Open driaug opened 1 month ago
mayank-sahai
commented
1 month ago Hi @driaug, as far as I know, you will need a Self-Signed Certificate from a trusted CA(like Digicert?) for production use. But for dev env, a Self-Signed Certificate should be enough. Then you can use those in the code snippet above. Asking just for my understanding, Is it like an SMTP endpoint that users for an action?
Bastih18
commented
1 month ago Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.
driaug
commented
1 month ago Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.
I'm wondering how you achieved this. That would mean that smtp-server was running as insecure, resulting in 99% of email client refusing to send mail to it.
Bastih18
commented
1 month ago Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.
I'm wondering how you achieved this. That would mean that
smtp-serverwas running as insecure, resulting in 99% of email client refusing to send mail to it.
Oh, yeah, I just did use it to send emails to people.
driaug
commented
1 month ago Hi @driaug, as far as I know, you will need a Self-Signed Certificate from a trusted CA(like Digicert?) for production use. But for dev env, a Self-Signed Certificate should be enough. Then you can use those in the code snippet above. Asking just for my understanding, Is it like an SMTP endpoint that users for an action?
The issue I have with this is that such a cert is signed for a single domain so I cannot bundle it. We would need to generate it in the code somehow, because we cannot know the domain the user might self-host it on.
It would be an SMTP endpoint that users can send emails with, indeed.
mayank-sahai
commented
1 month ago @driaug A certificate must be issued by a trusted CA, becoming one has a lot of overheads and security implications. Won't it be better to let customers add their own SMTP settings? like SMTP server IP and port with basic auth/oAuth2, username, password, and a default sender email address which will be of their domain? We can use the same when they use the SMTP endpoint.
mayank-sahai
commented
1 month ago Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.
I'm wondering how you achieved this. That would mean that
smtp-serverwas running as insecure, resulting in 99% of email client refusing to send mail to it.Oh, yeah, I just did use it to send emails to people.
It is possible, but I guess email data will be transmitted in plain text, which is not secure for sensitive information. Also, the mail can be marked as spam or blocked due to a lack of security.
Bastih18
commented
1 month ago Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.
I'm wondering how you achieved this. That would mean that
smtp-serverwas running as insecure, resulting in 99% of email client refusing to send mail to it.Oh, yeah, I just did use it to send emails to people.
It is possible, but I guess email data will be transmitted in plain text, which is not secure for sensitive information. Also, the mail can be marked as spam or blocked due to a lack of security.
Actually none of the emails I sent arrived as spam. Okay after re-checking how I did it, it didnt arrived as spam because I used smtp-server to connect to one of my MailServers (Which is configured properly), and then sending the mails via there.
jonasclaes
commented
1 month ago It's indeed a very good idea to require a certificate these days. An insecure mailserver opens you up to lots of risks, but I do think we need to keep in mind how and where this is deployed.
I think there's multiple routes you can take here:
driaug
commented
1 month ago I have implemented a secure SMTP endpoint for the managed version of Plunk.
I will spend some time to port it over into the self-hosted version but it will be on a bring your own certificate basis. Plunk will not be responsible for generating it.
untamedkk
commented
1 month ago Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.
driaug
commented
1 month ago Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.
I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?
untamedkk
commented
1 month ago Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.
I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?
My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.
[2024-08-17T13:57:00.340Z] DNS -> Resolved smtp.useplunk.com as 5.75.140.74 [cache miss] [2024-08-17T13:57:00.355Z] NETWORK -> Connection established to 5.75.140.74:465 [2024-08-17T13:57:06.355Z] SMTP -> Timeout [2024-08-17T13:57:06.356Z] CLIENT -> QUIT [2024-08-17T13:57:06.356Z] SMTP -> Closing connection to the server using "end"
Also, one more thing. The username shows plunk, is this correct one?
driaug
commented
1 month ago Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.
I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?
My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.
[2024-08-17T13:57:00.340Z] DNS -> Resolved smtp.useplunk.com as 5.75.140.74 [cache miss] [2024-08-17T13:57:00.355Z] NETWORK -> Connection established to 5.75.140.74:465 [2024-08-17T13:57:06.355Z] SMTP -> Timeout [2024-08-17T13:57:06.356Z] CLIENT -> QUIT [2024-08-17T13:57:06.356Z] SMTP -> Closing connection to the server using "end"
Also, one more thing. The username shows
plunk, is this correct one?
Which online tool is this. I have just given it another go using nodemailer, Supabase and a couple of online tools and all get through. plunk is indeed your username.
untamedkk
commented
1 month ago Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.
I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?
My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.
[2024-08-17T13:57:00.340Z] DNS -> Resolved smtp.useplunk.com as 5.75.140.74 [cache miss] [2024-08-17T13:57:00.355Z] NETWORK -> Connection established to 5.75.140.74:465 [2024-08-17T13:57:06.355Z] SMTP -> Timeout [2024-08-17T13:57:06.356Z] CLIENT -> QUIT [2024-08-17T13:57:06.356Z] SMTP -> Closing connection to the server using "end" Also, one more thing. The username shows
plunk, is this correct one?Which online tool is this. I have just given it another go using
nodemailer, Supabase and a couple of online tools and all get through.plunkis indeed your username.
I tried on https://smtpserver.com/smtptest and also tried to test an email through my keycloak server. All of them went timeout. It is because of geo location?
driaug
commented
1 month ago Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.
I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?
My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.
plunk, is this correct one?Which online tool is this. I have just given it another go using
nodemailer, Supabase and a couple of online tools and all get through.plunkis indeed your username.I tried on https://smtpserver.com/smtptest and also tried to test an email through my keycloak server. All of them went timeout. It is because of geo location?
If I add the right details and toggle SSL on the website you provide, the email is sent just fine. Keep in mind that it needs to be an SSL encrypted transport.
untamedkk
commented
1 month ago Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.
I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?
My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.
plunk, is this correct one?Which online tool is this. I have just given it another go using
nodemailer, Supabase and a couple of online tools and all get through.plunkis indeed your username.I tried on https://smtpserver.com/smtptest and also tried to test an email through my keycloak server. All of them went timeout. It is because of geo location?
If I add the right details and toggle
SSLon the website you provide, the email is sent just fine. Keep in mind that it needs to be an SSL encrypted transport.
Hi @driaug , thank you for your prompt response. Actually I did enabled the SSL but somehow I was also using the wrong from email. But now its working like charm. Just a question, does Plunk follows HIPAA and GDPR compliances?
untamedkk
commented
1 month ago Sorry for spaming the comment section. Also, nice to have a healthcheck or status api/dashboard.
driaug
commented
1 month ago Just a question, does Plunk follows HIPAA and GDPR compliances?
Plunk does try to follow the GDPR laws but since we are not audited, I am not legally allowed to make claims that we are.
A lot of users reach out regarding an SMTP package/endpoint for Plunk.
I have given it a go a long time ago but could not make it work. Mostly got stuck on the certificates needed to make it work. If anyone would have experience with it and could make it work so the docker image can still build and deploy, that would be a very great addition!
Possibly with: https://nodemailer.com/extras/smtp-server/
All we would need is to accept the request, internally we can send it through to the API which would automatically create the contact and handle everything else.
The part that scares me from nodemailer's
smtp-serveris thisWe would need to have that
.keyand.crtfile, unless I am just dead wrong?