I used the Ansible playbook instructions and got my instance up and running, which is where I’m sending this from now. Still, I was not able to get the SMTP side of things working. Does this whole setup self-host SMTP on the Lemmy instance, or is it something I’ll have to sort out externally? I’ve heard some people have had issues with Digital Ocean on certain ports, which is the VPS provider I’m hosting on, but even other ports I’ve tried have not worked.
Afaik Digital Ocean blocks smtp port.
What you can do is to get some mail relay service, such as mailgun or any other and configure postfix to use it as a relay host. It can be done running postfix container, but probably Lemmy could be configured to send email via relay without using postfix
Yep. DigitalOcean specifically recommends SendGrid as an alternative: https://docs.digitalocean.com/support/why-is-smtp-blocked/
There was a post earlier on recommended SMTP services. One is having a deal for $5/year, 300 emails/hr rate mxroute
If it’s anything like SMTP on a Mediawiki or Discourse instance (example notes, then what you probably need is something called “transactional email” (I’m guessing you’re looking at a guide like this?). I’ve made use of this guide for looking up vendors for that service.
In theory, the same server hosting a Lemmy service could also send and receive emails. However, in practice there’s a high probability of these emails landing in spam boxes. The defacto proof-of-work hurdle that inhibits email spam today is paying commercial transactional email companies a monthly fee. I’m hopeful that one day self-hosted email server software will become easier to set up through things like FreedomBox (via Postfix, Dovecot, and Rspamd), but the fundamental reputation problem remains, imo.
So, I doubt a Lemmy setup guide would automatically take care of email setup. In any case, the process involves creating at least one MX record (according to instructions provided by your transactional email service) with your DNS provider which depends on the name servers you have configured for your domain registrar. The transactional email service you select should provide instructions for what port to open, as well as what SMTP URL, user name, password, and postmaster email address to provide to Lemmy.
Wait, what am I exactly doing with the MX record? Would that be necessary to send email in the first place? I only have two basic A records configured at the moment.
Theoretically, I don’t think an MX record is absolutely needed to send, but it definitely is needed to receive. An MX record helps an email sending server to figure out which IP address to actually send email data packets towards based on the domain name in the email address (i.e. the
@apple.com
insteve@apple.com
).Even if you’re self-hosting your own email server and are using the same domain name for all services and are using port number to differentiate incoming traffic, incoming email won’t come in unless an MX record can explicitly tell other email servers where to send emails labeled with your domain name. An MX record can also be a handy way to redirect email traffic to a different IP address in case the one your server uses is blacklisted by other email servers (e.g. if spammers have used your IP address in the past).
An A record can associate an IP address with a domain name but an MX record is needed to tell a sending server that a domain name is prepared to accept email at all.
That said, if you examine the DNS setup instructions that a transactional email company will send you, you’ll see that they also want you to create other DNS records for purposes. For example, Mailgun has me store a public key in a TXT record (making it a DKIM record) used to cryptographically authenticate emails against emails sent by your server (that are forwarded and signed by Mailgun’s private key) to prevent email address impersonation, which might be important even if you’re only sending password reset emails and not expecting to receive email. (I recall receiving several emails from
emperorpalpatine@senate.gov
while in college, probably sent by mischievous CS students learning about email stuff themselves and realizing our school’s email setup was old and crusty) Mailgun also has me keep a CNAME record as well for some kind of delivery confirmation service (a transactional email service is basically a trusted man-in-the-middle); I forget the details. But, basically, thanks to spammers, there’s more to setting up your own email service than creating an MX record, even if all you’re doing is setting up a Lemmy instance that only needs to send password reset emails.Source: someone who has bumbled through Discourse and Mediawiki email setup for small projects.
Can’t comment on the Ansible/Lemmy side of things, but I ran a mailserver in DO for years. IIRC I had to file a ticket for them to unblock port 25 outgoing, and IPv6 was a no-go entirely (because they assign individual IPs instead of a /64 for instances like they should, or maybe just too small a range I forget).
I would suggest using some mailer service (mailgun, SES, postmark, etc.) unless you are interested in fully actually running a mailserver and all the fun deliverability issues that can ensue.
I used Mailgun and port 2525 for smtp in GCP. It also blocks port 25.
Do you know if Mailgun is free for 5,000 emails per month, or is that offer for only the first month of service?
I believe it’s always free. I’ve used it for the last year and haven’t paid a penny.
Oh, dope. I’ll give it a try.
I’m on hetzner who also block port 25. I finally worked out what I needed to change to get it to work. As your using the ansible playbook, all you need to change the lines inside the .hjson file to match those of an external mail service. I used Mailersend (3000 free emails once you’re verified). If you’re using port 587 use starttls as your encryption.
I just use zohos free smtp and use the credentials in the smtp setup for lemmy