

17. v5.4.0 (2015-03-14) * added the possibility to add extra certs

    to PKCS#7 signature * fix base64 encoding with streams * added a new RESULT_SPOOLED status for SpoolTransport * fixed getBody() on attachments when called more than once * removed dots from generated filenames in filespool

18. v5.4.1 (2015-06-06) * made Swiftmailer exceptions confirm to PHP base

    exception constructor signature * fixed MAIL FROM & RCPT TO headers to be RFC compliant

19. v5.4.2 (2016-05-01): part 1 * fixed support for IPv6 sockets

    * added auto-retry when sending messages from the memory spool * fixed consecutive read calls in Swift_ByteStream_FileByteStream * added support for iso-8859-15 encoding * fixed PHP mail extra params on missing reversePath

20. v5.4.2 (2016-05-01): part 2 * added methods to set custom

    stream context options * fixed charset changes in QpContentEncoderProxy * added return-path header to the ignoredHeaders list of DKIMSigner * fixed crlf for subject using mail * fixed add soft line break only when necessary * fixed escaping command-line args to Sendmail

21. v5.4.3 (2016-07-08) * fixed SimpleHeaderSet::has()/get() when the 0 index is

    removed * removed the need to have mcrypt installed * fixed broken MIME header encoding with quotes/colons and non-ascii chars * allowed mail transport send for messages without To header * fixed PHP 7 support

22. New Features

23. added the possibility to add extra certs to PKCS#7 signature

    (v5.4.0) • Possible to add intermediate Certs when S/MIME sending. • https://github.com/swiftmailer/swiftmailer/pull/561

24. added support for iso-8859-15 encoding (v5.4.2) • Possible to send

    mail encoded ISO-8859-15 • 8-bit single-byte coded graphic character sets — Part 15:
 Latin alphabet No. 9 • https://github.com/swiftmailer/swiftmailer/pull/712

25. Fixed

26. SECURITY FIX: fixed CLI escaping when using sendmail as a

    transport (v5.2.1) • Remote code execution when using sendmail • Lack of escapeshellarg() • https://github.com/swiftmailer/swiftmailer/pull/626

27. fixed Japanese support (v5.2.2) • Mail was broken when it

    was encode by ISO-2022-JP • mb_convert_encoding() • From v5.2.1 • https://github.com/swiftmailer/swiftmailer/pull/475

28. fixed MAIL FROM & RCPT TO headers to be RFC

    compliant (v5.4.1) • Remove unnecessary white spaces from SMTP request • NG: MAIL FROM: <[email protected]>
 OK: MAIL FROM:<[email protected]> • https://github.com/swiftmailer/swiftmailer/pull/596

29. fixed broken MIME header encoding with quotes/colons and non-ascii chars

    • MIME header was broken when using special chars such as ":", "[", "@", etc or non-ascii chars such as "Ö", "Ä", "Ü" etc. • https://github.com/swiftmailer/swiftmailer/pull/774

30. Supported PHP

31. %SPQ
    1)1
     4VQQPSU
    1)1
    Y 4VQQPSU
    ))7.
    https://github.com/swiftmailer/swiftmailer/blob/5.x/.travis.yml

32. 8IBU
    JT
    NBJMDBUDIFS
    

33. MailCatcher

34. MailCatcher https://mailcatcher.me/

35. Install % ruby --version
 ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-darwin15]

    % gem install mailcatcher
 [snip]
 17 gems installed

36. Execute % mailcatcher
 Starting MailCatcher
 ==> smtp://127.0.0.1:1025
 ==> http://127.0.0.1:1080
 ***

    MailCatcher runs as a daemon by default.
 Go to the web interface to quit.

37. http://127.0.0.1:1080

38. HELO localhost % telnet localhost 1025
 Trying 127.0.0.1...
 Connected to

    localhost.
 Escape character is '^]'.
 220 EventMachine SMTP Server
 HELO localhost
 250 Ok EventMachine SMTP Server
 MAIL FROM:<[email protected]>
 250 Ok
 RCPT TO:<[email protected]>
 250 Ok DATA
 354 Send it
 To: <[email protected]>
 From: <[email protected]>
 Subject: Hello mailcatcher
 
 Hi, MailCatcher.
 .
 250 Message accepted
 QUIT

39. http://127.0.0.1:1080

40. http://127.0.0.1:1080

41. MailCatcher API

42. API: /messages [ { "id": 1, "sender": "<[email protected]>", "recipients": [

    "<[email protected]>" ], "subject": "Hello mailcatcher", "size": "102", "created_at": "2016-07-07T23:18:27.000+00:00" } ] % curl -s localhost:1080/messages | jq

43. API: /messages/:id.json { "id": 1, "sender": "<[email protected]>", "recipients": [ "<[email protected]>"

    ], "subject": "Hello mailcatcher", "source": "To: <[email protected]>\r\nFrom: <[email protected]>\r\nSubject: Hello mailcatcher\r\n\r\nHi, MailCatcher.\r\n", "size": "102", "type": "text/plain", "created_at": "2016-07-07T23:18:27.000+00:00", "formats": [ "source", "plain" ], "attachments": [] } % curl -s localhost:1080/messages/1.json | jq

44. API: /messages/:id.plain Hi, MailCatcher. % curl -s localhost:1080/messages/1.plain

45. API: /messages/:id.html 404 Not Found % curl -s localhost:1080/messages/1.html

46. API: /messages/:id.source To: <[email protected]> From: <[email protected]> Subject: Hello mailcatcher Hi,

    MailCatcher. % curl -s localhost:1080/messages/1.source

47. Conclusion

48. Use MailCatcher Use Ruby

49. None

50. MailCatcherTestCase

51. MailCatcherTestCase use PHPUnit\Framework\TestCase; class MailCatcherTestCase extends TestCase { 
 }

52. Assertions • assertMailCount • assertMailSubject • assertMailPlainBodyContains • assertMailHtmlBodyContains •

    assertMailPlainBodyEmpty • assertMailHtmlBodyEmpty

53. Sample TestCase use Suzuki\PHPUnit\MailCatcherTestCase; class SendMailTest extends MailCatcherTestCase { public

    function testSend() { $sendMail = new SendMail(); // Send plain text mail $sendMail->send(); $sendMail->send(); $this->assertMailCount(2); $this->assertMailSubject('This is a test mail'); $this->assertMailPlainBodyContains('Hi, it is test'); $this->assertMailHtmlBodyEmpty(); } }

54. phpunit-mailcatcher https://github.com/suzuki/phpunit-mailcatcher

55. phpunit-mailcatcher-samples https://github.com/suzuki/phpunit-mailcatcher-samples

56. 2nd Conclusion

57. Use MailCatcherTestCase

58. None

59. Thank you

60. We are hiring ! https://www.mercari.com/jp/jobs/

61. Another solution

62. Mailback http://mailback.me/

63. Appendix

64. References • Swift Mailer
 http://swiftmailer.org/
 https://github.com/swiftmailer/swiftmailer • MailCatcher
 https://mailcatcher.me/
 https://github.com/sj26/mailcatcher

    • Mailback
 http://mailback.me/
 http://k1low.hatenablog.com/entry/2015/08/03/212132

65. References • MailCatcherTestCase
 https://github.com/suzuki/phpunit-mailcatcher • MailCatcherTestCase Samples
 https://github.com/suzuki/phpunit-mailcatcher-samples