Outgoing mail configuration
Settings related to mail sent by Moodle can be found in 'Outgoing mail configuration' in Site administration -> Server -> Email.
The setting 'Allowed email domains' (allowedemaildomains) allows you to enter domains allowed by your mail server so that forum post notification emails can be sent from users' real addresses. It accepts a wildcard for conveniently adding a lot of domains (*.example.com - tim@first.example.com), or a strict match (example.com - tim@example.com).
If allowed domains are set then the user's email address will be used in the "From" and "Reply to" field only in the following situations:
- The email matches the allowed domains, and the user's setting is to display their email address to everyone.
- The email matches the allowed domains, and the user's setting is to display their email only to course members, and the email is to be delivered to a course member.
All other situations use the no-reply address.
The setting 'Email via information' (emailfromvia) adds via information in the From section of outgoing email to inform the recipient where the email came from:
Name (via shortname) <noreplyaddress>
'shortname' is the short name for the site as set in the front page settings.
NOTE: You can also use Google gMail servers or AMAZON AWS SES Simple Email Services to setup SMTP relay for your outbound emails. For example, see this post on sending emails from Moodle with Google's mail relay (not a Gmail account).
DKIM
For advanced DKIM setup this is usually done at the MTA such as postfix e.g. using a 'milter' like opendkim.
However, there are advantages to doing this in Moodle directly such as when you have limited control over the way your email is being sent. Also by having it in Moodle it can be easier to manage.
In 3.10 / 4.0 a new setting was added that makes it possible to sign emails at the Moodle level and it requires setting up the private certificates and putting them in a known location where Moodle can find them. Because emails could be sent from a variety of From email addresses the location contains the domain in its path and you can provide as many certificates as needed but this is an uncommon use case.
The most common setup
The simplest and fairly typical setup is where all emails are sent from the noreply email. In this setup we will give instructions on a linux setup such as debian or ubuntu.
$CFG->noreplyaddress = 'noreply@moodle.example.com'
In this case you need to choose a DKIM selector which is arbitrary but is often based on a date as the best practice is to rotate them on a periodic basis.
Lets say we have chosen a selector of '2020sep'.
Now in sitedata we need to create a folder to hold the DKIM certificate with a subdirectory matching the domain:
mkdir -p /path/to/sitedata/dkim/moodle.example.com
Next in this directory generate the private key and public key DNS record using the opendkim-genkey tool:
opendkim-genkey -b 2048 -r -s 2020sep -d moodle.example.com -v
This should result in two files like this:
/path/to/sitedata/dkim/moodle.example.com/2020sep.txt
/path/to/sitedata/dkim/moodle.example.com/2020sep.private
Only the .private file is used by Moodle, the .txt file is the TXT record which you need to add to your DNS. To confirm that it is all correct there is a great public tool where you can enter the domain and DKIM selector and it will confirm the record looks like it is in the correct shape.
https://mxtoolbox.com/dkim.aspx
Once this is in place then use the email testing tool in moodle to send a test email, it can be useful to turn on the debugsmtp setting.
/admin/testoutgoingmailconf.php
You should see the DKIM signature in the email headers. The email server receiving the email should also have validated this signature as well and added another header with the results of this validation.
i.e. in Gmail open the email, click the '...' on the right, then 'Show original' and in the headers it should say:
DKIM: 'PASS' with domain moodle.example.com
ℹ️ If your system does not have the opendkim-genkey command available, you may also try like:
mkdir -p dkim/learning.example.com
cd dkim/learning.example.com
openssl genrsa -out learning.private 2048
openssl rsa -in learning.private -outform PEM -pubout -out learning.public
This example assumes your domain is "learning.example.com" and your DKIM selector is "learning". A DKIM selector allows you to send emails on one domain name, like example.com, from both your Moodle software running on one server with one key as well as other software elsewhere with another key.
Next you will need to create a DNS TXT entry for DKIM. You will need only public key to do this. We do not provide the algorithm here, but we note that a popular chatbot is able to format this correctly for you if you paste in the public key and ask it to provide a DKIM TXT record.
Test outgoing mail configuration
A link is available to send yourself a test email to check everything is working correctly.
Incoming mail configuration
If incoming mail processing is enabled in 'Incoming mail configuration' in Site administration, then users are able to reply to forum posts via email and send files to their private files as email attachments.
Mailbox configuration
It is important to have a dedicated email address here. Don't use one you normally use for your personal emails. You do not need to add the @ sign. If you have set up the email mountorangeschool@example.com then it would be entered as in the following screenshot:
Incoming mail server settings
As an example, if you are using gmail you would use IMAP.gmail.com in the Incoming mail server (messageinbound_host) field. (If using gmail you also need to make sure that you've enabled IMAP for yor gmail account - see https://support.google.com/mail/troubleshooter/1668960?hl=en )
Note1: The SMTP server hosting the mailbox you've configured above must support plus addressing i.e. any email sent to mountorangeschool+blahblahblah@example.com is still delivered to mountorangeschool@example.com.
Note2 : The username and password here must relate to the settings you entered earlier in Mailbox configuration. So if your address was mountorangeschool@example.com and your username is mountorangeschool, then enter your username in this section along with the password you use to get into this email account.
Note 3: You may also need to make sure that your host does not block outbound connections to the IMAP ports (some do by default).
Note 4: If using gmail, you may find that IMAP does not work with Google's higher security setting. If IMAP is not working with gmail, check out https://support.google.com/accounts/answer/6010255?hl=en-GB and follow the configuration steps available at MDL-61921
Message handlers
Email to Private files
- If you enable this, then users will be able to send attachments via email directly to their private files. See Private files for details of how the feature works.
- Each user will be provided with an address in their Private files to which they send the email and attached files. You can set the default expiry period for this address here.
- Checking the 'Validate sender address' box will mean that if an email is sent to a user's private files from a different account from that registered with user in Moodle, then Moodle will check first before allowing the file to be stored in the user's Private files.
Invalid recipient handler
If a valid message is received but the sender cannot be authenticated, the message is stored on the email server and the user is contacted using the email address in their user profile. The user is given the chance to reply to confirm the authenticity of the original message.This handler processes those replies.
It is not possible to disable sender verification of this handler because the user may reply from an incorrect email address if their email client configuration is incorrect.
Reply to forum posts
- If you enable this, then users will be able to reply to forum posts directly from their email inbox. See the section on 'Reply to posts via email' in Using Forum for details of how the feature works.
- You must leave empty the Site administration > Server > Email > Outgoing mail configuration > Allowed email domains setting; otherwise users will see the email of the forum poster instead.
- Each user will be provided with reply-to address when they click to reply to a forum post via email. You can set the default expiry period for this address here.
See also
- Need help configuring forum's "Reply to post" feature forum discussion