Sharraxaad
Emerge Mail replaces SMTP plugins for transactional WordPress email. Connect one or more Gmail or Microsoft 365 mailboxes via OAuth, and every wp_mail() call your site makes — password resets, comment notifications, WooCommerce receipts, contact-form submissions — is delivered through that mailbox’s API.
Because the From address is your own authenticated mailbox, messages benefit from SPF, DKIM, and DMARC alignment that PHP’s mail() function cannot provide. This typically results in dramatically better inbox placement than default WordPress mail.
Key features
- OAuth connections to Gmail and to all Microsoft account types (personal Outlook / Hotmail / Live and Microsoft 365 work/school accounts).
- No SMTP credentials to manage — you never enter a password into WordPress.
- Multiple mailboxes per site with automatic failover. The Active connection sends first; if it fails, the next available connection is tried, with a 10-minute cooldown on failed connections.
- Optional bulk-send throttle: when a burst of sends is detected, rotate through your connected mailboxes instead of hammering the Active one.
- Per-connection From email override for verified send-as aliases.
- Configurable sender defaults: a custom From name and an opt-in “Reply-To = admin email when sender differs” setting.
- Full
wp_mailcompatibility: To/Cc/Bcc (including from headers), HTML bodies, multipart alternative, attachments, custom headers, RFC 2822 address formats including comma-separated lists and quoted display names, non-UTF-8 charsets. - RFC 2047 encoding for non-ASCII subjects and display names.
- One-click Send test button per connection.
- Email Controls page: opt-in suppression of WordPress core self-notifications you don’t want to receive (comment moderation, automatic updates, new-user registered, etc.) — recorded to the Activity Log instead.
- Activity Log page: unified record of suppressed notifications, provider send errors, and recipient bounces — with type and severity filters, bulk delete, and automatic 30-day pruning.
- Last-error visibility per connection and a site-wide admin notice on recent failures.
- Automatic hourly token refresh (Action Scheduler when available, WP-Cron fallback).
- Safe fallback to default WordPress mail delivery on any failure — the plugin never blocks email.
- Extensible via filters: cooldown, bulk thresholds, HTTP timeouts, token-refresh timing, MIME output, suppression catalog.
How it works
When you connect a mailbox, an access + refresh token pair is encrypted with a per-site key and stored as a WordPress option. From that point on, your site talks directly to Gmail or Microsoft Graph; no third party sits in the send path.
The plugin hooks pre_wp_mail. If at least one connection is active, the message is routed through the chosen provider API. If the provider returns an error — or if no connections are configured — WordPress’s default mail delivery takes over transparently.
What this is not
- Not a marketing or bulk email tool. No subscriber lists, no campaigns, no broadcasts.
- Not a shared-IP SMTP relay. Each site sends from its own connected mailboxes.
- Not a way to spoof arbitrary From addresses. The provider will reject anything that isn’t an authorized send-as alias of the connected mailbox.
External services
To deliver mail, Emerge Mail communicates with three external services. By installing and using this plugin you agree to use of these services. Nothing is contacted until you click Connect Gmail or Connect Microsoft in the plugin settings.
1. Emerge OAuth service (emerge.redigit.net)
What it is and what it’s used for: A stateless OAuth proxy operated by the plugin author. It exists to broker the OAuth authorization handshake between your WordPress site and Google or Microsoft so the plugin can be authorized to send mail from your mailbox. The proxy holds the OAuth client secrets that Google and Microsoft would otherwise require every site to register individually.
What data is sent, when:
- When you click Connect Gmail or Connect Microsoft, your browser is redirected to
https://emerge.redigit.net/oauth/{provider}/authorizewith a PKCE code challenge and a state token generated by your site. No personal data is sent. - When the provider redirects back, your site posts the authorization code and PKCE verifier to
https://emerge.redigit.net/oauth/{provider}/tokento receive the access and refresh tokens. The tokens are returned directly to your site and stored locally, encrypted, inwp_options. The proxy does not persist them. - When an access token nears expiry, your site posts the refresh token to
https://emerge.redigit.net/oauth/{provider}/refreshto obtain a new access token. Again, nothing is persisted on the proxy. - No email content, recipient lists, or message metadata is ever sent to the proxy.
Terms and privacy:
- Terms of Service: https://emerge.redigit.net/terms-of-service
- Privacy Policy: https://emerge.redigit.net/privacy-policy
2. Google APIs (Gmail)
What it is and what it’s used for: Used only when you connect a Gmail mailbox. Once authorized, the plugin sends every wp_mail() message directly to the Gmail API (gmail.googleapis.com) from your WordPress site. Periodically the plugin also calls the Google OAuth userinfo endpoint (www.googleapis.com/oauth2/v2/userinfo) to verify the access token is still valid.
