TLS Encrypted Email Gateway Backend using Nest.js

Description

We need to build a custom email gateway that routes outbound emails from Google Workspace through our system. The gateway should:

• Accept SMTP connections (using a library like smtp-server or an equivalent)

• Relay messages to Amazon SES

• Determine whether the recipient’s server supports TLS (or is on our whitelist, e.g., Google/Outlook)

If TLS (or whitelisted):

• Forward the email normally and append the text "Sent by iPhone" hyperlinked to apple.com to the message.

If not TLS:

• Instead of sending the original message, send a placeholder email with a link to our secure portal where the actual message is stored.

Finally, we need to plug this gateway into Google Workspace (via Google Admin) as the outbound SMTP relay.

Overview

This project is the backend of my own email server, including email sending using Amazon SES. It is built using NestJS and TypeScript. The project is deployed using PM2 on an AWS EC2 instance (with at least 4GB RAM and 40GB storage).

Project Structure

EMAIL_GATEWAY_BACKEND/
│
├── .vercel/                     # Contains configuration files for Vercel deployment, managing project settings and environment variables.
├── dist/                        # Compiled output directory where built files are stored after TypeScript compilation.
├── node_modules/               # Directory containing all npm dependencies for the project, installed via npm.
├── src/                        # Source code directory containing the main application logic.
│   ├── gateway/                 # Main gateway directory for handling email-related services.
│   │   ├── mailer/              # Contains the mailer service responsible for sending emails.
│   │   │   └── mailer.service.ts  # Implementation of the mailer service, including logic for sending emails.
│   │   ├── smtp/                # Contains the SMTP service for handling email transfer protocols.
│   │   │   └── smtp.service.ts    # Implementation of the SMTP service, managing connections and email delivery.
│   │   ├── gateway.module.ts     # Module file that organizes and provides the gateway services.
│   ├── app.controller.ts        # Controller file that defines request handling and routing for the application.
│   ├── app.module.ts            # Main application module, importing necessary modules and services for the app.
│   ├── app.service.ts           # Main application service, containing business logic and shared functions.
│   ├── main.ts                  # Entry point of the application, bootstrapping the NestJS application.
├── test/                        # Directory containing test files for unit and integration testing.
├── .env                         # Environment variables file, storing sensitive information like API keys and database credentials.
├── .eslintrc.js                 # ESLint configuration file, defining coding style rules and linting options for JavaScript/TypeScript.
├── .gitignore                   # Specifies files and directories that should be ignored by Git, preventing sensitive data from being tracked.
├── .prettierrc                  # Prettier configuration file for code formatting preferences.
├── ecosystem.config.js          # PM2 configuration file for managing application processes in production.
├── nest-cli.json                # Configuration file for NestJS CLI, customizing project structure and CLI options.
├── package.json                 # Project metadata file, listing dependencies, scripts, and project information.
├── package-lock.json            # Lock file containing exact versions of installed dependencies for consistency.
├── README.md                    # Documentation for the project, providing an overview, installation instructions, and usage guidelines.
├── tsconfig.json                # TypeScript configuration file, specifying compiler options and project settings.
└── vercel.json                  # Vercel configuration file, defining deployment settings and build commands for the application.

Getting Started

Requirements

• Nest.js and TypeScript
• Node.js 20.18.3 or later

Installation

1. Clone the repository:

   $ git clone 'gitlab URL'
   $ cd 'email-gateway-backend'

2. Set up the Nest.js:

   • Install dependencies:

   $ npm install

   • Complete .env:

   PORT="3001"
   MONGODB_URI="mongodb+srv:"
   AWS_ACCESS_KEY_ID=""
   AWS_SECRET_ACCESS_KEY=""
   AWS_REGION="us-east-1"
   AWS_S3_BUCKET_NAME="emailstorage-test"

Running the Application

1. Start Frontend Server:

   # development
   $ npm run start
   
   # watch mode
   $ npm run start:dev

The application running:

• http://localhost:port/ (Nest.js)

Configuration

Environment Variables

You can configure the settings in the .env file for the backend.

Deployment

$ npm install
$ npm run build

Use NPM To Install A Package Called PM2.

Install PM2 by typing thr following at the command line:

sudo npm install pm2 -g

Run your app using PM2, and ensure that your node.js application starts automatically when your server restarts

pm2 start dist/main.js --name host_name

you can see log.

pm2 logs

AWS ec2 configuration is very simple.

• you can create EC2 instance(ubuntu22.00, RAM > 4GB, Hard > 40GB)
• you can access EC2 instance via SSH.
• you have to install Node and git on your EC2 instance.
• you must pull and push project via git
• you have to install PM2 to host node project.(please check PM2 documentation)
• You have to add aws informations in .env file.
• you can run this command npm run build
• you have to run node project using pm2.(pm2 start dist/main.js) I gave you the explanation about this command in readme.md.
• To check node project. you can use pm2 log. That's all.

Custom Email Gateway in Google Workspace

Step 1: Sign in to Google Workspace

• 1.Go to the Google Workspace Admin Console.
• 2.Sign in with your admin account.

Step 2: Set Up Custom Email Gateway in Google Workspace

This is the Google Workspace setup process.

That's all