DEV Community

loading...

Discussion on: How To Build an SMTP Mail Server with Express, Node, and Gmail

Collapse
valeriavg profile image
Valeria

This implementation has several problems, first of all, it's not an SMTP server, instead it relies on Gmail SMTP server. Secondly, Gmail allows this only with a lowered security setting and even so it'll keep sending emails to check if you still want this behaviour, randomly blocking that account.

And the last one is nitpicking, but I'll mention anyway: it's better to have a service that can be scaled both vertically and horizontally, therefore you don't really need your own cluster implementation

Collapse
mrrcollins profile image
Ryan Collins

I would agree. Also, instead of using Gmail, hook it into the API of Amazon SES, Sendgrid, Mailgun, etc. Or, roll your own email sending server (yes, that is still possible 😎 ).

Collapse
killshot13 profile image
Michael R. Author

I will definitely look at expanding functionality to include various email services and update the code and this tutorial accordingly. Thank you for the feedback, @mrrcollins .

Collapse
killshot13 profile image
Michael R. Author • Edited

@valeriavg I appreciate the constructive criticism, and I agree there is always room for improvement.

Sorry for any confusion regarding the usage of Gmail's built-in SMTP server; just so everyone is on the same page, this is not a fully self-sufficient application.

You are also correct that whatever Gmail account is used must employ lower security settings, so you would generally not want to use your personal email account.

For anyone wishing to use this application for a personal website, I recently updated the code to include support for ethereal.email accounts. These accounts are normally used for testing, but can also be used functionally to mitigate the security risk since the accounts are generated at random.

On the business side of things, anyone using Google Workspaces or a similar user management platform can easily generate a no-reply email endpoint based on their domain name and configure the permissions in their admin dashboard.

Hope this helps!