Check if we can use an existing SMTP server for ESI communications and activate

CCI-MOC / esi

Elastic Secure Infrastructure project

6 stars 12 forks source link

Check if we can use an existing SMTP server for ESI communications and activate #529

Closed joachimweyl closed 2 weeks ago

joachimweyl commented 3 months ago

Motivation

We need an SMTP server to deal with emails going to clients to let them know their ESI leases are ending soon.

Completion Criteria

Answer received if we are able to use an existing SMTP server or if we need to setup a new one.

Description

[x] Ask @culbert if we can use an existing SMTP service
[x] if yes then get access
[x] Gather Keys for MOC account
if no then setup our own

Completion dates

Desired - 2024-04-17 Required - TBD

joachimweyl commented 2 months ago

@Milstein any luck reaching out to @culbert about the SMTP server?

joachimweyl commented 2 months ago

@waygil when you reach out to @culbert, please include this issue in your list.

waygil commented 2 months ago

Comments from Jim: "We should be fine to use the MGHPCC AWS/SES setup for your ESI comms; I suspect the volume is low. The only issue might be "from" address/domain but if it's the same as regapp then we don't even need new credentials."

joachimweyl commented 1 month ago

@hakasapl what is the next step?

hakasapl commented 1 month ago

Waiting on a reply from @culbert. Here is my original message:

Hi Jim,

Moving the ESI SES request to a new thread. We would like to send emails from the "massopen.cloud" domain. I believe domains can be added through the SES dashboard, and we just have to add the DNS records it indicates. Could you add massopen.cloud and to the MGHPCC SES and give me the details for the DNS records it needs when you have time?

Let me know if you need any other details from me about this, it's been a while since I touched SES so I may have missed a part of the process.

- Hakan

hakasapl commented 1 month ago

I worked with Jim to get DNS verification records for massopen.cloud and I've set them in DNS records. Next step is for Jim to verify that the domain is verified in SES and make smtp credentials for ESI

joachimweyl commented 3 weeks ago

@hakasapl have you been able to test the keys that Jim sent you?

joachimweyl commented 2 weeks ago

@hakasapl please update with details of how the key testing went.

hakasapl commented 2 weeks ago

The key did not work for me (login failure message), I used a simple python script to try sending mail with a from address of esi@massopen.cloud over the starttls port. I've reached back out to Jim

hakasapl commented 2 weeks ago

Jim gave me a new key which works. I was able to send a test email to my email from esi@massopen.cloud