You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# note: to keep ports 80 and 443 free, use "https://smtp.example.com:1234"
# instead of just the hostname here
smtp.example.com {
tls {
dns lego_deprecated dnsimple
}
}
; Hostname for this SMTP serverhostname = smtp.example.com
; File which contains username and password used for; authentication before they can send mail.allowed_users = /home/app/.config/smtprelay/allowed_users.txt
; Networks that are allowed to send mails to us; Defaults to localhost. If set to "", then any address is allowed.;allowed_nets = 0.0.0.0/0 ::/0allowed_nets = 0.0.0.0/0
; STARTTLS and TLS are also supported but need a; SSL certificate and key.;listen = starttls://0.0.0.0:587 starttls://[::]:587 tls://0.0.0.0:465 tls://[::]:465listen = starttls://0.0.0.0:587 tls://0.0.0.0:465
local_cert = /home/app/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/smtp.example.com/smtp.example.com.crt
local_key = /home/app/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/smtp.example.com/smtp.example.com.key
; Enforce encrypted connection on STARTTLS ports before; accepting mails from client.local_forcetls = true
; Relay Config (ex: Mailgun)remotes = starttls://user:pass@smtp.mailgun.org:587
Set permissions via ~/.config/smtprelay/allowed_users.txt:
# go run ./smtprelay/cmd/hasher.go 'my-password'
# <username> <bcrypt-hash> <email,list>
my-username $2a$10$uZntKVdnFmAZiswYLTl8auUUxeH4wOnAU5C4zz3rGWvMf2iOmhcDy @account.example.com,support@example.com
I just set this up for a client. This is the config we ended up going with.
Directory Structure
caddy
(for automated TLS certificates via Let's Encrypt)smtprelay
Let's Encrypt TLS Certs via caddy
go
,xcaddy
, and (optional)serviceman
via https://webinstall.devcaddy
with DNS support (no webserver required). Example w/ DNSimple:~/.config/caddy/Caddyfile
:~/.config/caddy/caddy.env
:DNSIMPLE_OAUTH_TOKEN='dnsimple_a_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
caddy
as a service withserviceman
(Linux, macOS, & Windows)--cap-net-bind
is only necessary if using default ports 80 & 443)smtprelay config
smtprelay --config ~/.config/smtprelay/smtprelay.ini
~/.config/smtprelay/smtprelay.ini
:~/.config/smtprelay/allowed_users.txt
:smtprelay --config ~/.config/smtprelay/smtprelay.ini
serviceman
:The text was updated successfully, but these errors were encountered: