Allow single account PHP direct email relaying

[aralis]

Hello, I'm writing this post as a last resource as I truely cannot figure out my next move.

My goal is to use the PHP swiftmailer class to send email through AWS SES on a single account on my WHM server, it has been working fine before on port 2587 with TLS encryption but a recently cpanel update seems to have blocked this (as it rightly should from a security perspective).

I have tried disabling both options in WHM:

Server Settings -> Tweak Settings ->
Prevent “nobody” from sending mail [?] = off
Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak) [?] = off​

The script works if executed as root, but does not work if executed by the account:

[root:fire] /home/dawn777/public_html/old/automation/include # php -f swtest.php 
Message send results: 1

[email protected] [~/public_html/old/automation/include]# php -f swtest.php 

Fatal error: Uncaught exception 'Swift_TransportException' with message 'Connection could not be established with host email-smtp.us-west-2.amazonaws.com [Connection refused #111]' in /home/dawn777/public_html/old/automation/include/swift/lib/classes/Swift/Transport/StreamBuffer.php:266
Stack trace:
#0 /home/dawn777/public_html/old/automation/include/swift/lib/classes/Swift/Transport/StreamBuffer.php(64): Swift_Transport_StreamBuffer->_establishSocketConnection()
#1 /home/dawn777/public_html/old/automation/include/swift/lib/classes/Swift/Transport/AbstractSmtpTransport.php(115): Swift_Transport_StreamBuffer->initialize(Array)
#2 /home/dawn777/public_html/old/automation/include/swift/lib/classes/Swift/Mailer.php(80): Swift_Transport_AbstractSmtpTransport->start()
#3 /home/dawn777/public_html/old/automation/include/swtest.php(34): Swift_Mailer->send(Object(Swift_Message))
#4 {main}
  thrown in /home/dawn777/public_html/old/automation/include/swift/lib/classes/Swift/Transport/StreamBuffer.php on line 266

Here is the script:

<?
$SMTPhost   = "email-smtp.us-west-2.amazonaws.com";
$SMTPuser   = "foo";
$SMTPpass   = "bar";
$SMTPport   = '2587';
$SMTPenc    = 'tls';


  // echo stream_get_transports();

  require_once 'swift/lib/swift_required.php';

  // Create the Transport
  $transport = Swift_SmtpTransport::newInstance($SMTPhost, $SMTPport, $SMTPenc)
    ->setUsername($SMTPuser)
    ->setPassword($SMTPpass)
    ;

 // Create the Mailer using your created Transport
  $mailer = Swift_Mailer::newInstance($transport);

  // Create a message
  $message = Swift_Message::newInstance('Wonderful Subject')
    ->setFrom('[email protected]')
    ->setTo(array('[email protected]'))
    ->setBody('Here is the message itself')
    ;

  // Send the message
  $result = $mailer->send($message);
  echo "Message send results: $result";


?>

 

[cPanelMichael]

Hello

Could you let us know which version of PHP is installed on this system? Have you reported the issue to the developers of the script?

Thank you.

 

[aralis]

PHP Version 5.3.27
You can see full details here:
- Removed -

I have not reached out to the script provider as I have tried this same script on several different non-cpanel systems and it works fine. I will also not that in the past, it would not work on the cPanel system on standard SMTP ports with TLS or SSL encryption. The only way that I was able to get it working was to use the one nonstandard port that Amazon allows which is 2587. That solution was fine until cPanel patched it.

 

[aralis]

Okay you can disregard. I was unable to resolve the issue but I did find a workaround which is probably the appropriate way to do it in the first place.

For reference for anyone with a similar issue, I added the following to the Exim config (through WHM I might add) to make the system MTA (exim) be in charge of the connection SES and I am using the swift class to pass the email along to the MTA.

!ROUTERS
send_via_ses:
driver = manualroute
domains = ! +local_domains
senders = [email protected]
transport = ses_smtp
route_list = * email-smtp.us-west-2.amazonaws.com;

!TRANSPORT BEGIN
ses_smtp:
driver = smtp
port = 587
hosts_require_auth = $host_address
hosts_require_tls = $host_address


!AUTHENTICATION
ses_login:
driver = plaintext
public_name = LOGIN
client_send = : USERNAME : PASSWORD

 

[cPanelMichael]

I am happy to see you were able to address the issue. Thank you for updating us with the outcome.