Skip to main content Skip to navigation
SMTP Manager v1.1.0: WordPress SMTP Plugin Update

SMTP Manager v1.1.0: WordPress SMTP Plugin Update

11 min read

SMTP Manager v1.1.0 β€” What’s New in This WordPress SMTP Plugin Update

If you use SMTP Manager by ByteCore Stack to fix WordPress email deliverability on your site, today’s v1.1.0 release is the most significant update since launch. This free WordPress SMTP plugin update delivers three new alert channels, a live Dashboard widget for WordPress email monitoring, a full admin UI overhaul, four targeted security fixes, and a critical reliability patch that was causing the SMTP health check to report false positives.

Below is a complete breakdown of every change, why it was made, and what it means for your site’s WordPress email deliverability.

⬇ Install SMTP Manager Free β€” WordPress.org

Plugin Display Name Updated

The plugin’s display name has changed from SMTP Manager by ByteCore Stack to SMTP Manager – Email Logs, Monitoring & Alerts. The new name better reflects what the plugin actually does β€” it is not just an SMTP relay, it is a full WordPress email log, monitoring, and alerting system. The plugin slug (bcs-smtp-manager), all database option keys, and your existing SMTP credentials and settings are completely unchanged. No reconfiguration needed after updating.

New SMTP Alert Channels for WordPress

One of the most requested additions: more ways to receive SMTP failure alerts in WordPress. v1.0.0 supported Slack and Microsoft Teams. v1.1.0 adds three more channels:

Alert ChannelPayload TypeBest For
Google ChatFormatted card messageTeams on Google Workspace
DiscordFormatted embed messageDev teams using Discord
SlackFormatted messageAlready supported in v1.0.0
Microsoft TeamsFormatted messageAlready supported in v1.0.0
Custom WebhookStructured JSON payloadZapier, Make, n8n, internal endpoints

The Custom Webhook channel is the most powerful addition for developers. Instead of a formatted chat message, it sends a structured JSON payload to any URL you specify. The payload includes fields like event, site_name, error_msg, consecutive_failures, and more β€” making it simple to connect WordPress SMTP failure alerts to any automation platform (Zapier, Make, n8n) or internal monitoring system, and trigger whatever follow-on action you need: SMS, PagerDuty incidents, database logging, or custom dashboards.

All webhook URLs across every channel are validated against each provider’s real domain and dispatched exclusively via wp_safe_remote_post(). This closes a security gap β€” more in the Security section below.

WordPress Dashboard Widget for Email Health Monitoring

v1.1.0 adds a new WordPress Dashboard widget for instant SMTP email monitoring without opening the plugin settings. Visible on wp-admin β†’ Dashboard, it displays:

  • Current SMTP health status β€” is your SMTP connection live right now?
  • 30-day email volume summary β€” sent, failed, and unconfirmed counts at a glance

For WordPress sites sending hundreds of WooCommerce order confirmations, password reset emails, or contact form notifications every day, this widget gives you a real-time pulse on WordPress email deliverability the moment you log in to wp-admin. If you want a deeper look at why email deliverability matters for your business, see our guide: Fix WordPress Email Deliverability the Right Way.

Admin UI Redesign

The settings interface has been rebuilt from scratch with usability and mobile access in mind. Key changes:

  • Full-width layout with a boxed/gradient header
  • Cards split into distinct header and body sections for faster scanning
  • Icon tiles on stat boxes
  • Common SMTP Providers quick-reference card β€” host, port, and encryption settings for Gmail SMTP, Outlook/Office 365, and other providers, embedded right inside the plugin
  • Full mobile and tablet responsive pass β€” dropdowns, pagination, button widths, and the tab bar all scale correctly on small screens
  • Show/hide eye icon on the SMTP password field
  • AJAX-driven Email Log filtering with a skeleton loading state β€” filtering your WordPress email logs no longer triggers a full page reload

Security Improvements in This WordPress SMTP Plugin

Four security issues present in v1.0.0 are resolved in this release.

SMTP Password Now Encrypted at Rest

In v1.0.0, the SMTP password was stored in plaintext in the WordPress wp_options table. Any user or process with database read access could retrieve it. In v1.1.0, the password is encrypted at rest. Existing installations migrate automatically on the next settings save β€” open Settings β†’ SMTP Manager, click Save, and the migration runs silently.

