I am trying to setup Mattermost on a private server (i.e. self host).
I am coming to two conclusions.
Mattermost requires that the server has email functionality in order to send invites et cetera
Most email mechanisms will require that you own a domain name and should be able to manipulate the domain records (i.e. A record or MX record). I think that that using a gmail SMTP server relay doesn’t require it , but if you receive emails from a private server , you would have to select “Any IP address” as allowed sender, and that comes with it’s own concerns.
Any help in confirming or correcting my understanding would be appreciated.
ad 1) this is correct, but the server does not need to have this functionality, you can also configure an external SMTP host and send all mail there, no need to run a local MTA on the Mattermost box.
ad 2) Mattermost also supports SMTP authentication for sending mails, so you do not need to open up ports or reduce security anywhere in your mailing setup, just specify a gmail username/password in the SMTP configuration and you should be able to send mails via gmail then.
Regarding 2) upon having read this I understood that I have to configure SMTP email relay in order to use gmail, and from reading google workspace page I get the understanding that I would need to choose to allow sender emails from any address. Is this understanding incorrect ?
It depends. You can configure the from address Mattermost uses for sending notification mails, if this is set to the gmail address you’re using for authenticating against google, it will work because this address is already allowed.
If you authenticate with something@gmail.com to Google’s servers and want to use mattermost@mydomain.tld as the sender adresse, it will not work and you would need to allow any sender adresse in Google, but since you do not seem to want to have a separate domain for Mattermost anyways, this should not be a problem for you.
okay. I will give it a go. I had intended to use an email account from our google workspace as the notification email. I will let you know what I learn. Thanks
Thanks Alexander. You are correct. There was a bit of a kerfuffle caused by the requirement for the enabling of 2FA and an app specific password, but nonetheless I saw that “test connection” in the app sent an email to my different gmail account.
Thanks for reporting back.