on3iropolos
commented
2 years ago @vnugent - I would be interested in working on this issue. My approach would be building a containerized postfix workload and keeping it open-source and self-hosted.
Closed nthh closed 10 months ago
on3iropolos
commented
2 years ago @vnugent - I would be interested in working on this issue. My approach would be building a containerized postfix workload and keeping it open-source and self-hosted.
vnugent
commented
2 years ago how do we harden the mail server from spamers and being marked as spam by Gmail?
on3iropolos
commented
2 years ago @vnugent
I'm not sure what you mean "harden from spammers". It would only send mail. It's not a full-featured email server and would only send outbound mail. It is hardened because the ports required would not be exposed to 0.0.0.0/0 and further protected by declaring the my_networks variable (defining which networks can use the relay) in the postfix configuration.
Outbound mail would not be marked as spam because DMARC, DKIM, and SPF would be configured.
This is the same service as I'm using with my SaaS employer, though in this case difference would be to deploy as container for better resource management.
vnugent
commented
2 years ago would it work with Auth0's requirements? My guess is we need a certificate from Letsencrypt for TLS.
and besides cluster access, what else do you need?
on3iropolos
commented
2 years ago Yes it would work for Auth0 and any other mail server needs for OpenBeta.
I would need temporary access to DNS (for mail records and LetsEncrypt verification), cluster access, and maybe demo of our current pipeline and repo so I can follow suit.
vnugent
commented
2 years ago I've sent you access information. For DNS, can you send me what needs to be added?
Is it possible to set smtp subdomain to something like smtp.tacos.openbeta.io?
You can test the email connection from Auth0 dev tenant (see link above). Once that works, I'll replicate Auth0 changes from the dev tenant to production. Thank you!
CocoisBuggy
commented
12 months ago Is the planned implementation still as discussed? (Containerized postfix workload). If so, is there a repo somewhere that represents our progress toward a self hosted mail server?
@vnugent @on3iropolos
I'm happy to hop on this and take it a little further on
vnugent
commented
12 months ago I was thinking about using Amazon SES. Significantly less work for a small price. What do you think?
jcallin
commented
11 months ago I agree that using a saas product will be a lot less initial work and maintenance. Our code itself remains open-source, despite interfacing with a closed-source product (which it seems like is unavoidable in the larger project anyway). I don't think that it is particularly important to (1) self host and (2) only use open-source code for this particular functionality. I've used MailGun before for this but it is basically the same thing as SendGrid and I'm sure very similar to SES. MaillGun, SendGrid, and SES all have simple setup docs on the Auth0 website for using each as an SMTP provider. I think we should go this route
on3iropolos
commented
11 months ago I also agree to go with a hosted route. While it's a project I would be very interested in running with, I'm a little too swamped with other work at the moment.
Adelore Lessard
*edit: removed personal data
CocoisBuggy
commented
11 months ago I would also imagine this is easier. Especially since our needs are so boilerplate
vnugent
commented
10 months ago We've migrated to SES. Thanks @enapupe!
Everyone please let us know if account related mails go to spam.
The auth0 emails are sent from root@auth0.com and are not customizable unless an email provider is set up.
Evaluate using a provider such as SendGrid for emails and also connecting that to the openbeta.io domain.
Auth0 setup instructions: https://auth0.com/docs/customize/email/smtp-email-providers