Rustelo/config/features/email/prod.toml

# Email Feature Configuration - Production Environment
# Settings optimized for production security and reliability

[features]
email = true

# Email Configuration - Production
[email]
enabled = true
from_email = "${FROM_EMAIL}"
from_name = "${FROM_NAME}"
reply_to = "${REPLY_TO_EMAIL}"
default_provider = "sendgrid"  # "smtp", "sendgrid", "ses"

# SMTP Configuration - Production
[email.smtp]
host = "${SMTP_HOST}"
port = 587
username = "${SMTP_USERNAME}"
password = "${SMTP_PASSWORD}"
use_tls = true
use_starttls = true
timeout = 30
pool_size = 10

# SendGrid Configuration - Production
[email.sendgrid]
api_key = "${SENDGRID_API_KEY}"
endpoint = "https://api.sendgrid.com/v3/mail/send"
timeout = 30

# AWS SES Configuration - Production
[email.ses]
region = "${AWS_REGION}"
access_key_id = "${AWS_ACCESS_KEY_ID}"
secret_access_key = "${AWS_SECRET_ACCESS_KEY}"
timeout = 30

# Console Provider - Disabled for production
[email.console]
enabled = false
log_level = "error"
save_to_file = false
output_dir = "logs/emails"

# Email Templates - Production
[email.templates]
template_dir = "templates/email"
default_language = "en"
supported_languages = ["en", "es", "fr", "de", "ja", "zh"]
cache_templates = true
reload_on_change = false

# Template Configuration - Production
[email.templates.welcome]
subject = "Welcome to {{app_name}}"
template = "welcome.hbs"
text_template = "welcome.txt"

[email.templates.password_reset]
subject = "Password Reset Request"
template = "password_reset.hbs"
text_template = "password_reset.txt"
expiration = 1800  # 30 minutes

[email.templates.email_verification]
subject = "Verify Your Email Address"
template = "email_verification.hbs"
text_template = "email_verification.txt"
expiration = 86400  # 24 hours

[email.templates.two_factor]
subject = "Two-Factor Authentication Code"
template = "two_factor.hbs"
text_template = "two_factor.txt"
expiration = 300  # 5 minutes

[email.templates.security_alert]
subject = "Security Alert - Account Activity"
template = "security_alert.hbs"
text_template = "security_alert.txt"

[email.templates.account_locked]
subject = "Account Temporarily Locked"
template = "account_locked.hbs"
text_template = "account_locked.txt"

# Email Queue Configuration - Production
[email.queue]
enabled = true
max_retry_attempts = 3
retry_delay = 60  # seconds
batch_size = 50
processing_interval = 30  # seconds
dead_letter_queue = true
max_queue_size = 10000

# Rate Limiting - Strict for production
[email.rate_limiting]
max_emails_per_minute = 100
max_emails_per_hour = 2000
max_emails_per_day = 20000
burst_limit = 20
per_user_limit = 10  # emails per user per hour

# Email Validation - Strict for production
[email.validation]
check_mx_records = true
check_disposable_domains = true
allowed_domains = []  # Configure specific domains if needed
blocked_domains = [
    "tempmail.org",
    "10minutemail.com",
    "guerrillamail.com",
    "mailinator.com",
    "temp-mail.org"
]

# Bounce Handling - Enabled for production
[email.bounce_handling]
enabled = true
webhook_url = "/webhooks/email/bounce"
webhook_secret = "${EMAIL_WEBHOOK_SECRET}"
max_bounce_rate = 0.05  # 5%
auto_suppress_bounces = true
bounce_notification_email = "${ADMIN_EMAIL}"

# Email Analytics - Enabled for production
[email.analytics]
track_opens = true
track_clicks = true
track_deliveries = true
track_bounces = true
track_complaints = true
retention_days = 90

# Security Settings - Enabled for production
[email.security]
enable_dkim = true
dkim_selector = "default"
dkim_private_key_path = "${DKIM_PRIVATE_KEY_PATH}"
enable_spf = true
enable_dmarc = true
dmarc_policy = "quarantine"

# Internationalization - Full support for production
[email.i18n]
auto_detect_language = true
fallback_language = "en"
timezone = "UTC"
date_format = "%Y-%m-%d %H:%M:%S"

# Development Settings - Disabled for production
[email.development]
intercept_emails = false
intercept_to = ""
log_all_emails = false
fake_send = false

# Monitoring and Alerting - Production
[email.monitoring]
enabled = true
alert_on_high_bounce_rate = true
alert_on_high_complaint_rate = true
alert_on_delivery_failures = true
alert_on_quota_exceeded = true
alert_email = "${ADMIN_EMAIL}"
metrics_endpoint = "/metrics/email"

# Compliance - Production
[email.compliance]
gdpr_enabled = true
can_spam_compliant = true
unsubscribe_url = "${BASE_URL}/unsubscribe"
privacy_policy_url = "${BASE_URL}/privacy"
terms_of_service_url = "${BASE_URL}/terms"
chore: add config path 2025-07-07 23:13:01 +01:00			`# Email Feature Configuration - Production Environment`
			`# Settings optimized for production security and reliability`

			`[features]`
			`email = true`

			`# Email Configuration - Production`
			`[email]`
			`enabled = true`
			`from_email = "${FROM_EMAIL}"`
			`from_name = "${FROM_NAME}"`
			`reply_to = "${REPLY_TO_EMAIL}"`
			`default_provider = "sendgrid" # "smtp", "sendgrid", "ses"`

