I cant get my email sending to work on my instance. After trying for hours, i wanted to ask for some support here since im quite stuck and dont understand.
I installed Lemmy using ansible so everything is set up in a very standard way - except email.
I want my instance to send email to an external smtp server (Fastmail) whenever there is a need to send an email (user registration, password reset, etc).
Currently the email settings in lemmy.hjson looks like this:
email: {
smtp_server: "postfix:25"
smtp_login: "[email protected]"
smtp_password: "fastmail_user_password_here"
smtp_from_address: "[email protected]"
tls_type: "tls"
}
It seems like i need to have postfix:25 as the smtp server. What i really want is to put smtp.fastmail.com:465 here since thats what i want to use to send email. But that doesnt seem to work.
So I understand I need to send email through postfix, but then I wonder, how should the config look like to send emails to smtp.fastmail.com on port 465 (which is what they have on fastmail), with a specific username and password used on the fastmail server?
I think a lot of people are having issues with the email part of the setup, judging from the many reports of spinning buttons on user signup… this is a very likely reason, specially since there is no error message to the user.
Please help me sort this out, how should i configure this?
EDIT:
Ok after a lot of experiments and help from people below, this was the solution.
email: {
smtp_server: "smtp.fastmail.com:587"
smtp_login: "[email protected]"
smtp_password: "password"
smtp_from_address: "[email protected]"
tls_type: "starttls"
}
Using this, email sending finally works. I couldnt use something else in the smtp_from_address. Which means my real email gets shown to users, so I will probably create another email address for this purpose completely.
Also specific to Hetzner instances, they dont block port 487 so you can use that with starttls.
yeah they block 465 but not 587, so i can connect to it with starttls. But dont get any emails, so something else is wrong…
If it successfully connects on 587, but you’re not getting mail, then it might be your
fromaddress.I’m not sure about fastmail, but on my email provider, the “from” address has to be valid and assigned to the login account. Most reputable providers enforce this to prevent email spoofing. It is also required so DKIM signing and SFP records can be validated against the domain of the “from” address.
I’m sure what you posted here are pseudo values, but is your
noreply@lemmy.todayaddress valid in your fastmail account or at least under the same domain? If not, then try setting the “from” address to the address you use to log in.No the fastmail account doesnt know anything about the lemmy.today address, so this could be an issue. And I dont have any DKIM or SFP records in my DNS. I could add that though, maybe thats a good next step?
But i tried to put the email I log in with as the “noreply” address, and I still dont any emails.
At least the signup page doesnt freeze up anymore, since it seemingly can talk to the email server, but no emails arrive. I also cant find anything in the logs about errors… i do “docker compose logs -n 100” to get the last 100 rows from each container but no errors there.
From Lemmy’s perspective, it’s probably sending the email out just fine.
Many, if not most, providers will silently drop messages that it thinks have spoofed “from” addresses. If not the sending provider, then the recipient email server.
Long story short, if your “from” address is not linked to your login address, then it’s probably going to be considered spoofed and treated as spam by at least one email server in the chain.
Edit: yeah, if your from address is under a domain where you have control of DNS, try adding fastmail to your SPF record.
You’d also need to add a DKIM record to provide their public signing key. Most providers also expect a DMARC record and policy for the “from” domain, too. Been a good while since I last set up a 3rd party to send under one of our domains, but I think that’s all we had to do on our end.Yep I think so too. I turned off emails now but will try to figure something out later. Thanks for your help!