Using Mailtrap on your mobile device to test deep and universal links in NativePHP apps.

Anthony Rappa

Anthony Rappa

1 min read

Using Mailtrap on your mobile device to test deep and universal links in NativePHP apps.

If you're trying to open MailHog from your iPhone using http://127.0.0.1:8025, it won’t work — and here’s why:

127.0.0.1 (localhost) always refers to the device you're using.

So when you're on your phone, 127.0.0.1 means your phone, not your Mac where MailHog is running.

Here’s how to access MailHog running on your Mac from your iPhone:

Step 1: Find Your Mac’s Local IP Address

Run this in Terminal on your Mac:

1ipconfig getifaddr en0

Example Output: 192.168.1.23

If you’re on Wi-Fi and this returns nothing, try ipconfig getifaddr en1 instead.

Step 2: Run MailHog to Listen on All Interfaces

By default, MailHog only listens on 127.0.0.1. You need to make it listen on all IPs:

1MailHog -api-bind-addr=0.0.0.0:8025 -ui-bind-addr=0.0.0.0:8025

This tells MailHog to accept connections from any device on your network — including your iPhone.

Step 3: Access MailHog from Safari on Your iPhone

Make sure your iPhone is on the same Wi-Fi network as your Mac. Then open:

http://192.168.1.23:8025

Replace 192.168.1.23 with the IP from Step 1.

👨‍💻 Use Cases

This is super useful when you’re testing:

  • Universal Links
  • Deeplinking with NativePHP
  • Email previews triggered from mobile apps

⚠️ Security Concerns

Opening up MailHog to your network introduces real security considerations:

🔓 1. No Authentication

MailHog has no built-in login or access control. Anyone who can access the IP and port can view every captured email — which may include:

  • Password reset links
  • One-time tokens
  • Test user data
  • Sensitive internal messages

🌐 2. Network Visibility

If you’re on a shared or public Wi-Fi, any device on that network can open http://:8025 and see your MailHog inbox.

🔁 3. Unencrypted HTTP

MailHog serves everything over plain HTTP — there’s no HTTPS by default, which means data can be sniffed or intercepted on insecure networks.

🛡️ Recommended Precautions

If you’re working on something sensitive or in a public place, consider these safer alternatives:

  • 🔥 Restrict with a firewall: Only allow connections to port 8025 from your phone’s IP.
  • 🔐 Use a reverse proxy: Run MailHog behind nginx or Caddy with basic auth and HTTPS.
  • 🌩️ Use a secure tunnel: Tools like ngrok can expose MailHog safely over HTTPS with access control.
  • 🔌 Shutdown when done: Always close MailHog or revert it to 127.0.0.1 when you’re finished testing.
79 views
Anthony Rappa

By Anthony Rappa

Hello! I'm a full stack developer from Long Island, New York. Working mainly with Laravel, Tailwind, Livewire, and Alpine.js (TALL Stack). I share everything I know about these tools and more, as well as any useful resources I find from the community. You can find me on GitHub and LinkedIn.