[GH-ISSUE #5] key/pem handling for smtp #4

New issue

Closed

opened 2026-03-15 12:01:38 +03:00 by kerem · 3 comments

kerem commented 2026-03-15 12:01:38 +03:00

Owner

Copy link

Originally created by @paulbalomiri on GitHub (Aug 6, 2022).
Original GitHub issue: https://github.com/axllent/mailpit/issues/5

trying here to configure smtps and STARTTLS (optional) for the docker image.
I can also rebuild the docker image [EDIT id nessesary ] and already have let'sencrypt the key & cert.

The wiki's smtp page mentions the config options --smtp-ssl-cert and --smtp-ssl-key

I can not set them, though & don't know if it is possible from env variables too (trying to avoid the execute docker config service option if possible.

Edit 2: The codebase's config.go also does not mention these options...

Thumbs up for the project 👍

Originally created by @paulbalomiri on GitHub (Aug 6, 2022). Original GitHub issue: https://github.com/axllent/mailpit/issues/5 trying here to configure `smtps` and `STARTTLS` (optional) for the docker image. I can also rebuild the docker image [**EDIT** id nessesary ] and already have let'sencrypt the key & cert. The [wiki's smtp page](https://github.com/axllent/mailpit/wiki/SMTP-with-STARTTLS-and-authentication) mentions the config options `--smtp-ssl-cert` and `--smtp-ssl-key` I can not set them, though & don't know if it is possible from env variables too (trying to avoid the `execute` docker config service option if possible. **Edit 2**: The codebase's config.go also does not mention these options... Thumbs up for the project 👍

kerem referenced this issue 2026-03-15 12:01:38 +03:00

[GH-ISSUE #4] SMTP doesn't support AUTH #5

kerem closed this issue 2026-03-15 12:01:43 +03:00

kerem commented 2026-03-15 12:01:50 +03:00

Author

Owner

Copy link

@paulbalomiri commented on GitHub (Aug 6, 2022):

ah, now saw your commit from 2hrs ago:

github.com/axllent/mailpit@56fdaa1224

Does this mean the MP_SSL* are taken from the web UI?

github.com/axllent/mailpit@ba8c4cd2aa/cmd/root.go (L96-L103)

My usecase is served best if i can reverse proxy the UI with traefik, but expose the smtp endpoint as is on a dedicated port (no virtual hosts for smtp)

<!-- gh-comment-id:1207183245 --> @paulbalomiri commented on GitHub (Aug 6, 2022): ah, now saw your commit from 2hrs ago: https://github.com/axllent/mailpit/commit/56fdaa1224fbdb768758889fd8e18fb3bfada309 Does this mean the `MP_SSL*` are taken from the web UI? https://github.com/axllent/mailpit/blob/ba8c4cd2aa58c2add42ed1e007506a48c765768a/cmd/root.go#L96-L103 My usecase is served best if i can reverse proxy the UI with traefik, but expose the smtp endpoint as is on a dedicated port (no virtual hosts for smtp)

kerem commented 2026-03-15 12:01:55 +03:00

Author

Owner

Copy link

@axllent commented on GitHub (Aug 6, 2022):

@paulbalomiri It seems there is some confusion, probably caused by me trying to edit multiple documents at the same time.

So to answer your question(s), MP_SSL_KEY & MP_SSL_CERT have been replaced with MP_UI_SSL_CERT and MP_UI_SSL_KEY - but these are for the web UI, not SMTP (and in saying that I just realized I have a typo in my code so I have just released 0.1.1). What you are looking for has now been documented in the wiki - MP_SMTP_SSL_CERT & MP_SMTP_SSL_KEY.

Hopefully this answers your questions, and thanks for the heads-up.

Edit: traefik handling HTTPS (provided you have something specific in your config to handle the websocket path api/catchall/events - or maybe traefik handles that automatically, I don't know) and direct forwarding to STARTTLS should work as expected - provided you have valid certs (or accept "insecure" (not validated) certs.

