In this article, we will go through the process of setting up an external SMTP provider. This will enable ECS instances to connect to thrid-party SMTP services and send SMTP mail messages. In this example, we will integrate into smtp2go but the principles can be applied to any third-party provider.
Setup SMTP User
You will need an account and authentication credentials to connect to your third-party SMTP mail provider. Register and create a new user and set up credentials for the mail service. This will differ depending on the provider that you choose to use. In this example, we created 'firstname.lastname@example.org'.
The service provider will have specific instructions on the SMTP server address and SMTP ports that are available.
After you have a valid SMTP service account, you will need to 'proof' ownership of the domain from which you intend to send mail. This step is needed to ensure that SMTP mail servers do not reject the mail that you send out. To do this you will need to configure the DNS for the domain from which you send mail.
Cloud DNS configuration
To complete this step, you will need you own the domain and have permission to configure the DNS. Below shows the following Alibaba Cloud DNS records.
Depending on the service provider, you may need to add additional CNAME records to the domain DNS to facilitate verification by the third-party SMTP service provider. The service provider might also use CNAME records as a way to verify the domain key.
This record is needed to set the Sender Policy Framework record. (SPF). SPF is a special type of record that helps verify the mail domain and prevent email address forgery. mail messages for which the mail domains without cannot be verified through the SPF record will likely be rejected by the receiving mail server.
MX records are a special type of DNS record used for verifying mail. This record should point to the domain from which you send mail. By default when you own a domain you will also own the sub-domain 'mail.yourdomain.com'.
Source - Alibaba Cloud MX record
You check whether your domain has the MX record setup by using the following command. The domain name should resolve as expected.
nslookup -query=mx domain.com
Most SMTP providers offer a way to verify the domain that you intend to send mail from. This step of the process may be different depending on the SMTP provider. In our example, smtp2go provides a way to verify your ownership of the domain using DNS records.
SMTP mail client
Below shows an example of using a third-party email API service known as MailKit to send out SMTP mail. The snippet is shown is written in C# and is compatible with .Net Core. Follow the instructions from the third-party SMTP mail provider to integrate with the service.
By default, Elastic Compute Service (ECS) instances allow all outbound traffic so there is no need to configure the Security Group for connectivity to external SMTP providers.
Note that like most cloud service providers, Alibaba Cloud blocks port 25 by default. To use port 25 you may need to request access.