Forum OpenACS Q&A: Re: Sending Emails via SMTP port 587

Collapse
7: Re: Sending Emails via SMTP port 587 (response to 1)
Posted by Tyge Cawthon on 03/18/25 11:51 PM
Excellent explanation. Thank you very much.

Our main Postfix Email server is external and is a differnet server then our OpenACS server.
As you know, to connect to a Postfix email server requires
Hostname
User name
password
Port 587

We know our Postfix email server works properly in that this is how devices sending and receiving emails from our Postfix servers work today.

It appears from reading your comments that an email server must be running on the same local server as OpenACS.
Just to verify my understanding.
Is it possible to connect OpenACS/NaviServer to an external Postfix email server without running Postfix (or some other email server) on the local OpenACS server?

Basically can we setup OpenACS similar as setting up the Thunderbird application; No localhost port 25 however,
relay to smtp.celtic-arts.org port 587 with user name and password for Authentication.
Or does nnsmtpd require an email server to be running on the local server as OpenACS using port 25 to relay to another external email server (Postfix)?

Trying to avoid having to support two Postfix email servers.

my reference:
https://bitbucket.org/naviserver/nssmtpd/src/main/

Our conifg.tcl file

smtpdport 587
#
ns_section "ns/server/${server}/module/nssmtpd" {
ns_param port $smtpdport
ns_param address smtp.labmaster.com
ns_param relay smtp.labmaster.com:587
ns_param spamd localhost
ns_param initproc smtpd::init
ns_param rcptproc smtpd::rcpt
ns_param dataproc smtpd::data
ns_param errorproc smtpd::error
ns_param relaydomains "smtp.labmaster.com"
ns_param localdomains "smtp.labmaster.com"

#
# Next section is for STARTTLS functionality:
#
ns_param certificate "pathToYourCertificateChainFile.pem"
#added by Tyge
#ns_param certificate "${serverroot}/etc/certfile.pem"
#ns_param certificate "/etc/letsencrypt/live/celtic-arts.org/fullchain.pem"
#"/var/www/oacs-5-10-0/etc/certfile.pem"
ns_param cafile ""
ns_param capath ""
ns_param ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE

Error:
"Must issue a STARTTSL command first"

We receive this error message with and without the ns_param certificate in use.
When using the pem file, we use the fully pem file used for HTTPS

Questions:
what pem file should we be using in the ns_param certificate?

Are these values correct? We are not sure what these are used for.
ns_param cafile ""
ns_param capath ""