Edit 2: I haven't fully tested all those options via docker (yet), though they should work as expected provided I didn't make any more dumb typos :)

<!-- gh-comment-id:1207197879 --> @axllent commented on GitHub (Aug 6, 2022): @paulbalomiri It seems there is some confusion, probably caused by me trying to edit multiple documents at the same time. So to answer your question(s), `MP_SSL_KEY` & `MP_SSL_CERT` have been replaced with `MP_UI_SSL_CERT` and `MP_UI_SSL_KEY` - but these are for the web UI, not SMTP (and in saying that I just realized I have a typo in my code so I have just released 0.1.1). What you are looking for has now been documented in the [wiki](https://github.com/axllent/mailpit/wiki/Runtime-options) - `MP_SMTP_SSL_CERT` & `MP_SMTP_SSL_KEY`. Hopefully this answers your questions, and thanks for the heads-up. Edit: traefik handling HTTPS (provided you have something specific in your config to handle the websocket path `api/catchall/events` - or maybe traefik handles that automatically, I don't know) and direct forwarding to STARTTLS should work as expected - provided you have valid certs (or accept "insecure" (not validated) certs. Edit 2: I haven't fully tested all those options via docker (yet), though they should work as expected provided I didn't make any more dumb typos :)

kerem commented 2026-03-15 12:02:00 +03:00

Author

Owner

Copy link

@paulbalomiri commented on GitHub (Aug 6, 2022):

#6 and #7 both solve a minor issue regarding this.

Thanks for this great Repo @axllent !

<!-- gh-comment-id:1207239960 --> @paulbalomiri commented on GitHub (Aug 6, 2022): #6 and #7 both solve a minor issue regarding this. Thanks for this great Repo @axllent !

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

master

v1.29.7

v1.29.6

v1.29.5

v1.29.4

v1.29.3

v1.29.2

v1.29.1

v1.29.0

v1.28.4

v1.28.3

v1.28.2

v1.28.1

v1.28.0

v1.27.11

v1.27.10

v1.27.9

v1.27.8

v1.27.7

v1.27.6

v1.27.5

v1.27.4

v1.27.3

v1.27.2

v1.27.1

v1.27.0

v1.26.2

v1.26.1

v1.26.0

v1.25.1

v1.25.0

v1.24.2

v1.24.1

v1.24.0

v1.23.2

v1.23.1

v1.23.0

v1.22.3

v1.22.2

v1.22.1

v1.22.0

v1.21.8

v1.21.7

v1.21.6

v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.21.1

v1.21.0

v1.20.7

v1.20.6

v1.20.5

v1.20.4

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.3

v1.19.2

v1.19.1

v1.19.0

v1.18.7

v1.18.6

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.17.1

v1.17.0

v1.16.0

v1.15.1

v1.15.0

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.1

v1.12.0

v1.11.1

v1.11.0

v1.10.4

v1.10.3

v1.10.2

v1.10.1

v1.10.0

v1.9.10

v1.9.9

v1.9.8

v1.9.7

v1.9.6

v1.9.5

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.7.1

v1.7.0

v1.6.22

v1.6.21

v1.6.20

v1.6.19

v1.6.18

v1.6.17

v1.6.16

v1.6.15

v1.6.14

v1.6.13

v1.6.12

v1.6.11

v1.6.10

v1.6.9

v1.6.8

v1.6.7

v1.6.6

v1.6.5

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.5

v1.5.4

v1.5.3

v1.5.2

v1.5.1

v1.5.0

v1.4.0

v1.3.11

v1.3.10

v1.3.9

v1.3.8

v1.3.7

v1.3.6

v1.3.5

v1.3.4

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.2.9

v1.2.8

v1.2.7

v1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.7

1.1.6

1.1.5

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.0

1.0.0-beta1

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

0.0.9

0.0.8

0.0.7

0.0.6

0.0.5

0.0.4

0.0.3

0.0.2

0.0.1-beta

Labels

Clear labels   

awaiting feedback

  

bug

  

docker

  

documentation

  

enhancement

  

github_actions

  

invalid

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

wontfix

No labels

awaiting feedback

bug

docker

documentation

enhancement

github_actions

invalid

pull-request

question

stale

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/mailpit#4

No description provided.