As I am currently building a webapp, I am at the point where I need to set up outgoing email for account confirmation and such. I want to control all the email sending myself, so I want to set up an outgoing SMTP server. The problem is, I can’t seem to find any tutorials that accomplish exactly what I want. I started following this tutorial, but it seems to both give me things I don’t need and not go into things I do need, like setting up accounts for the SMTP server.
Basically, I want to create a SMTP server that is authorized to send mail from example.com that can be connected to from an application with given credentials like {user: '[email protected]', pass: 'mySecurePassword'}. I am hoping the end result can mirror functionality to the gmail smtp.gmail.com server that can be used to send mail from any @gmail.com account.
Can anyone point me in the right direction? Thanks.
If you are only interested in sending mail it will be much simpler but still require a good effort. I had the same requirement for a web application in the past and I have successfully setup my own mail server. Here some key points:
• You have to choose an SMTP Server (specifically a mail transport agent). I have chosen postfix for some reasons that I don’t remember exactly. There are good tutorials on how to configure it on the web. Don’t forget to remove any SMTP server already installed with your distro before installing a new one.
• It not absolutely required but you will want a mail client on the machine. You web backed-end will use that to send mail. You can still send mail without client but your will need to act as such by opening the port 25 manually and send the good command to have your mail sent by the server. So I recommend using a mail client.
• You need an A record (e.g.: mail.yourdomain.com) even if you don’t want to receive mail. Some mail servers will check that. This is part of your domain configuration.
• An MX record (e.g.: mail.yourdomain.com). If you have only one mail server, you can go ahead with a priority of 10. This is also part of your domain configuration.
• You absolutely need a well construct SPF record if you don’t want your email to be rejected for other mail servers. Google for spfwizard to build your SPF string easily. This should be a TXT record in your domain configuration.
• You need also a DKIM key to ensure that your email will be accepted. I used OpenDKIM, configured to work with Postfix. One configured, don’t forget to add your DKIM string to your domain configuration in the form of a TXT record. I have followed the guide ‘Configure DomainKeys (OpenDKIM) with Postfix on CentOS 7’ from linuxtechi.com to do that.
• It is not absolutely required but I encourage you to add a DMARC record to your domain configuration, again as a TXT record. It will help you email to pass some the anti-spam system. I have used opendmarc with postfix for that.
• You have to configure your mail server to use TLS. If your send mail w/o TLS your mail will likely be rejected by all major mail server (google, outlook, apple). If you can afford to by a a certificate from a recognized CA it is better, but for my part I have used a self signed certificate and I didn’t had any problem at all.
• As you mentioned you already have PTR recoed. Ensure that is well configured as a reverse DNS. If it is not the case your email will be rejected.
• Once you will have all that configured, test your mail server using an online service. I use mail-tester.com for that.
• Periodically check if your IP has been blacklisted. You can subscribe to a such service for free on the web.
• Use only a commercial ISP. If you use a residential provider most of the time they block the port 25 in one way or another so it will not work even is it’s only for a test setup.
The most important thing beside all is to avoid a bad configuration that will make your server an open relay. This will blacklist your server almost instantly and you will have to restart from scratch, including changing domain name and IP address. Since you want your server to only send mail, it is more easy to configure it without becoming an open relay.
Also, even if you have configured all perfectly, some mail servers, like Outlook for example, will always flag your email as spam at the beginning. Their rules are based on statistics so you will need to send mail to a few friends with Outlook accounts and tell then to mark your mail as not span. After a while Outlook will start to accept your mail correctly. I didn’t have this problems with other majors mail servers.