diff options
Diffstat (limited to 'tutors')
-rw-r--r-- | tutors/email/index.php | 101 | ||||
-rw-r--r-- | tutors/email/migrate.php | 22 | ||||
-rw-r--r-- | tutors/email/proposal.php | 34 |
3 files changed, 100 insertions, 57 deletions
diff --git a/tutors/email/index.php b/tutors/email/index.php index 08139e1..49e430a 100644 --- a/tutors/email/index.php +++ b/tutors/email/index.php @@ -1,64 +1,105 @@ +<!-- + set up mail forwarding from existing tutor emails to personal emails (one-way) +- disable dnssec on google domains +- unlock google domain +- transfer to porkbun via ui with google domains token; approve transfer on google domains +- clone 53hor.net DNS records into porkbun domain +- turn on dnssec for porkbun domain +- turn on ssl certificate generation for porkbun domain +--> + <?php include('../../header.php'); ?> + <section class="banner"> - <h1>Email Setup</h1> + <h1>Email setup</h1> </section> <section class="quiet flexible"> <div> <p> - This guide is for Gmail users only. While most of this guide will also be applicable to other mail providers, additional steps may be required. + Every tutor is expected to use a @carpentertutoring.com email address to facilitate client communication. This guide will walk you through setting up your email from scratch and configuring your mail client to use it. </p> - <h2>Receiving Mail</h2> - <p> - Once your <a href="/">carpentertutoring.com</a> email address is created, you will receive a verification email. In order to receive mail in your personal address from this alias, you will have to click the confirmation link in the verification email. Once complete, you can start receiving mail immediately. + You have two options for using your new email address. The first is <em>standalone</em> which allows you to use the mail client of your choice to send and receive mail. Some popular desktop clients are Mail for Windows 10, Thunderbird </p> - <h2>Sending Mail</h2> + <?php + if (empty($_POST['password'])) { + ?> + <h2>Create a mail account</h2> + <form method="post" action="/tutors/email/index.php#submit"> + <label for="email">Your Carpenter Tutoring email address + <input type="email" name="email" placeholder="firstnamelastinitial@carpentertutoring.com" pattern=".*@carpentertutoring.com$" required /> + </label> + + <label for="password">Your new Carpenter Tutoring email password + <input type="password" name="password" minlength="8" placeholder="8 character minimum" required /> + </label> + + <input type="submit" value="View your mail config" /> + </form> + <? + } + ?> + + <?php + if (!empty($_POST['password'])) { + ?> + <h2 id="submit">Connection details</h2> + + <pre> +SMTP server: mail.53hor.net +Connection security: STARTTLS +Authentication method: normal password +SMTP port: 587 +SMTP username: <?php printf($_POST['email']) ?> + +Password: use the password you just submitted + +IMAP server: mail.53hor.net +Connection security: STARTTLS +Authentication method: normal password +IMAP port: 143 +IMAP username: <?php printf($_POST['email']) ?> + +Password: use the password you just submitted + +</pre> + <?php + } + ?> + <h2>Optional Gmail forwarding</h2> + + <h3>Receiving Mail</h3> <p> - Sending mail from your <a href="/">carpentertutoring.com</a> address requires a small amount of setup. + Once your <a href="#">carpentertutoring.com</a> email address is created, you will begin receiving forwarded email in your Gmail inbox. </p> - <h3>App Password</h3> + <h3>Sending mail from Gmail</h3> <p> - Google 2-Step Verification requires you to first generate an App Password for your personal Gmail account. Note that <em>you must have 2-Step Verification turned on for your account in order to forward sent mail to your Carpenter Tutoring alias</em>. You can verify whether you have 2-Step Verification turned on for your Google account by <a href="https://myaccount.google.com/signinoptions/two-step-verification">visiting this link to your Google account settings</a>. If 2-Step Verification is turned off, turn it on and proceed with the following steps. + Sending mail from your <a href="#">carpentertutoring.com</a> address via Gmail requires a small amount of setup. </p> <p> - <ol> - <li>On your computer, open <a href="https://myaccount.google.com/apppasswords" target="_blank">App Passwords</a>.</li> - <li>In the bottom of the window, click <em>Select app</em> and choose <em>Mail</em> from the list.</li> - <li>Click <em>Select device</em> and choose <em>Other...</em> and enter "Carpenter Tutoring" in the box.</li> - <li>Click <em>Generate</em>. You will see 16 letters and numbers in a yellow box. Copy this or write it down for the next step.</li> - <li>Click <em>Done</em>. Keep in mind you will not be able to see the App Password anymore. If you forget it before the next step, you will have to create a new one.</li> - </ol> - </p> - - <p> - - <h3>Mail forwarding</h3> <ol> <li>On your computer, open <a href="https://mail.google.com" target="_blank">Gmail</a>.</li> <li>In the top right, click settings (⚙️) and then <em>See all settings</em>.</li> <li>Click the <em>Accounts and import</em> or <em>Accounts</em> tab.</li> <li>In the "Send mail as" section, click <em>Add another email address</em>.</li> - <li>Enter your name and the address you want to send from. This will be your <a href="/">carpentertutoring.com</a> address. Leave the "Treat as an alias" box checked.</li> + <li>Enter your name and the address you want to send from. This will be your <a href="#">carpentertutoring.com</a> address. Leave the "Treat as an alias" box checked.</li> <li>Click <em>Next Step</em>.</li> - <li>For the "SMTP server" enter <em>smtp.gmail.com</em>. Select <em>465</em> for the port.</li> - <li>For the username and password you will enter your personal Gmail address (with "@gmail.com" suffix) and the App Password you generated in the previous step.</li> - <li>Check "Secured connection using SSL (recommended)" and click <em>Add Account</em>.</li> + <li>For the "SMTP server" enter <em>mail.53hor.net</em>. Select <em>587</em> for the port.</li> + <li>For the username and password you will enter your new Carpenter Tutoring address (with "@carpentertutoring.com" suffix) and the password you submitted in the previous step.</li> + <li>Check "Secured connection using TLS (recommended)" and click <em>Add Account</em>.</li> + <li>Gmail will prompt you to verify your new address. You should receive a confirmation code in your inbox, forwarded from your <a href="#">carpentertutoring.com</a> address. Use it to complete the alias setup.</li> <li>Return to the "Send mail as" section on the settings page and look for "When replying to a message." Check "Reply from the same address the message was sent to." This will ensure you respond to tutoring inquiries with your Carpenter Tutoring address and personal mail with your Gmail address.</li> - </ol> + </ol> </p> - - <p>Now you should be able to immediately send mail as your Carpenter Tutoring alias. To test this, compose a new message an check the "From" box. You should see a menu there where you can choose which address to send mail from.</p> - - <p>Thank you for being a part of Carpenter Tutoring!</p> </div> </section> diff --git a/tutors/email/migrate.php b/tutors/email/migrate.php deleted file mode 100644 index 60e6c15..0000000 --- a/tutors/email/migrate.php +++ /dev/null @@ -1,22 +0,0 @@ -- set up mail forwarding from existing tutor emails to personal emails (one-way) -- disable dnssec on google domains -- unlock google domain -- transfer to porkbun via ui with google domains token; approve transfer on google domains -- clone 53hor.net DNS records into porkbun domain -- turn on dnssec for porkbun domain -- turn on ssl certificate generation for porkbun domain - -now every tutor needs manual action to be able to send mail again - -every tutor needs to generate a password and submit the encrypted password to carpenter tutoring. this secret exchange still needs to be worked out - -whether configuring gmail alias or setting up another mail client, steps are the same as before but the imap and smtp settings need to be changed - -mta: mail.53hor.net -starttls for all ssl settings -143 for imap -587 for smtp -username is @carpentertutoring email -password is TBD - -also the homepage mailer needs to be updated, preferably with its own email address which goes back to amy diff --git a/tutors/email/proposal.php b/tutors/email/proposal.php index 81e94d6..84d7daf 100644 --- a/tutors/email/proposal.php +++ b/tutors/email/proposal.php @@ -51,21 +51,45 @@ For these reasons, Squarespace cannot be considered a viable alternative to Google Domains. A third-party replacement is required to maintain existing operability and costs. </p> + <h2>Path of equivalent cost and minimal functionality</h2> + + <p> + Porkbun also offers one-way email forwarding for $3.00 per address per year. For ten tutors this would be $30.00 billed annually and does not account for domain registration costs. While much more affordable, it is critical for tutors to be able to send mail to clients as well as receive it. Therefore this is not an option. + </p> + <h2>Path of higher cost and equivalent functionality</h2> - <h2>Path of equivalent cost and minimal functionality</h2> + <p> + To quickly get set up and running again with little operational overhead, Porkbun offers mail hosting for $2.00 per month per inbox. For ten tutors this would be $240.00 billed annually and does not take into account the domain registration costs. Every tutor would receive a dedicated webmail interface and be able to configure two-way forwarding just like they had previously. As the number of tutors grows, this starts to become less cost-effective compared to other options. + </p> <h2>Path of low cost and increased functionality</h2> + <p> + The optimal solution that provides the lowest cost and the highest comparable functionality is transferring domains only to Porkbun and implementing self-hosted email on the Carpenter Tutoring web server. This will provide a virtually unlimited number of tutors with a virtual unlimited capacity mailbox each. It also provides Carpenter Tutoring with greater control over company data and communications. Additional forwarding addresses can be constructed for information "blurb"s or mailing lists. + </p> + + <p> + The cost of this solution is the accounted for domain registration fee ($9.73 renewal, $11.48 one-time transfer). The operating cost of the mail server is the electricity powering the existing homepage and Nextcloud instance. + </p> + <h2>Architecture</h2> - <h2>Implementation</h2> + <p> + Here is a rough architectural overview. + Porkbun registers the domain name and DNS configuration pointing MX records to MTA mail.53hor.net. At mail.53hor.net are an SMTP server and an IMAP server. Every tutor gets a virtual user and mailbox and the appropriate configuration to use any mail client of their choice. + </p> - <h2>Security considerations</h2> + <p> + Spam filters prevent unwarranted and unwanted messages from arriving on all tutors' inboxes. Common rules can be set up to redirect known spam away from inboxes and into junk for all tutors. Additionally, DKIM is configured to make sure mail is delivered to major tech mail providers (Google, Microsoft, Apple) who require it. + </p> - <h2>Cost considerations</h2> + <h2>Implementation</h2> + + <p>OpenSMTPD is used as an MTA, sending mail and running the necessary actions on incoming and outgoing mail requests. Dovecot exists as an IMAP virtual mailbox for tutors to authenticate with and check mail. Rspamd is a spam filter integrating with Dovecot. + </p> - <h2>Uptime/resiliency considerations</h2> + <p>Useful starting information <a href="https://www.davd.io/tags/mail/">here</a>.</p> </div> |