Feature #85501

streamline outgoing mail flow

Added by Andri Steiner over 3 years ago. Updated about 3 years ago.

Should have
Target version:
Start date:
Due date:
% Done:


Estimated time:


  • [INFO] from time to time, we run into some problems related to the fact that the outgoing mailsystems name does not match the reverse dns record
  • [INFO] in a perfect world, all mails sent with a @typo3.org address should leave our infrastructure through our central mailserver, where we ensure that everything is in order, and, for example, add DKIM records to each mail
  • [TODO] reconfigure our outgoing mailrelay servers to use our mailserver as relay
  • [TODO] reconfigure important applications to use our mailrelay or mailserver directly

Updated by Andri Steiner over 3 years ago

node['postfix']['main']['smtp_sasl_auth_enable'] = yes
node['postfix']['main']['relayhost'] = [mail.typo3.org] (from data bag)
node['postfix']['sasl']['smtp_sasl_user_name'] = xxx@typo3.org (from data bag)
node['postfix']['sasl']['smtp_sasl_passwd'] = xxx (from data bag)

Updated by Steffen Gebert over 3 years ago

wouldn't it make sense to point internal hosts to the mail relays so that we don't have to deal with passwords everywhere?


Updated by Steffen Gebert over 3 years ago

ah.. now after reading the first post.. :)


Updated by Steffen Gebert about 3 years ago

I'm done with IMHO 90% of this.

The mailrelays now forward mails via mail.typo3.org.

The last bit is to really use the mailrelay on all our servers. This change is up for review here: https://github.com/TYPO3-cookbooks/t3-base/pull/9


Updated by Michael Stucki about 3 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 10 to 100

This change has been rolled out today!

Remaining services (that don't use the local MTA) need to be configured in the same way. However, that is no longer a reason to keep this ticket open...

Also available in: Atom PDF