SSRF Vulnerability Closed on Webhook URLs

In v1.0.0, alert webhook URLs were sent without domain validation, creating a Server-Side Request Forgery (SSRF) risk: a malicious or misconfigured URL could force the server to POST to internal addresses β€” localhost, private IP ranges, or cloud metadata endpoints like 169.254.169.254. v1.1.0 validates every webhook URL against each provider’s real domain and routes all outbound requests through wp_safe_remote_post(), which respects WordPress’s built-in blocked host list.

Email Log No Longer Stores Message Bodies

The WordPress email log table in v1.0.0 was recording full email message bodies and headers β€” including potentially sensitive transactional content β€” even though the plugin UI only ever displayed delivery metadata (subject, recipient, status, error). v1.1.0 aligns the database with the UI: only delivery metadata is stored from this version onward.

Rate Limit on Manual Health Check

The Run Health Check Now button now enforces a 30-second rate limit, consistent with existing limits on test email sends and other manual actions. This prevents the button from being used to repeatedly probe an SMTP server.

Reliability: SMTP Health Check False-Positive Fix

This was the most impactful bug in v1.0.0. The automated SMTP health check could return a healthy status in three scenarios where the SMTP connection was actually broken:

  • The check received a bare EHLO response and stopped β€” without completing the STARTTLS upgrade
  • TLS encryption was configured but the server did not advertise STARTTLS support β€” the check passed anyway
  • SMTP authentication was never verified when operating over an unencrypted connection

All three paths are fixed in v1.1.0. The health check now walks through the full connection sequence β€” STARTTLS negotiation, encryption confirmation, and authentication β€” before reporting a server as healthy. If you saw a green SMTP health status in v1.0.0 while WordPress was not sending emails correctly, this is the most likely cause. For a full walkthrough, read: Fix WordPress Email Deliverability with SMTP Manager.

Per-Recipient Delivery Reporting

Scheduled and manual WordPress email delivery reports previously returned a single pass/fail flag for the entire batch. v1.1.0 reports exactly which individual recipients succeeded and which failed β€” making it much easier to diagnose delivery problems on multi-recipient sends like WooCommerce order notifications CC’d to staff.

Performance Improvements for WordPress Email Logs

Two targeted database and export improvements for sites with large email log tables:

  • Composite database index on (status, sent_at) β€” the most common WordPress email log filter combination (status + date range) is now backed by a dedicated index. Filtering large log tables is substantially faster.
  • CSV export capped at 50,000 rows β€” prevents PHP memory exhaustion on high-volume sites during bulk exports.

WordPress and PHP Compatibility

The declared minimum WordPress version has been corrected from 5.0 to 5.3. The plugin was already using wp_timezone_string() and wp_date() β€” both introduced in WordPress 5.3 β€” but had declared a 5.0 minimum, meaning installs on WordPress 5.0–5.2 would encounter fatal errors. The declared minimum now matches the actual requirement. For the full picture of what changed in recent WordPress versions, see: WordPress 7.0 Armstrong: All New Features Explained.

Accessibility and Translation (i18n) Improvements

  • Screen reader support β€” AJAX status messages now use role="status" aria-live="polite" so assistive technologies announce results without a page reload.
  • Translation-ready strings β€” v1.0.0 declared a text domain but only wrapped approximately 2 out of hundreds of user-facing strings. v1.1.0 wraps nearly every string, making the plugin fully localizable for the first time.

