Get Aegisify Core today!

Free 30-Day Challenge

We’re offering a 30 day challenge!

  • Aegisify Core – SMTP Settings (Aegisify Email Settings)

What this page does (how it works)

The Aegisify SMTP Settings page controls how WordPress sends outbound email when Aegisify SMTP is enabled. When enabled, Aegisify routes WordPress email through an SMTP provider (instead of the server’s default mail function), which typically improves deliverability, supports authenticated sending, and provides clearer troubleshooting via connection testing.

In practical terms, once SMTP is enabled, any email WordPress sends (password resets, WooCommerce order emails, form notifications, plugin alerts, etc.) is sent using the SMTP Host/Port/Encryption/Auth configuration from this page (or from secure wp-config.php overrides, if defined). Aegisify also provides built-in Diagnostics tools to verify the SMTP connection and send a test email.

Default behavior (out-of-the-box)

If you do nothing on this page:

  • SMTP is disabled by default (WordPress uses the server’s default email mechanism).

  • Aegisify displays example-ready settings commonly used for SMTP providers.

  • In the example configuration shown in your UI:

    • Provider: Amazon SES (SMTP)

    • SMTP Host: email-smtp.us-east-1.amazonaws.com

    • SMTP Port: 587

    • Encryption: TLS (STARTTLS)

    • Authentication: Enabled

    • From Email / Reply-To: ********************

    • From Name: Aegisify Support

Note: Your actual effective defaults can be influenced by existing saved settings and/or wp-config.php overrides.

Before you configure SMTP (prerequisites)

Make sure you have the following from your email provider:

  1. SMTP Hostname (example: email-smtp.us-east-1.amazonaws.com)

  2. SMTP Port (commonly 587 for STARTTLS, 465 for SSL/TLS, 25 sometimes but often blocked)

  3. Encryption method required by the provider (TLS/STARTTLS or SSL/TLS)

  4. SMTP Username / Password

    • For Amazon SES, these are SMTP credentials (not AWS console login credentials).

  5. (Recommended) A verified sender identity:

    • Verified domain/email, correct SPF/DKIM/DMARC where applicable.

Step-by-step configuration (recommended workflow)

Step 1 — Enable SMTP

  1. Go to WordPress Admin → Aegisify → SMTP Settings

  2. Turn on Enable SMTP

  3. Confirm/enable the option Send all WordPress emails via SMTP

    • This ensures WordPress email is routed through your SMTP configuration.

Step 2 — Select your Provider preset (optional convenience)

  1. In Provider, choose your SMTP provider preset (example shown: Amazon SES (SMTP)).

  2. Provider presets are typically used to pre-fill or suggest correct Host/Port/Encryption values.

If your provider isn’t listed, you can still configure SMTP manually by entering Host/Port/Encryption/Authentication settings directly.

Step 3 — Enter Host and Port

  1. SMTP Host: Enter the provider hostname.

  2. SMTP Port: Enter the port required by your provider.

Step 4 — Choose Encryption

  1. Select the encryption method that matches your provider:

    • TLS (STARTTLS) is commonly used with port 587.

    • Some providers use SSL/TLS on port 465.

Step 5 — Configure Authentication

  1. Enable Use SMTP authentication if your provider requires login (most do).

  2. Enter:

    • Username

    • Password

Security recommendation: Use wp-config.php overrides for secrets (passwords) instead of storing them in the database (details below).

Step 6 — Set From / Reply-To identity

  1. From Email: The email address that appears as the sender.

  2. From Name: The display name recipients will see.

  3. Reply-To: Where replies should go (can match From Email or be different).

Best practice: Use an address on a domain you control (and have verified with your provider), e.g., **********************.

Step 7 — Save Settings

Click Save Settings.

Step 8 — Verify with Diagnostics

  1. Click Test Connection to validate SMTP connectivity and authentication.

  2. Click Send Test Email to send a real message.

    • The test email is sent to the WordPress Admin Email.

    • If you use Amazon SES in Sandbox, the recipient address must be verified in SES (as noted on the page).

