Add SMTP package

[driaug]

A lot of users reach out regarding an SMTP package/endpoint for Plunk.

I have given it a go a long time ago but could not make it work. Mostly got stuck on the certificates needed to make it work.
If anyone would have experience with it and could make it work so the docker image can still build and deploy, that would be a very great addition!

Possibly with: https://nodemailer.com/extras/smtp-server/

All we would need is to accept the request, internally we can send it through to the API which would automatically create the contact and handle everything else.

The part that scares me from nodemailer's smtp-server is this

const server = new SMTPServer({
  secure: true,
  key: fs.readFileSync("private.key"),
  cert: fs.readFileSync("server.crt"),
});

We would need to have that .key and .crt file, unless I am just dead wrong?

[mayank-sahai]

Hi @driaug, as far as I know, you will need a Self-Signed Certificate from a trusted CA(like Digicert?) for production use.
But for dev env, a Self-Signed Certificate should be enough.
Then you can use those in the code snippet above.
Asking just for my understanding, Is it like an SMTP endpoint that users for an action?

[Bastih18]

Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.

[driaug]

Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.

I'm wondering how you achieved this. That would mean that smtp-server was running as insecure, resulting in 99% of email client refusing to send mail to it.

[Bastih18]

Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.

I'm wondering how you achieved this. That would mean that smtp-server was running as insecure, resulting in 99% of email client refusing to send mail to it.

Oh, yeah, I just did use it to send emails to people.

[driaug]

Hi @driaug, as far as I know, you will need a Self-Signed Certificate from a trusted CA(like Digicert?) for production use. But for dev env, a Self-Signed Certificate should be enough. Then you can use those in the code snippet above. Asking just for my understanding, Is it like an SMTP endpoint that users for an action?

The issue I have with this is that such a cert is signed for a single domain so I cannot bundle it. We would need to generate it in the code somehow, because we cannot know the domain the user might self-host it on.

It would be an SMTP endpoint that users can send emails with, indeed.

[mayank-sahai]

@driaug A certificate must be issued by a trusted CA, becoming one has a lot of overheads and security implications.
Won't it be better to let customers add their own SMTP settings? like SMTP server IP and port with basic auth/oAuth2, username, password, and a default sender email address which will be of their domain?
We can use the same when they use the SMTP endpoint.

[mayank-sahai]

Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.

I'm wondering how you achieved this. That would mean that smtp-server was running as insecure, resulting in 99% of email client refusing to send mail to it.

Oh, yeah, I just did use it to send emails to people.

It is possible, but I guess email data will be transmitted in plain text, which is not secure for sensitive information. Also, the mail can be marked as spam or blocked due to a lack of security.

[Bastih18]

Hey yall, I personally worked with smtp-server a bit before, I didnt do receiving emails yet, but for the sending I didnt need the key or the cert.

I'm wondering how you achieved this. That would mean that smtp-server was running as insecure, resulting in 99% of email client refusing to send mail to it.

Oh, yeah, I just did use it to send emails to people.

It is possible, but I guess email data will be transmitted in plain text, which is not secure for sensitive information. Also, the mail can be marked as spam or blocked due to a lack of security.

Actually none of the emails I sent arrived as spam.
Okay after re-checking how I did it, it didnt arrived as spam because I used smtp-server to connect to one of my MailServers (Which is configured properly), and then sending the mails via there.

[jonasclaes]

It's indeed a very good idea to require a certificate these days. An insecure mailserver opens you up to lots of risks, but I do think we need to keep in mind how and where this is deployed.

I think there's multiple routes you can take here:

• Store certificate details in a database/secure location (cert and key), which an admin would manually need to update before certificate expiry (maybe a notification?)
• Pass these certificates in through volume mappings in Docker (this might be useful if a self-hoster is using certbot for LetsEncrypt certificates, so they can reuse them for the frontend and the mail server for example)
• Add automatic LetsEncrypt certificate generation for this feature, and then store it in fs/database. How you achieve this certficate depends, it might be through the web, it might be through DNS. Easiest I think is through web, because that's the most universal, however, a self hoster might now want to allow web access from the internet, and might want to use DNS based for that purpose.

[driaug]

I have implemented a secure SMTP endpoint for the managed version of Plunk.

I will spend some time to port it over into the self-hosted version but it will be on a bring your own certificate basis. Plunk will not be responsible for generating it.

[untamedkk]

Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.

[driaug]

Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.

I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?

[untamedkk]

Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.

I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?

My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.

