The AWS SES settings work well for a single domain using Mailgun to relay email. However for a multi-domain setup it isn't quite enough, as we want to authenticate as different users depending on the sender's domain.
The configuration is described well in this forum post.
From looking at the code, it looks like this will need code adding in start-mailserver.sh#_setup_dovecot_local_user() and in check-for-changes,sh and a new function along the lines of start-mailserver.sh#_setup_postfix_relay_amazon_ses()
I'm happy to have a go at this so here's my plan:
- maintain another file postfix-sasl-password.cf to provide the multiple username passwords
- add extra env variables:
MULTI_DOMAIN_RELAY_HOSTMULTI_DOMAIN_RELAY_PORTMULTI_DOMAIN_RELAY_DEFAULT_USERMULTI_DOMAIN_RELAY_DEFAULT_PASSWORD
- update
relayhost_map file at startup and on changes
- (bonus) add a function to setup.sh which creates/updates
postfix-sasl-password.cf
A couple of thoughts/questions:
- Relay passwords will be stored in plain text in
config/postfix-sasl-password.cf (I guess it's not really worse than the current solution which needs the password in the docker-compose.yml or in .env)
MULTI_DOMAIN_RELAY_HOST and AWS_SES_HOST can't both be true - can this merely be documented in README?
The AWS SES settings work well for a single domain using Mailgun to relay email. However for a multi-domain setup it isn't quite enough, as we want to authenticate as different users depending on the sender's domain.
The configuration is described well in this forum post.
From looking at the code, it looks like this will need code adding in
start-mailserver.sh#_setup_dovecot_local_user()and incheck-for-changes,shand a new function along the lines ofstart-mailserver.sh#_setup_postfix_relay_amazon_ses()I'm happy to have a go at this so here's my plan:
MULTI_DOMAIN_RELAY_HOSTMULTI_DOMAIN_RELAY_PORTMULTI_DOMAIN_RELAY_DEFAULT_USERMULTI_DOMAIN_RELAY_DEFAULT_PASSWORDrelayhost_mapfile at startup and on changespostfix-sasl-password.cfA couple of thoughts/questions:
config/postfix-sasl-password.cf(I guess it's not really worse than the current solution which needs the password in the docker-compose.yml or in .env)MULTI_DOMAIN_RELAY_HOSTandAWS_SES_HOSTcan't both be true - can this merely be documented in README?