Complete v1.1.0 Changelog

AreaChange
BrandingRenamed to “SMTP Manager – Email Logs, Monitoring & Alerts” (display name only)
AlertsAdded Google Chat webhook alert channel
AlertsAdded Discord webhook alert channel
AlertsAdded Custom Webhook channel β€” structured JSON for Zapier / Make / n8n
AlertsAll webhook URLs validated against provider domain; sent via wp_safe_remote_post()
DashboardNew Dashboard widget: SMTP health + 30-day email volume summary
UIFull admin UI redesign β€” full-width layout, cards, icon tiles
UICommon SMTP Providers quick-reference card added
UIFull mobile and tablet responsive pass
UIPassword field show/hide toggle
UIAJAX Email Log filtering with skeleton loader
SecuritySMTP password encrypted at rest; auto-migrates on next settings save
SecuritySSRF vector closed on webhook URLs via domain validation + wp_safe_remote_post()
SecurityEmail Log no longer stores message bodies or headers
Security30-second rate limit on Run Health Check Now
ReliabilityFixed SMTP health check false-positives (STARTTLS, TLS negotiation, auth over plaintext)
ReliabilityPer-recipient success/failure in email delivery reports
PerformanceComposite DB index on (status, sent_at) in Email Log table
PerformanceCSV export capped at 50,000 rows
CompatibilityMinimum WordPress version corrected from 5.0 to 5.3
AccessibilityAJAX messages use role=”status” aria-live=”polite”
i18nNearly all user-facing strings now wrapped for translation

How to Update SMTP Manager on Your WordPress Site

Go to Dashboard β†’ Updates in your WordPress admin and update SMTP Manager. Your SMTP credentials, email logs, alert configuration, and all settings are preserved. After updating, visit Settings β†’ SMTP Manager and click Save Settings once β€” this triggers the automatic SMTP password encryption migration. No other action required.

Frequently Asked Questions

Will updating to v1.1.0 affect my WordPress email deliverability or break existing settings?

No. All SMTP settings, email logs, and alert configurations are preserved. The plugin slug, database keys, and option values are unchanged. The only migration is SMTP password encryption, which runs automatically on the next settings save β€” your emails continue sending without interruption throughout the update.

Does SMTP Manager work with Gmail SMTP and Outlook/Office 365 for WordPress?

Yes. For Gmail, use a Gmail App Password (required since Google deprecated plain passwords for third-party SMTP clients). For Outlook/Office 365, use smtp.office365.com, port 587, encryption TLS. The new Common SMTP Providers quick-reference card in v1.1.0 lists these settings directly inside the plugin admin panel.

Why was WordPress showing SMTP as healthy when emails were actually failing?

This was a bug in the v1.0.0 SMTP health check. It opened a TCP connection and read the server’s EHLO response, but did not complete the STARTTLS handshake or verify authentication. A server could respond to EHLO successfully while being completely unable to authenticate and send email. v1.1.0 walks through the full connection sequence before marking a server healthy.

Does this WordPress SMTP plugin work with WooCommerce emails and Contact Form 7?

Yes. SMTP Manager hooks into WordPress’s native wp_mail() function, so any plugin that sends email through the standard WordPress mail system β€” WooCommerce, Contact Form 7, WPForms, Gravity Forms, and others β€” automatically routes through your SMTP settings and appears in the WordPress email log.

What can I do with the Custom Webhook SMTP alert channel?

The Custom Webhook channel POSTs a structured JSON payload to any URL you provide when consecutive SMTP failures are detected. Use it with Zapier or Make to send SMS alerts, create PagerDuty incidents, log failures to a database, or notify a channel not in the built-in list. The payload includes event, site_name, error_msg, consecutive_failures, and related metadata.

How does SMTP Manager compare to WP Mail SMTP and Post SMTP for WordPress?

SMTP Manager focuses on three things WP Mail SMTP and Post SMTP either gate behind paid plans or don’t offer: built-in SMTP health monitoring via WP-Cron (TCP-only, no email sent), multi-channel failure alerts including a fully open Custom Webhook, and a 100% free plugin with no upsell tier. Read our full breakdown: SMTP Manager vs WP Mail SMTP vs Easy WP SMTP β€” Which Plugin Fixes WordPress Email?

Is SMTP Manager free? Are there any paid plans?

Yes, completely free. SMTP Manager is available on WordPress.org with no premium tier, no feature gating, and no subscription. All features β€” email logs, SMTP health monitoring, multi-channel alerts, CSV export, and scheduled delivery reports β€” are included at no cost.

Install the Best Free WordPress SMTP Plugin Today

SMTP Manager v1.1.0 is available now on WordPress.org. Install it directly from your WordPress dashboard by searching SMTP Manager ByteCore under Plugins β†’ Add New, or use the buttons below.

Questions or issues? Open a thread in the WordPress.org support forum for SMTP Manager.


More Free WordPress Plugins from ByteCore Stack

Leave a Reply