  • Field-by-field reference (every setting explained)

Enable SMTP

The Enable SMTP setting functions as the master control for outbound email routing within Aegisify Core. When enabled, Aegisify intercepts WordPress mail operations and routes them through the configured SMTP transport defined on this page or via secure wp-config.php overrides. This replaces WordPress’s default PHP mail transport, which is often unreliable in modern hosting environments due to firewall restrictions, lack of authentication, or IP reputation issues. When disabled, WordPress reverts to its native mail handling mechanism without using the defined SMTP credentials. By default, this setting is disabled, ensuring no change to mail behavior until an administrator explicitly enables it.

Send All WordPress Emails via SMTP

The Send all WordPress emails via SMTP option ensures that SMTP routing is applied globally to all outbound email generated through WordPress core functions. When enabled, any email triggered by WordPress core notifications, password resets, WooCommerce transactional emails, plugin alerts, system notifications, or custom theme messages will be transmitted using the defined SMTP transport. This setting enforces consistency, authentication, and improved deliverability across the entire WordPress application layer. In professional environments, this option should remain enabled once SMTP is activated to prevent fragmented email behavior. In your current configuration, this option is enabled.

Provider

The Provider selector serves as a configuration accelerator rather than a hard dependency. It offers predefined templates or recommended values for common SMTP services such as Amazon SES, reducing the risk of configuration errors. Selecting a provider typically pre-fills or suggests appropriate SMTP hostnames, ports, and encryption standards aligned with that service’s best practices. In your example configuration, Amazon SES (SMTP) is selected, which corresponds with AWS SES regional SMTP endpoints and TLS requirements. While administrators may override all values manually, using the provider preset ensures alignment with the provider’s documented standards. The default shown in your interface is Amazon SES (SMTP).

SMTP Host

The SMTP Host field defines the fully qualified domain name of the SMTP relay server responsible for processing outbound mail. This value must correspond exactly to the provider’s designated SMTP endpoint. In your example, the host is email-smtp.us-east-1.amazonaws.com, which corresponds to the Amazon SES SMTP endpoint for the US East (N. Virginia) region. The hostname must match the geographic region in which the SMTP credentials were generated. Incorrect regional endpoints are a common cause of authentication or connectivity failures. The value shown in your UI is a provider example and should be adjusted to reflect the actual provider and region in production deployments.

SMTP Port

The SMTP Port determines the network port through which the WordPress application establishes a connection to the SMTP relay server. The most widely recommended configuration is port 587 with TLS (STARTTLS), as it supports encrypted communication while maintaining compatibility with most hosting environments. Port 465 is typically used for implicit SSL/TLS encryption, and port 25 although historically common is frequently blocked or throttled by hosting providers due to abuse prevention policies. In your current configuration, port 587 is defined, which aligns with modern SMTP standards and Amazon SES recommendations. Selecting a port incompatible with the chosen encryption method is a leading cause of connection failures.

Encryption

The Encryption setting governs the security protocol used to encrypt the SMTP session between WordPress and the email provider. In your configuration, TLS (STARTTLS) is selected, which initiates an encrypted session after establishing the SMTP connection. This is the recommended configuration for most providers, particularly when using port 587. Encryption ensures that authentication credentials and message content are not transmitted in plaintext across networks. Administrators must ensure that the selected encryption method aligns precisely with the SMTP port and provider requirements. A mismatch between encryption type and port is one of the most common configuration errors in SMTP deployments.

Authentication (Use SMTP Authentication)

The Use SMTP authentication setting determines whether the SMTP connection requires credential-based authentication. In modern email infrastructure, authenticated SMTP is standard practice and required by nearly all reputable providers. When enabled, Aegisify transmits the configured username and password during the SMTP handshake process to validate sending authorization. This prevents unauthorized relay and ensures outbound messages are associated with a verified account. In your interface, authentication is enabled, which is the recommended configuration. Disabling authentication should only occur in rare enterprise scenarios involving trusted internal relay servers explicitly configured for unauthenticated access.

