Leitfaden für die Migration von lokalen zu Cloud-E-Mails

Leitfaden für die Migration von lokalen zu Cloud-E-Mails

Leitfaden für die Migration von lokalen zu Cloud-E-Mails

Jun 28, 2020

Herausgegeben von

Herausgegeben von

Bird

Bird

-

Kategorie:

Kategorie:

Email

Email

Ready to see Bird
in action?

Ready to see Bird
in action?

On-Premises to Cloud Email Migration Guide

Oft hören wir die Frage: "Haben Sie eine Art Playbook, in dem der Prozess für die Migration von einer lokalen Installation zu Birddargelegt ist?

Aber ja, das tun wir. Lesen Sie weiter.

First, some back story. Die Bird Cloud service was created in 2014 out of the enormous success of the On-Premises Momentum MTA solution. Momentum sits am core of the Bird Cloud, providing high-speed delivery and traffic shaping for thousands of customers on the cloud service. Because of this, Momentum receives a large portion of our engineering attention, but the results of that work are often buried in performance improvements that don’t get a great deal of press.  Momentum customers see the benefits of this work every time a new public release of Momentum is published.

This does NOT mean that Bird is just “Momentum in the Cloud”. MessageBird is much more than that and can have added benefits for customers who choose to migrate or use them in a hybrid approach.  In addition, we have made it very easy for PowerMTA customers to migrate or use PowerMTA with Bird in a hybrid configuration as well. Die rest of this document will describe in detail how you can migrate your message streams from Momentum or PowerMTA zum Bird Cloud service. 

Thier are really two separate scenarios to consider when migrating to Bird from Momentum or PowerMTA. 

  1.  You are ready to leave the on-premises world entirely, shut down your physical data centers and no longer manage any on-premises MTA directly.  This means eliminating Momentum or PowerMTA from your deployment and sending messages directly to SparkPost for message handling. Or

  2. You have reason to keep some on-premises footprint for one reason or another.  Some possibilities might be:

  • spezifische Lieferströme, die eine Vorverarbeitung in Momentum

  • Kapazitätsaufteilung für Burst- oder Disaster-Recovery-Anforderungen

  • Unterstützung von Bestandskunden in PMTA bei gleichzeitiger Verlagerung von Neukunden zu SparkPost

 …then you want to forward the other messages on to Bird for onward message handling.  

In either situation, you need to be aware that Bird will only accept SMTP messages for delivery that are injected over port 587 or 2525 and use SMTP_Auth with a specific username and password (Siehe SMTP-Dokumente hier). We also highly recommend connecting with a TLS connection, but that is not strictly required. If you are replacing your MTA layer entirely (scenario 1), then you may also want to consider using the Transmissions REST-API which can accept messages over HTTPS connections. Dokumentation on that API is hier.

Welche Option wähle ich?

Um herauszufinden, ob Sie zu Option 1 oder Option 2 gehören, sollten Sie diese Faktoren berücksichtigen:

  • Verwenden Sie die Lua-Skript-Engine von Momentumfür etwas Komplizierteres als die Weiterleitung von Nachrichten?

    • Lua is a comprehensive script tool for manipulating messages in-line, but the vast majority of our users only use it to select a binding for delivery.  If that is the case, you can modify your generation code to add an ip_pool-Attribut zum X-MSYS-API header and have Bird assign the route for you. 

    • Wenn Sie Lua verwenden, um kompliziertere Dinge zu tun, wie z.B. Body-Filterung, Mail_From-Rewrites oder Berechnungen der Nachrichtenkadenz, und es nicht machbar ist, diese Logik in Ihre injizierende Anwendung zu verschieben, sollten Sie in Erwägung ziehen, in das Lager der Option #2 zu wechseln.

  • Ist Ihr Generierungssystem in der Lage, Nachrichten über Port 587 mit TLS und SMTP_Auth zu senden?

    • Einige Kampagnenmanagementsysteme können Mails nur im Klartext über Port 25 verschicken. Dies stellt ein Sicherheitsproblem für Bird dar, so dass Sie vielleicht Option 2 in Betracht ziehen sollten

  • Verwenden Sie die PowerMTA Ersetzungssyntax oder eine andere Inline-Nachrichtenänderung?