What data is sent, when:
- On each
wp_mail()call routed through a Gmail connection: the full outbound message (To/Cc/Bcc, subject, body, attachments, custom headers) is POSTed tohttps://gmail.googleapis.com/gmail/v1/users/me/messages/sendas a base64-encoded RFC822 message. This is what’s required for the message to reach the recipient. - On token validation: a Bearer token is sent to
https://www.googleapis.com/oauth2/v2/userinfo. No message data is included.
Terms and privacy:
- Google Terms of Service: https://policies.google.com/terms
- Google Privacy Policy: https://policies.google.com/privacy
- Google API Services User Data Policy: https://developers.google.com/terms/api-services-user-data-policy
3. Microsoft Graph (Outlook / Microsoft 365)
What it is and what it’s used for: Used only when you connect a Microsoft mailbox. Once authorized, the plugin sends every wp_mail() message directly to Microsoft Graph (graph.microsoft.com) from your WordPress site. Periodically the plugin also calls Graph’s /me endpoint to verify the access token is still valid.
What data is sent, when:
- On each
wp_mail()call routed through a Microsoft connection: the full outbound message (To/Cc/Bcc, subject, body, attachments, custom headers) is POSTed tohttps://graph.microsoft.com/v1.0/me/sendMailas a JSON payload. This is what’s required for the message to reach the recipient. - On token validation: a Bearer token is sent to
https://graph.microsoft.com/v1.0/me. No message data is included.
Terms and privacy:
- Microsoft Services Agreement: https://www.microsoft.com/en/servicesagreement
- Microsoft Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement
Rakibaad
- Upload the
emerge-mailfolder to/wp-content/plugins/, or install via the Plugins screen. - Activate the plugin from the Plugins menu.
- Click the new Emerge Mail top-level item in your WordPress admin sidebar.
- Click Connect Gmail or Connect Microsoft and approve the OAuth consent screen.
- Click Send test on the new connection row to confirm delivery to your administrator email.
As soon as a connection is active, wp_mail() routes through it automatically.
SBI
-
Does this work with WooCommerce, Contact Form 7, WPForms, etc.?
-
Yes. Anything that uses
wp_mail()— which is virtually every WordPress plugin that sends email — works without modification. -
Do I need a Google Cloud or Microsoft Azure account?
-
No. Authorization is handled by the Emerge OAuth service. You sign in with your normal Google or Microsoft account; no developer setup is required.
-
Where are my OAuth tokens stored?
-
Tokens are encrypted with a key generated locally on your site on first activation and stored as a WordPress option. They never leave your install. The OAuth proxy used during sign-in does not persist tokens.
-
What happens when an access token expires?
-
Access tokens expire roughly hourly. The plugin refreshes them automatically — both on a schedule and inline if a send happens to coincide with an expiry. You don’t need to do anything.
-
What happens if Gmail or Microsoft is unreachable?
-
The plugin returns an error from its
pre_wp_mailhook, which causes WordPress to fall back to its default mail delivery. The failure is recorded in the Last error column of the settings page and surfaced as an admin notice for 24 hours. -
Can I send from multiple mailboxes?
-
Yes. Connect as many as you like; the connection marked Active is used first. If a send fails (or the Active connection is in cooldown after a recent error), the plugin automatically falls through to the next available connection. You can switch the Active mailbox at any time from the Connections table.
For high-volume sites, turn on Bulk sending in Sender settings to spread bursts of sends across all connected mailboxes instead of always hitting the Active one.
-
Can I override the From email?
-
Yes. Enter a different address in the From email column on the Connections table. It must be a verified send-as alias on the connected mailbox (Gmail: Settings Accounts Send mail as; Microsoft: Mail Aliases or admin-configured), otherwise the provider will reject the send.
-
Can I customize the From display name?
-
Yes. Set it in Sender settings From name on the main settings page. Leave it blank to use your site title as the default.
-
Can I suppress noisy WordPress notifications I don’t care about?
-
Yes. Open Emerge Mail Email Controls and tick the notifications you want stopped. Eight WordPress core admin/editor notifications are listed (comment moderation, new comments, password reset notices, new user registrations, and automatic-update results). Suppressed notifications are recorded in Emerge Mail Activity Log so you still have an audit trail. End-user notifications (password resets, account changes, new-user welcome) are intentionally not listed — users need those.
-
Does the plugin read my mailbox?
-
No. The OAuth scope requested is sufficient only to send mail. The plugin does not call any read endpoints and cannot access existing messages.
-
Is `wp_mail` still available to other plugins after activation?
-
Yes.
wp_mailcontinues to function normally. The plugin only changes how the underlying send is performed; it doesn’t change any ofwp_mail‘s public behavior. -
Will the plugin work without an active mailbox connection?
-
Yes.
wp_mailfalls through to WordPress’s default delivery when no connection is available. The plugin never blocks email. -
How do I remove all stored data on uninstall?
-
Deleting the plugin from the Plugins screen runs
uninstall.php, which removes every stored connection, all encrypted tokens, the per-site encryption key, sender/control settings, the suppression-log table, and all scheduled jobs.
Dibu-eegisyo
Ka-qaybgalayaasha & Horumariyayaasha
“Emerge Mail” waa softiweer il furan. Dadka soo socda ayaa wax ku biiriyay kaabahan.
Ka-qaybgalayaasha
Ku tarjun “Emerge Mail” luqaddaada.
Ma xiisaynaysaa horumarinta?
Baadh koodka, fiiri bakhaarka SVN, ama iska qor diiwaanka horumarinta adigoo adeegsanaya RSS.
Isbeddellada
1.1.0
- New: “Other admin notices” catch-all in Email Controls. When enabled, suppresses any email sent solely to the Administration Email Address that isn’t already covered by a specific filter (WooCommerce order notifications, security alerts, backup reports, etc.). Use the
emerge_mail_suppress_other_adminfilter to whitelist specific messages. - New: unified Activity Log replaces the Suppression Log. Stores suppressed notifications, provider send errors, and synchronous recipient bounces in one table with type and severity filters.
- New (pro): synchronous bounce detection. Provider errors from Gmail/Microsoft Graph that indicate recipient-side rejection (invalid address, mailbox full, user unknown) are classified and logged as
send.bounce.*events. - New (pro): provider send-error logging. Quota-exceeded, auth-expired, and other provider failures are logged as
send.error.*events. - New:
emerge_mail_event_loggedaction — fires after each log entry. Subscribers receive a hydratedEventDTO and can filter by type prefix ($event->type_starts_with('send.bounce.hard.')). - New:
emerge_mail_after_send_attemptaction — fires once per mailbox attempt with the connection id, message, and outcome. Useful for third-party logging integrations. - New: pro feature gate via the
EMERGE_MAIL_PROconstant (andemerge_mail_pro_enabledfilter). All pro features route throughPro_Gate::is_enabled(). - Changed:
wp_mail()return value now reflects the failure type. Transport-side failures (provider quota, auth expired, provider 5xx, network blip — classified assend.error.*) fall back to WordPress’s default mail delivery, preserving the multi-provider / multi-filter fallback chain the previous version relied on. Recipient-side failures (invalid address, mailbox full, user unknown — classified assend.bounce.*) returnfalse, since no transport can rescue them — callers like Emerge Campaigns and contact-form plugins can detect and record the failure. The fallback is also preserved for the “no mailbox configured yet” case. Override the default via the newemerge_mail_fallback_on_failurefilter (4th param is the classified event type). - Changed: the “Emerge Mail: connection failure” admin notice is now scoped to the WordPress Dashboard and the Plugins screen. It no longer leaks into every other plugin’s admin pages.
- Schema: table renamed from
emerge_suppression_logtoemerge_mail_event_log. Addedseverity,connection_id,message_idcolumns. Existing suppression rows and settings migrated in place on first boot.
1.0.0
- Initial release.
- OAuth connections to Gmail and to all Microsoft account types (personal Outlook/Hotmail/Live and Microsoft 365 work/school).
- Multiple mailboxes per site with active-first routing and automatic failover (with per-connection cooldown after errors).
- Optional bulk-send throttle that rotates connections during detected bursts.
- Per-connection From email override for verified send-as aliases.
- Configurable Sender settings: custom From name (defaults to site title), opt-in Reply-To-to-admin-email when the sender differs, ignore plugin-set From header.
- Full
wp_mailmapping: attachments, Cc/Bcc from headers, multipart alternative, comma-separated address lists with quoted display names, non-UTF-8 charsets, RFC 2047 header encoding. - Send-test button per connection.
- Email Controls page: suppress eight WordPress core admin/editor self-notifications.
- Suppression Log custom table with WP list-table UI, type filter, bulk delete, and daily 30-day pruning.
- Per-connection failure visibility on the settings screen plus a site-wide admin notice on recent failures.
- Hourly token maintenance via Action Scheduler (WP-Cron fallback).
- Safe fallback to default WordPress mail delivery on any provider failure.
- Filter hooks for cooldown duration, bulk thresholds, HTTP timeouts and request args, token-refresh timing, final MIME output, Microsoft saveToSentItems, suppression catalog, and log retention.