mjl- / mox

modern full-featured open source secure mail server for low-maintenance self-hosted email
https://www.xmox.nl
MIT License
3.71k stars 113 forks source link

Why SMTP relay feature is out of scope? #108

Closed vipas84 closed 7 months ago

vipas84 commented 11 months ago

Hi, I have a bunch of small apps and it would be nice to send transactional email and important updates to subscribed users through mox. Is there any chance the roadmap could be changed?

mjl- commented 11 months ago

Hi vipas84!

Perhaps you can already do what you're trying to achieve.

The "relay" on the roadmap is for unauthenticated relay, where mox would attempt to deliver any incoming messages (on smtp port 25). At most only limiting acceptance of queue submissions based on IP addresses of internal machines.

I would always configure an application to submit messages with smtp "submission" (port 465 or 587) with authentication. That allows mox to check if the sender is authorized to send messages with the "From" header present in the message, apply rate limiting.

But I suspect this brings us to the limitation: You can only send messages through mox with a certain message From address domain if that domain is configured in mox. That's because mox is currently designed to be in charge of email for a domain. For some transactional email, you may not want to let incoming email be handled by mox. However, you can still configure the domain in mox, and set up DKIM keys, etc, but simply not point the MX records to your mox instance.

If you really need the unauthenticated (possibly IP-limited) relay, that's indeed not on the roadmap. It feels like an outdated concept to me. If you really need it, I would be interested to hear why the authenticated submission would not work.

As for configuring a domain that mox is not fully "in charge" of (and with MX records pointing elsewhere): There will probably be some better handling (e.g. in the config) soon, based on the item on the roadmap named "HTTP-based API for sending messages and receiving delivery feedback". That is meant for easily sending transactional emails and receiving delivery feedback.