[2024-08-17T13:57:00.340Z] DNS -> Resolved smtp.useplunk.com as 5.75.140.74 [cache miss]
[2024-08-17T13:57:00.355Z] NETWORK -> Connection established to 5.75.140.74:465
[2024-08-17T13:57:06.355Z] SMTP -> Timeout
[2024-08-17T13:57:06.356Z] CLIENT -> QUIT
[2024-08-17T13:57:06.356Z] SMTP -> Closing connection to the server using "end"

Also, one more thing. The username shows plunk, is this correct one?

[driaug]

Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.

I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?

My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.

[2024-08-17T13:57:00.340Z] DNS -> Resolved smtp.useplunk.com as 5.75.140.74 [cache miss] [2024-08-17T13:57:00.355Z] NETWORK -> Connection established to 5.75.140.74:465 [2024-08-17T13:57:06.355Z] SMTP -> Timeout [2024-08-17T13:57:06.356Z] CLIENT -> QUIT [2024-08-17T13:57:06.356Z] SMTP -> Closing connection to the server using "end"

Also, one more thing. The username shows plunk, is this correct one?

Which online tool is this. I have just given it another go using nodemailer, Supabase and a couple of online tools and all get through. plunk is indeed your username.

[untamedkk]

Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.

I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?

My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.

[2024-08-17T13:57:00.340Z] DNS -> Resolved smtp.useplunk.com as 5.75.140.74 [cache miss] [2024-08-17T13:57:00.355Z] NETWORK -> Connection established to 5.75.140.74:465 [2024-08-17T13:57:06.355Z] SMTP -> Timeout [2024-08-17T13:57:06.356Z] CLIENT -> QUIT [2024-08-17T13:57:06.356Z] SMTP -> Closing connection to the server using "end"
Also, one more thing. The username shows plunk, is this correct one?

Which online tool is this. I have just given it another go using nodemailer, Supabase and a couple of online tools and all get through. plunk is indeed your username.

I tried on https://smtpserver.com/smtptest and also tried to test an email through my keycloak server. All of them went timeout. It is because of geo location?

[driaug]

Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.

I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?

My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.

[2024-08-17T13:57:00.340Z] DNS -> Resolved smtp.useplunk.com as 5.75.140.74 [cache miss] [2024-08-17T13:57:00.355Z] NETWORK -> Connection established to 5.75.140.74:465 [2024-08-17T13:57:06.355Z] SMTP -> Timeout [2024-08-17T13:57:06.356Z] CLIENT -> QUIT [2024-08-17T13:57:06.356Z] SMTP -> Closing connection to the server using "end"
Also, one more thing. The username shows plunk, is this correct one?

Which online tool is this. I have just given it another go using nodemailer, Supabase and a couple of online tools and all get through. plunk is indeed your username.

I tried on https://smtpserver.com/smtptest and also tried to test an email through my keycloak server. All of them went timeout. It is because of geo location?

If I add the right details and toggle SSL on the website you provide, the email is sent just fine. Keep in mind that it needs to be an SSL encrypted transport.

[untamedkk]

Hi @driaug I have just tried to use SMTP email using Spring Boot Java Mail Server but so far no success. I have got the SMTP creds information from the dashboard. Not sure what I am doing wrong.

I will need a better description than that. Do you get an error, does it timeout, do you have a code sample?

My project does not respond, its just keep running. I have tried with another online tool and it seems like its going timeout. I have attached a screenshot for your reference.

[2024-08-17T13:57:00.340Z] DNS -> Resolved smtp.useplunk.com as 5.75.140.74 [cache miss] [2024-08-17T13:57:00.355Z] NETWORK -> Connection established to 5.75.140.74:465 [2024-08-17T13:57:06.355Z] SMTP -> Timeout [2024-08-17T13:57:06.356Z] CLIENT -> QUIT [2024-08-17T13:57:06.356Z] SMTP -> Closing connection to the server using "end"
Also, one more thing. The username shows plunk, is this correct one?

Which online tool is this. I have just given it another go using nodemailer, Supabase and a couple of online tools and all get through. plunk is indeed your username.

I tried on https://smtpserver.com/smtptest and also tried to test an email through my keycloak server. All of them went timeout. It is because of geo location?

If I add the right details and toggle SSL on the website you provide, the email is sent just fine. Keep in mind that it needs to be an SSL encrypted transport.

Hi @driaug , thank you for your prompt response. Actually I did enabled the SSL but somehow I was also using the wrong from email. But now its working like charm. Just a question, does Plunk follows HIPAA and GDPR compliances?

[untamedkk]

Sorry for spaming the comment section. Also, nice to have a healthcheck or status api/dashboard.

[driaug]

Just a question, does Plunk follows HIPAA and GDPR compliances?

Plunk does try to follow the GDPR laws but since we are not audited, I am not legally allowed to make claims that we are.