I am trying to use my own send-only server to send emails. I am running this SMTP gateway to use TLS because of which the client I use to send emails requires a certificate. I am using a self-signed certificate which is very easily configurable if I use postfix/ssmtp for sending emails but I am not sure how I can use a custom Cert in discourse email client.
Just to get a brief picture in the head:
Easy scenario:
Discourse —send—mail—> mailgun —send–mail—> user
My Scenario:
Discourse —send–mail–> my server running SMTP gateway —relay-mail-using-aws-ses-API—> user
I would like to correct my question. So I really don’t need to add any certs for this to work but still its failing to communicate on TLS. If I am testing it with swaks its working fine. Example command:
@itsbhanusharma AWS ses provides 60k emails per month free and as far as I know these email calls should be requested from ec2 instance to work otherwise they are charged as normal. My discourse instance is hosted on a digital ocean droplet. I could be wrong but this is my understanding and the reasoning behind it.
So even if Your SES API is receiving emails from a DigitalOcean IP, it would make it chargeable, You may decide to use another service or spin up exim on an ec2 instance to be a bridge between your DO droplet and AWS SES. I don’t think it’ll work but You can try.
I have already solved the relaying problem by running a local smtp server in ec2 which eventually forwards the smtp request to ses. The problem is discourse is failing on TLS handshake with this smtp server where as postfix/swaks and similar applications are working just fine.
Is there a way I can see where this SMTP handshake is handled? Like any library discourse is using in ruby behind the scenes? I don’t want to disable TLS here.
I have a $ 5 ec2 instance running on aws which I am using for relaying multiple domains. Moving discourse to ec2 would be a little costly from digital ocean, not much to be honest(few dollars over all).
But the point is even if I move discourse to ec2, I would still need that relay service to support rest of the droplets that I have on DO for other domains that I own. So why not just fix discourse
That is true, but discourse has nothing to do with SES here. Discourse is communicating with a SMTP server, which could be anything(right now its a relay service). I was wondering how does postfix/swaks and all are working just fine with this SMTP server(from same DO vpc) and not discourse. After setting that var, it is working though. Still I would like to know what library we are using in discourse for SMTP handshake so that I can personally verify if there is anything we can do to improve in discourse.