Email out thru Gmail as domain riowing.net


riowing.net is a public facing ec2 instance, over which I have full control.
When we ask gmail to send out an email as name@riowing.net,
Gmail doesnt send out email with “MAIL FROM: <name@riowing.net>”, even though it is capable.
Instead, gmail request host riowing.net to send the email.
Authentication
gmail requires TLS. use Cyrus SASL
SASL: Simple Authentication Security Layer
Cyrus SASL library implementation
Config SASL
Install: apt-get install sasl2-bin libsasl2-modules
Create credential: saslpasswd2 -c -u riowing.net smtp
this create username smtp, enter password when prompted.
Notify Cyrus how to check password by editting /etc/postfix/sasl/smtpd.conf with:
pwcheck_method: auxprop
mech_list: PLAIN LOGIN
Create certificate, self signed:
create keypair: openssl genrsa -des3 -out smtpRioWing.key 1024
create signing request: openssl req -new -key smtpRioWing.key -out smtpRioWing.csr
remove password: openssl rsa -in smtpRioWing.key.orig -out smtpRioWing.key
make cert: openssl x509 -req -days 3650 -in smtpRioWing.csr -signkey smtpRioWing.key -out smtpRioWing.crt
create .pem: cat smtpRioWing.crt smtpRioWing.key > smtpRioWing.pem
Config Postfix:
Edit /etc/postfix/main.cf so that:
both smtpd_tls_cert_file and smtpd_tls_key_file point to /etc/postfix/smtpRioWing.pem

Edit /etc/postfix/master.cf this opens up 587
submission inet n – n – – smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=may was encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
sudo postfix reload
Security group on aws:
Make sure port 587 is listening: netstat -ltn |grep 587
Open it up.

Add rio@riowing.net to gmail account so that it appears as one option in From.
This is straighforward; just enter smtp domain name, user name and password.

Notes:
Email by telnet to port 587 with “AUTH LOGIN” with base64 user name and password also works.
Reference: https://jichu4n.com/posts/custom-domain-e-mails-with-postfix-and-gmail-the-missing-tutorial/amp/

Email2

BrightScript m variable


BrightScript is the language to program Roku streaming player.
The m keyword can be confusing.
code snippet from source/main.brs tagged with MvsThis, which stands for m vs this.

Function MvsThisCreate() as Object
	print "MvsThisCreate entered"
	obj = CreateObject("roAssociativeArray")
	obj.svc = "MvsThisSvc"
	obj.MvsThisFunc = MvsThisFunc
	obj.MvsThisFunc2 = MvsThisFunc2
	return obj
End Function

Function MvsThisFunc() as Void
	print "MvsThisFunc entered"
	print "MvsThisFunc m.svc="m.svc
	print "MvsThisFunc m.MvsThisFunc2="m.MvsThisFunc2
	print "MvsThisFunc MvsThisFunc2="MvsThisFunc2
	m.MvsThisFunc2("m.MvsThisFunc2")
	MvsThisFunc2("MvsThisFunc2")
End Function

Function MvsThisFunc2(str as String) as Void
	print "MvsThisFunc2 called by: "str
End Function

Function MvsThisTest() as Void
	print "MvsThisTest start"
	MvsThis = MvsThisCreate()
	MvsThis.MvsThisFunc()
	print "MvsThisTest done"
End Function

When we run MvsThisTest(), we get these output:

	MvsThisTest start
	MvsThisCreate entered
	MvsThisFunc entered
	MvsThisFunc m.svc=MvsThisSvc
	MvsThisFunc m.MvsThisFunc2=<Function: mvsthisfunc2>
	MvsThisFunc MvsThisFunc2=<Function: mvsthisfunc2>
	MvsThisFunc2 called by: m.MvsThisFunc2
	MvsThisFunc2 called by: MvsThisFunc2

As shown above, m is for accessing data in roAssociativeArray from roAssociativeArray’s function fields.
Calling m.MvsThisFunc2( and MvsThisFunc2(, without the m. are the same thing when the object is roAssociativeArray.
Calling m.MvsThisFunc2() doesn’t work if the object is SceneGraph node, e.g. loaded as xml file.

Customized email address


Goal: setup me@riowing.net and forward to RioCnC@gmai.com
done by MTA postfix

Steps:
Domain server: point MX record to riowing.net
OS: user rio must exist since me@riowing.net is alias of rio@riowing.net
Email server: AWS EC2 named riowing.net, Ubuntu18
Install postfix: apt-get install postfix
Config:
vi /etc/postfix/main.cf
add this line: myhostname = riowing.net
virtual_alias_domains is not involved here since no virtual domain
vi /etc/aliases
add this line: me: rio
run this: sudo postmap /etc/postfix/virtual
create this file: sudo vi /etc/postfix/virtual
add this line: rio@riowing.net RioCnC@gmail.com
run this: sudo newaliases
Check status:
#service postfix status
#netstat -ltnp | grep 25
AWS:
contact AWS support to unblock outgoing port 25, which is blocked by default.
open incoming port 25 from security group.
Notes: IMAP and POP3 are not configured since emails are forwarded to gmail.
Debugging:
Telnet to port 25 and watch response to commands such as “RCPT TO”
log files: /var/log/mail.log and mail.err
restart server: sudo service postfix restart or reload

email

DNS


Using my domain, riowing.net, on DNS domains.google.com as example.

Here are some output of nslookup:

nslookup.exe tech.riowing.net
Server: resolver1.opendns.com. DNS used since we didn’t explicitly say which one to use
“Non-authoritative answer” because tech.riowing.net is not directly on this server
Address: 52.8.195.114 this is the IP returned for tech.riowing.net
To get rid of the word “Non-authoritative”, we do:
nslookup.exe tech.riowing.net ns-cloud-c1.googledomains.com

nslookup.exe -qt=mx riowing.net
riowing.net MX preference = 10, mail exchanger = riowing.net
Therefore, emails to me@riowing.net go to host riowing.net, which is also my email server name.

“Registered hosts” or “glue records” is to avoid loop when name server used is subdomain, e.g. dns.riowing.net. I don’t need this since I use Google Domains nameservers instead of my own, e.g. ns-cloud-c1.googledomains.com