/
Installing and Configuring outgoing mail

Installing and Configuring outgoing mail

Owned by Mike Tango Bravo
Last updated: Nov 22, 2024
4 min read

For different services, we need to be able to send email messages. For example, when someone registers a new tasting experience for YDIYOI or mints and NFT, we need to send an email message to the winery. Or when a token holder redeems bottles of wine, we should be able to send a confirmation email to the token holders email address.

This requires setting up an SMTP server that can deliver email on our server. Unfortunately, most hosting providers block port 25 for outgoing SMTP, so we need to configure an SMTP relay.

Fortunately, OpenVino uses http://protonmail.ch We are big fans of the secure, encrypted service ProtonMail offers and have been “Visionary” subscribers for some time. But to use ProtonMail as a “headless” service from the command-line requires that we setup a few things:

Postfix - the popular SMTP server for linux (replacement for sendmail)

Protonmail Bridge - an encrypted relay that receives connections from Postfix and forwards messages over an encrypted channel to Protonmail.

pass - a password encryption storage program

Create new email account

First, create a new email account on protonmail (paid subscription). In this case: NFT@OpenVino.org

This is done on settings for http://protonmail.com

Install postfix

Install the postfix packages:

sudo apt-get install postfix

Configure postfix

Edit the postfix main.cf file

relayhost = [127.0.0.1]:1025

Comment out the line

#smtp_tls_CApath = /etc/pki/tls/certs

Add the following at the end of the file

The canonical file needs to be updated, by adding the following last line:

Next the SMTP account details we got from ProtonMails (which will be different from the login account details.)

Secure this file

Run Postmap to generate the DB file

Since postfix will be connecting to the bridge with STARTSSL, it will need to validate the bridge certificate. Symlinking the self-signed certificate will be necessary:

Restart postfix

Install the Protonmail bridge

Download the protonmail bridge

Download the public key `bridge_pubkey.gpg` to the current working directory 

Add the key signature to the package repository

Check the integrity of the package

Install protonmail bridge

Install the mailx command-line email client:

Install pass:

Create a passphrase-free a gpg key:

This creates a new password database in pass (pass calls the database password store). And the GPG key ProtonMail Bridge can be used to open the database.

We have to set up protonmail-bridge interactively in advance. First, start the protonmail-bridge in command-line mode:

Start ProtonMail Bridge in command-line mode

Login to Protonmail:

Set protonmail-bridge in split mode

Find the SMTP settings for nft@openvino.org

Create a service file

Configure postfix

Edit the postfix main.cf file

Comment out the line

Add the following at the end of the file

The canonical file needs to be updated, by adding the following last line:

Next the SMTP account details we got from ProtonMails (which will be different from the login account details.)

Secure this file

Run Postmap to generate the DB file

Since postfix will be connecting to the bridge with STARTSSL, it will need to validate the bridge certificate. Symlinking the self-signed certificate will be necessary:

Restart postfix