I have read many posts here regarding multiple domains externally hosted. I can’t find anything definitive on using MiaB as my e-mail server for externally hosted domains, meaning I want my website to send e-mails via MiaB.
I have MiaB running for almost a year now. Works great. I use it for e-mail for several domains. All domains use MiaB as their Nameserver. I have used Custom DNS page to set A records for my websites on external servers and all sites work great.
I would like these external sites to be able to use MiaB as their SMTP server. I just need it for outgoing mail so users of my site can get e-mail to reset their passwords or to broadcast an e-mail to our users.
My site can connect to Gmail SMTP or Mailtrap without an issue. It can not get access to my MiaB server. One of the differences is that Gmail and Mailtrap both use SSL where MiaB requires STARTTLS. Not sure if that is the issue that is stopping me, or not. Either way I really wish I could get this working.
This seems like a pretty basic function you would want a mail server to do. What I am I missing here?
The proposed solution of installing Postfix? No. I started but didn’t understand all the settings for it so I stopped. I was hoping someone could offer a solution here on the MiaB side of things. Why does MiaB have to be so restrictive as to only accept STARTTLS? Is there a way I can override that requirement?
There were a few problems with this. There exists lots of software, that used the alternate port numbers with pure SSL/TLS connections. Client software can be very long lived, so you can’t just disable the encrypted ports until all software has been upgraded.
Each protocol received mechanisms to tell clients that the server supported upgrading to SSL/TLS (e.g. STARTTLS in IMAP’s CAPABILITY response), and that they should not attempt to login without doing the STARTTLS upgrade (LOGINDISABLED in IMAP’s CAPABILITY response). This created two unfortunate situations:
Some software just ignored the “login disabled until upgraded” announcement (LOGINDISABLED, STARTTLS) and just tried to log in anyway, sending the user login name and password over clear text channel. The server rejected the login and password, but the details had already been sent over the Internet in plain text. Other software saw the “login disabled until upgraded” announcement, but then wouldn’t upgrade the connection automatically, and thus reported login errors back to the user, which caused confusion about what was wrong.
Both of these problems resulted in significant compatibility issues with existing clients, and so most system administrators continued to just use plain text connections on one port, and encrypted connections on a separate port number.
I am theorizing that one or the other of the bolded things are happening with Laravel.
I’d be happy to walk you through it on Slack. The instructions I recommend vary slightly from what is published in the advanced guide.
Both questions that someone on the development team would have to answer. I know I suggested on Slack to ask here - but this question delves into developer territory and may be better addressed on GitHub.
Well, Laravel uses SwiftMailer and that doesn’t support STARTTLS so we could ask why that is the case for SwiftMailer. My answer would be that it doesn’t because it works well most places like Gmail and Mailtrap. Why complicate things? Why does MiaB need to be different? I have never seen a mail server that required STARTTLS. SSL seems to an option for everyone else.
It would certainly be easier for me to get easier access to MiaB so that I don’t have to setup Postfix for every domain that I host. The main reason I wanted my own mail server was for my websites to have a clean mail server to work with.
I might also add that, depending on your use case, Gmail may decide to pause your account for 24 hours or 7 days or permanently. Small, personal usage they don’t care, but larger transactional mail is not what Google provides that service for. It’s buried somewhere in their ToS.
It would not be required to set up postfix for every domain that you host … you do however need a MTA on every web server itself so I would imagine that you, like most, have just one actual web server.
The issue is that the OP is not wanting to install a MTA. Perhaps your suggested nullmailer is a better option for the OP. I can only recommend postfix as it is what I personally have experience with, though I know that there are other options available which likely would even be preferable.