			`# SMTP Configuration - Production`
			`[email.smtp]`
			`host = "${SMTP_HOST}"`
			`port = 587`
			`username = "${SMTP_USERNAME}"`
			`password = "${SMTP_PASSWORD}"`
			`use_tls = true`
			`use_starttls = true`
			`timeout = 30`
			`pool_size = 10`

			`# SendGrid Configuration - Production`
			`[email.sendgrid]`
			`api_key = "${SENDGRID_API_KEY}"`
			`endpoint = "https://api.sendgrid.com/v3/mail/send"`
			`timeout = 30`

			`# AWS SES Configuration - Production`
			`[email.ses]`
			`region = "${AWS_REGION}"`
			`access_key_id = "${AWS_ACCESS_KEY_ID}"`
			`secret_access_key = "${AWS_SECRET_ACCESS_KEY}"`
			`timeout = 30`

			`# Console Provider - Disabled for production`
			`[email.console]`
			`enabled = false`
			`log_level = "error"`
			`save_to_file = false`
			`output_dir = "logs/emails"`

			`# Email Templates - Production`
			`[email.templates]`
			`template_dir = "templates/email"`
			`default_language = "en"`
			`supported_languages = ["en", "es", "fr", "de", "ja", "zh"]`
			`cache_templates = true`
			`reload_on_change = false`

			`# Template Configuration - Production`
			`[email.templates.welcome]`
			`subject = "Welcome to {{app_name}}"`
			`template = "welcome.hbs"`
			`text_template = "welcome.txt"`

			`[email.templates.password_reset]`
			`subject = "Password Reset Request"`
			`template = "password_reset.hbs"`
			`text_template = "password_reset.txt"`
			`expiration = 1800 # 30 minutes`

			`[email.templates.email_verification]`
			`subject = "Verify Your Email Address"`
			`template = "email_verification.hbs"`
			`text_template = "email_verification.txt"`
			`expiration = 86400 # 24 hours`

			`[email.templates.two_factor]`
			`subject = "Two-Factor Authentication Code"`
			`template = "two_factor.hbs"`
			`text_template = "two_factor.txt"`
			`expiration = 300 # 5 minutes`

			`[email.templates.security_alert]`
			`subject = "Security Alert - Account Activity"`
			`template = "security_alert.hbs"`
			`text_template = "security_alert.txt"`

			`[email.templates.account_locked]`
			`subject = "Account Temporarily Locked"`
			`template = "account_locked.hbs"`
			`text_template = "account_locked.txt"`

			`# Email Queue Configuration - Production`
			`[email.queue]`
			`enabled = true`
			`max_retry_attempts = 3`
			`retry_delay = 60 # seconds`
			`batch_size = 50`
			`processing_interval = 30 # seconds`
			`dead_letter_queue = true`
			`max_queue_size = 10000`

			`# Rate Limiting - Strict for production`
			`[email.rate_limiting]`
			`max_emails_per_minute = 100`
			`max_emails_per_hour = 2000`
			`max_emails_per_day = 20000`
			`burst_limit = 20`
			`per_user_limit = 10 # emails per user per hour`

			`# Email Validation - Strict for production`
			`[email.validation]`
			`check_mx_records = true`
			`check_disposable_domains = true`
			`allowed_domains = [] # Configure specific domains if needed`
			`blocked_domains = [`
			`"tempmail.org",`
			`"10minutemail.com",`
			`"guerrillamail.com",`
			`"mailinator.com",`
			`"temp-mail.org"`
			`]`

			`# Bounce Handling - Enabled for production`
			`[email.bounce_handling]`
			`enabled = true`
			`webhook_url = "/webhooks/email/bounce"`
			`webhook_secret = "${EMAIL_WEBHOOK_SECRET}"`
			`max_bounce_rate = 0.05 # 5%`
			`auto_suppress_bounces = true`
			`bounce_notification_email = "${ADMIN_EMAIL}"`

			`# Email Analytics - Enabled for production`
			`[email.analytics]`
			`track_opens = true`
			`track_clicks = true`
			`track_deliveries = true`
			`track_bounces = true`
			`track_complaints = true`
			`retention_days = 90`

			`# Security Settings - Enabled for production`
			`[email.security]`
			`enable_dkim = true`
			`dkim_selector = "default"`
			`dkim_private_key_path = "${DKIM_PRIVATE_KEY_PATH}"`
			`enable_spf = true`
			`enable_dmarc = true`
			`dmarc_policy = "quarantine"`

			`# Internationalization - Full support for production`
			`[email.i18n]`
			`auto_detect_language = true`
			`fallback_language = "en"`
			`timezone = "UTC"`
			`date_format = "%Y-%m-%d %H:%M:%S"`

			`# Development Settings - Disabled for production`
			`[email.development]`
			`intercept_emails = false`
			`intercept_to = ""`
			`log_all_emails = false`
			`fake_send = false`

			`# Monitoring and Alerting - Production`
			`[email.monitoring]`
			`enabled = true`
			`alert_on_high_bounce_rate = true`
			`alert_on_high_complaint_rate = true`
			`alert_on_delivery_failures = true`
			`alert_on_quota_exceeded = true`
			`alert_email = "${ADMIN_EMAIL}"`
			`metrics_endpoint = "/metrics/email"`

			`# Compliance - Production`
			`[email.compliance]`
			`gdpr_enabled = true`
			`can_spam_compliant = true`
			`unsubscribe_url = "${BASE_URL}/unsubscribe"`
			`privacy_policy_url = "${BASE_URL}/privacy"`
			`terms_of_service_url = "${BASE_URL}/terms"`