Username

The Username field contains the provider-issued SMTP credential used during authentication. This is not a general account login but a specific SMTP authentication identity. For Amazon SES, this value is the SES-generated SMTP username, which is distinct from the AWS console login or IAM user credentials. The field remains blank until explicitly entered by the administrator. It must correspond exactly to the credential generated within the provider’s SMTP configuration interface. Incorrect usernames will result in immediate authentication failures during connection testing.

Password

The Password field stores the provider-issued SMTP authentication secret corresponding to the username. Because SMTP passwords are sensitive credentials, Aegisify strongly recommends defining them via a constant in wp-config.php rather than storing them in the WordPress options database. Storing credentials in configuration files allows for better environment segregation (development, staging, production) and prevents accidental exposure through database exports or backups. In professional deployments, it is best practice to manage SMTP credentials via environment variables or configuration management systems and reference them securely through constants.

From Email

The From Email setting defines the sender address that appears in outgoing message headers. This address should belong to a domain controlled by the organization and verified within the SMTP provider. In your example, ******************** is defined. For optimal deliverability and domain reputation management, the sending domain should have properly configured SPF, DKIM, and DMARC records aligned with the SMTP provider. Using unverified or misaligned domains can result in rejection, spam classification, or DMARC policy enforcement failures.

From Name

The From Name field specifies the human-readable sender identity displayed in the recipient’s inbox. In your configuration, this is set to Aegisify Support. While technically optional from a protocol standpoint, a properly branded sender name significantly improves user trust, open rates, and clarity in transactional communications. For enterprise environments, this value should align with corporate branding guidelines and remain consistent across all system-generated communications.

Reply-To

The Reply-To address determines where recipient responses are directed, independent of the From Email address. In your example, ******************** is defined. This setting is particularly useful in scenarios where the From Email may be a no-reply or system-generated address, but responses should be routed to a monitored inbox such as a support desk, shared mailbox, or ticketing system. Properly configuring Reply-To ensures two-way communication workflows remain intact while preserving technical sending policies and domain authentication alignment.

  • Diagnostics (built-in testing tools)

Test Connection

  • Purpose: Validates that WordPress can connect to the SMTP host using the configured port, encryption, and authentication settings.
  • Use when: You’ve entered credentials or changed encryption/port/provider and want to confirm connectivity.

Send Test Email

  • Purpose: Sends a real email to confirm end-to-end delivery.
  • Recipient: The site’s WordPress admin email.
  • Important note (shown in the UI): If you use Amazon SES in Sandbox, the recipient must be verified in SES.

  • Secure wp-config.php overrides (recommended)

At the bottom of the page, Aegisify provides a ready-to-copy snippet to define SMTP settings as constants in wp-config.php. This is recommended because:

  • Secrets (like SMTP password) are kept out of the database
  • Configuration becomes environment-friendly (dev/stage/prod)
  • It reduces risk during migrations, exports, and backups

Example constants shown in your UI include:

  • AEGISIFY_SMTP_ENABLED
  • AEGISIFY_SMTP_HOST
  • AEGISIFY_SMTP_PORT
  • AEGISIFY_SMTP_ENCRYPTION
  • AEGISIFY_SMTP_AUTH
  • AEGISIFY_SMTP_USERNAME
  • (and typically a password constant such as AEGISIFY_SMTP_PASSWORD, as recommended by the Password note)

Implementation guidance:

  1. Add the provided defines to wp-config.php (above the “stop editing” line).
  2. Use a secure method for secrets (environment variables, server secrets manager, or protected config management).
  3. Re-test with Test Connection and Send Test Email.

  • Operational best practices (for admins, integrators, and developers)

  • Use TLS/STARTTLS on port 587 unless your provider requires otherwise.
  • Verify your sender domain and set up SPF/DKIM/DMARC for best deliverability.
  • Prefer wp-config.php overrides for credentials (especially the SMTP password).

After any change, always run:

  1. Test Connection
  2. Send Test Email

If emails still don’t arrive:

  • Check spam/quarantine
  • Confirm provider sending limits / sandbox mode
  • Confirm correct region hostnames (SES)
  • Confirm the From Email is an approved/verified identity

Start the 30-Day Challenge Today!