From 106f5075986ec5e26cd5eebad81c903087b96b60 Mon Sep 17 00:00:00 2001 From: ne20002 Date: Tue, 4 Feb 2025 15:38:32 +0000 Subject: [PATCH] Update the msmtp setup --- README.md | 55 +++++++++++++++++++++++++++++++------------ docker-setup_msmtp.sh | 10 ++++---- 2 files changed, 45 insertions(+), 20 deletions(-) mode change 100644 => 100755 docker-setup_msmtp.sh diff --git a/README.md b/README.md index b492f41..3693f20 100644 --- a/README.md +++ b/README.md @@ -109,29 +109,54 @@ Because Friendica links the administrator account to a specific mail address, yo ## Mail settings -The binary `ssmtp` is used for the `mail()` support of Friendica. +The binary `msmtp` is used for the mail support of Friendica. -You have to set the `--hostname/-h` parameter correctly to use the right domainname for the `mail()` command. +The mail functionality is e.g. used for sending confirmation emails for registration (including the password for newly registered +users). -You have to set a valid SMTP-MTA for the `SMTP` environment variable to enable mail support in Friendica. -A valid SMTP-MTA would be, for example, `mx.example.org`. +To make use of the mail functionality you need a working email account with which you can send emails. This may +be an account on gmail, gmx or any other provider of public email. If you have your own email server you can use it as well. +It is recommended to not use your personal email account for this. But you may use it if you just want to test friendica or during +the installation. You can change it afterwards by simply changing the following environment variables. -The following environment variables are possible for the SMTP examples. +The example is based on sending emails via SMTP submission as this is the standard for sending email with nearly all providers +of public email accounts. We use the server for *outgoing emails*. -- `SMTP` Address of the SMTP Mail-Gateway. (**required**) +The setup uses STARTTLS with authentication by default. It is possible to use plain TLS connection (usually using port 465) or +even unencrypted connections by setting the environment variables accordingly. Using unencrypted connections is not recommended though. + +The following environment define the Mail-Gateway and its connection for the SMTP setup. + +- `SMTP` **required** Address of the SMTP Mail-Gateway, e.g. smtp.gmx.net - `SMTP_PORT` Port of the SMTP Mail-Gateway. (Default: 587) -- `SMTP_DOMAIN` The sender domain. (**required** - e.g. `friendica.local`) +- `SMTP_TLS` Use TLS for connecting the SMTP Mail-Gateway. (Default: `on`, shall also be `on` when using STARTTLS) +- `SMTP_STARTTLS` Use STARTTLS for connecting the SMTP Mail-Gateway. (Default: `on`, `off` when `SMTP_PORT` is 465) + +Sending emails usually requires authentication or login to the Mail-Gateway. This is controlled by + +- `SMTP_AUTH_USER` **usually necessary** Username for the SMTP Mail-Gateway. (Default: empty) +- `SMTP_AUTH_PASS` **usually necessary** Password for the SMTP Mail-Gateway. (Default: empty) +- `SMTP_AUTH` Auth mode for the SMTP Mail-Gateway. (Optional: Default `on` when `SMTP_AUTH_USER` and `SMTP_AUTH_PASS` are set) + +The user used for sending emails is controlled by + +- `SMTP_DOMAIN` **required** The sender domain. This is the part after the @ in the email address. - `SMTP_FROM` Sender user-part of the address. (Default: `no-reply` - e.g. no-reply@friendica.local) -- `SMTP_TLS` Use TLS for connecting the SMTP Mail-Gateway. (Default: empty) -- `SMTP_STARTTLS` Use STARTTLS for connecting the SMTP Mail-Gateway. (Default: `On`) -- `SMTP_AUTH` Auth mode for the SMTP Mail-Gateway. (Default: `On`) -- `SMTP_AUTH_USER` Username for the SMTP Mail-Gateway. (Default: empty) -- `SMTP_AUTH_PASS` Password for the SMTP Mail-Gateway. (Default: empty) -**Addition to STARTTLS** +If a public email provider is used it may most certainly reject your emails if you use the default `no-reply` for `SMTP_FROM`. You should then +use a different name. -the `tls_starttls` setting is either `On` or `Off`, but never unset. -That's because in case it's unset, `starttls` would be activated by default (which would need additional configuration like a separate port). +A minimum setup for using a gmx.de account would look like this: + +```yaml + + environment: + - SMTP=smtp.gmx.net + - SMTP_DOMAIN=gmx.de + - SMTP_AUTH_USER= + - SMTP_AUTH_PASS= + +``` ## Database settings diff --git a/docker-setup_msmtp.sh b/docker-setup_msmtp.sh old mode 100644 new mode 100755 index c902b6d..bb7699a --- a/docker-setup_msmtp.sh +++ b/docker-setup_msmtp.sh @@ -7,8 +7,8 @@ if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" smtp_from="${SMTP_FROM:=no-reply}" smtp_auth="${SMTP_AUTH:=on}" - # https://github.com/friendica/docker/issues/233 - smtp_starttls="${SMTP_STARTTLS:=on}" + smtp_port="${SMTP_PORT:=587}" + smtp_tls="${SMTP_TLS:=on}" # Setup MSMTP usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root @@ -24,11 +24,11 @@ if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" { echo "account default" echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi + echo "port $smtp_port" echo "from \"$smtp_from@$SMTP_DOMAIN\"" echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - echo "tls_starttls $smtp_starttls"; + echo "tls $smtp_tls" + if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls $SMTP_STARTTLS"; elif [ $smtp_port = "465" ]; then echo "tls_starttls off"; else echo "tls_starttls on"; fi if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi