Email service

Send emails from AEM as a Cloud Service by configuring AEM’s DefaultMailService to use advanced networking egress ports.

Because (most) mail services do not run over HTTP/HTTPS, connections to mail services from AEM as a Cloud Service must be proxied out.

• smtp.host is set to the OSGi environment variable $[env:AEM_PROXY_HOST;default=proxy.tunnel] so it is routed through the egress.
  • $[env:AEM_PROXY_HOST] is a reserved variable that AEM as a Cloud Service maps to the internal proxy.tunnel host.
  • Do NOT attempt to set the AEM_PROXY_HOST via Cloud Manager.
• smtp.port is set to the portForward.portOrig port that maps to the destination email service’s host and port. This example uses the mapping: AEM_PROXY_HOST:30465 → smtp.sendgrid.com:465.
  • The smpt.port is set to the portForward.portOrig port, and NOT the SMTP server’s actual port. The mapping between the smtp.port and the portForward.portOrig port is established by the Cloud Manager portForwards rule (as demonstrated below).

Since secrets must not be stored in code, the email service’s username and password are best provided using secret OSGi configuration variables, set using AIO CLI, or the Cloud Manager API.

Typically, flexible port egress is used to satisfy integrating with an email service unless it is necessary to allowlist the Adobe IP, in which case dedicated egress ip address can be used.

Additionaly, review AEM documentation on sending e-mail.

Advanced networking support

The following code example is supported by the following advanced networking options.

Ensure the the appropriate advanced networking configuration has been set up prior to following this tutorial.

OSGi configuration

This OSGi configuration example configures AEM’s Mail OSGi Service to use an external mail service, by way of the following Cloud Manager portForwards rule of the enableEnvironmentAdvancedNetworkingConfiguration operation.

...
"portForwards": [{
    "name": "smtp.mymail.com",
    "portDest": 465,
    "portOrig": 30465
}]
...

• ui.config/src/jcr_root/apps/wknd-examples/osgiconfig/config/com.day.cq.mailer.DefaultMailService.cfg.json

Configure AEM’s DefaulMailService as required by your email provider (e.g. smtp.ssl, etc.).

{
    "smtp.host": "$[env:AEM_PROXY_HOST;default=proxy.tunnel]",
    "smtp.port": "30465",
    "smtp.user": "$[env:EMAIL_USERNAME;default=myApiKey]",
    "smtp.password": "$[secret:EMAIL_PASSWORD]",
    "from.address": "noreply@wknd.site",
    "smtp.ssl": true,
    "smtp.starttls": false,
    "smtp.requiretls": false,
    "debug.email": false,
    "oauth.flow": false
}

The EMAIL_USERNAME and EMAIL_PASSWORD OSGi variable and secret can be set per environment, using either:

• Cloud Manager Environment Configuration

• or using the aio CLI command

  $ aio cloudmanager:set-environment-variables --programId=<PROGRAM_ID> <ENVIRONMENT_ID> --secret EMAIL_USERNAME "myApiKey" --secret EMAIL_PASSWORD "password123"