secure smtp mail delivery from baikal server

[urmel1960]

Baikal version: 0.7

Problem you are having: baikal server uses php mail() to send mails out. Outgoing mails are usually having the webserver user (e.g.www-data@servername.domain.tld) as sender address and there is no dkim signing etc. for those mails. futher you run into problems with some mail providers (e.g. google) rejecting mails/calendar invitations not fitting into a valid dmarc policy and not having proper dkim signing. Only solution from my standpoint at the moment - opening spf-policy of the sender domain to allow all sender addresses - even without proper dkim signature - and coming from every host . This is not fine from an security and spam fighting standpoint

Suggested solution: baikal should provide the possibility to deliver the outgoing mails through an authenticted smtp connection a mailserver of choice.

Any idea for an suitable interim solution is highly welcome and appreciated.

Thanks

[Tntdruid]

Baikal sure need that.

[stevearbour]

What about something like SSMTP ?

[10029759]

I would suggest the use fo PHPMailer as an alternitive. Its easier to configure and uses SMTP so could be a good choice.

https://github.com/PHPMailer/PHPMailer

[stevearbour]

We all agree that the server itself should be using PHPMailer, but because it doesn't, the option for now is to use something like SSMTP or BSMTP.

[wetneb]

@ByteHamster given your concerns in pull requests which add configuration settings such as #966, I wonder if you could chime in on this issue about the best approach to expose configuration parameters for SMTP-based email. Assuming you find it worth supporting of course (but I think the case for it is pretty clear IMHO).

[ByteHamster]

I think it is totally fine to add a setting for SMTP based emails. SMTP email delivery affects average users on standard web hosting packages.

In contrast, an IMAP authentication backend like in #966 requires a lot of configuration outside of Baikal and has edge-cases. It is only useful for a few users who probably run Baikal in a professional environment. In such environments, it is probably better to use sabre/dav directly because it is way more flexible. Baikal is meant to be an easy to use wrapper around sabre/dav. If we pass through every single feature of sabre/dav, Baikal is no longer easy to use.

I would be happy to review a PR for SMTP email delivery but I will probably not be the one who implements it. My goal when taking over Baikal's development only was to keep the project working on new php versions and fixing bugs. Not to add new features. But as I said, happy to review a PR :)

[wetneb]

Can we drop support for sending email via mail(), or should we offer both options (the current way or SMTP)?

[ByteHamster]

I think keeping mail() (eg not fully dropping it) would be better because with many hosters it works out of the box without any configuration

[cptsanifair]

I think keeping mail() (eg not fully dropping it) would be better because with many hosters it works out of the box without any configuration

i would like to have both. For Backwards compatibility on allready existing systems.

for the Problem with PHP-mail() i choose msmtp, and wrote this guide