jocke/bilhej
1
0
Fork 0
Code Issues Pull requests 2 Projects Releases 1 Packages Wiki Activity Actions
bilhej/docs/production-email-checklist.md
Joakim Mörling bce2447238 Rework contact page emails and simplify mailto actions. 
- Add support@bilhej.se for orders and technical issues
- Move complaints to klagomal@bilhej.se instead of personal Gmail
- Show one mailto chip per card instead of duplicate link and button
- Update ContactPage tests and production email checklist for all @bilhej.se addresses

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-22 13:51:20 +02:00

3.2 KiB
Raw Blame History

Production email with Resend (operator)

BilHej sends password-reset mail via SMTP (Spring JavaMailSender). You do not need the Resend Java SDK from their onboarding snippet—only env vars on the server.

Security

  • Never commit re_... keys to git. Put them only in the server .env.
  • If an API key was pasted in chat or logs, revoke it in Resend → API Keys and create a new one.

1. Verify bilhej.se in Resend

  1. ResendDomains → add bilhej.se
  2. Add the DNS records Resend shows (SPF, DKIM; DMARC optional) at your domain registrar
  3. Wait until status is Verified

Until the domain is verified, MAIL_FROM=noreply@bilhej.se will fail. For a quick API test only, Resend allows onboarding@resend.dev → your own inbox—not for production.

2. Production .env (SMTP, not SDK)

On the server (file used by docker-compose.prod.yml):

APP_PUBLIC_BASE_URL=https://bilhej.se
MAIL_HOST=smtp.resend.com
MAIL_PORT=587
MAIL_USERNAME=resend
MAIL_PASSWORD=re_your_new_api_key_here
MAIL_FROM=noreply@bilhej.se
Variable Resend value
MAIL_USERNAME Always the literal string resend
MAIL_PASSWORD Your API key (re_...)
MAIL_FROM Any address on verified domain, e.g. noreply@bilhej.se

3. Deploy

Run Deploy to Production in Forgejo (pipeline only—no manual rsync).

4. Smoke test

  1. https://bilhej.se/logga-inGlömt lösenord?
  2. Email that exists in users
  3. Check inbox and spam
  4. Resend dashboard → Emails should show the send
  5. On failure: docker logs bilhej-backend-prod 2>&1 | grep -i mail

Fallback: reset links still log when MAIL_HOST is empty.

Local dev

Keep using Mailpit (docker compose up, http://localhost:8025). Do not point local Docker at Resend unless you intend to send real mail.

5. Inbound email on bilhej.se

Inbound mail uses Resend Receiving on the root domain bilhej.se. No mailbox is created in Strato; the MX record routes all @bilhej.se addresses to Resend. You do not create each address separately in Resend.

Setup (done once):

  1. Resend → Domainsbilhej.se → enable Receiving
  2. Strato → DNS → add the receiving MX record (e.g. inbound-smtp.eu-west-1.amazonaws.com)
  3. Wait until Resend shows receiving as Verified
  4. Send test mail to support@bilhej.se and kontakt@bilhej.se; confirm both appear under Emails → Receiving

Reading mail: open the Resend Receiving inbox. There is no automatic forward to Gmail unless you add a webhook handler later.

Address Purpose Where mail goes
support@bilhej.se Orders, Swish, status, technical issues Resend dashboard
kontakt@bilhej.se General contact, printed letter footer Resend dashboard
klagomal@bilhej.se Complaints (shown on /kontakt) Resend dashboard
noreply@bilhej.se Outbound only (password reset) Not an inbox

Optional later (same Resend inbox, no extra DNS): abuse@bilhej.se if you want a published address for misuse reports; privacy@bilhej.se if integritetspolicy asks for a dedicated data-protection contact.