    • If you can move this function up into your generators or use the Bird Vorlage Sprache, then you can still use option 1, but otherwise, you may need to think about keeping a PMTA node online for this message modification before shipping to Bird for delivery.

  • Do you require any inbound AV/AS scanning before injection? While this is possible in Momentum and PowerMTA, eBird assumes you have already performed all those checks.  You may want to consider doing that before injection.

No matter which way you go, it is sure to affect your commercial relationship.  As you can imagine, this is not our first rodeo. Be sure to loop in your Commercial Account Manager and Customer Success Manager so we can help you through the details and make sure you are getting the best value for your dollar.

Für Option #1 Camp (kalter Entzug):

Let’s assume you are OK with option 1 and you are ready to shut down your on-premises MTAs and you have decided to continue using the SMTP injection method, not changing your message creation systems at all.  Your generation systems should create a fully formatted SMTP message, then push to Bird over TLS using SMTP_AUTH where the username and password are as described on diese Seite. Remember that the “password” is the API key you generate in your Bird account with the SMTP delivery option turned on.

If you are in the Option #1 camp, consider switching to the REST API right out of your generation system. In most cases, we find that customers’ processing systems are already using JSON over HTTP and have to convert to SMTP before injection. You can skip that step and send it directly to us as eine JSON-formatierte REST-Nutzlast.

If you choose to inject with the REST API, you may need to alter your content creation system a bit, but it may be worth it.  Weitere Informationen finden Sie hier.

One of the biggest concerns large ESPs have with a Migration is IP Warming. Typically they have spent many years grooming their inventory of IP addresses with great care so the thought of abandoning all that work is painful. Bird has worked out a Bring Your Own IP (BYOIP) process that takes care of that issue. If you have at least one contiguous /24 CIDR block, Bird can use those existing IPs for delivery which saves you the pain of having to warm them up again. If you are able to take advantage of that option, you can skip the section here on IP warmup.

Wenn Sie das Gefühl haben, dass Sie dazu bereit sind, fahren Sie mit dem Abschnitt "So wird's gemacht" fort.

Nutzung von Option #2 (Vorverarbeitung vor Ort):

Wenn Sie jedoch zu Team Option #2 gehören, müssen Sie einige Konfigurationsänderungen an Ihrer Bereitstellung vornehmen. Der am wenigsten schmerzhafte Weg, einige ausgewählte Nachrichtenströme von Momentum oder PMTA auf Bird zu migrieren und dabei weiterhin SMTP-Injection von Ihren Generierungssystemen zu verwenden, ist das Hinzufügen einer speziellen Route in Ihrer Konfiguration.

Für Momentum:

  1. Set up a version of Momentum > 3.6.23. 

  2. Install a valid SSL Certificate and open outbound port 587 so Momentum can talk to Bird Configure an outbound domain so you can route a message through Momentum to Bird. 

  3. With the configuration below, any message hitting this configuration will be routed to smtp.sparkpostmail.com using port 587 and SMTP_Auth with the username and password defined there.outbound_smtp_auth { } Keep_Message_Dicts_In_Memory = true Domain "smtp.sparkpostmail.com" {   Remote_SMTP_Port = "587"   Outbound_SMTP_AUTH_Type = "LOGIN"   Outbound_SMTP_AUTH_user = "SMTP_Injection"   Outbound_SMTP_AUTH_pass = "17258redacted8bd6cd7a8redacted8c22bce" }

  4. Configure the bindings you want to relay through MessageBird with TLS and gateway them to the domain you defined above.

    Anmerkung:
    TLS is not strictly required but is a strong recommendation. If TLS is not possible for some reason, then IP whitelisting the API keys is also a strong recommendation.


    binding “CustomerA-Outbound” {   Gateway = "smtp-demo.sparkpostelite.com"     TLS = "required"     TLS_Certificate = "/etc/pki/tls/certs/trymsys.net.crt"     TLS_Key = "/etc/pki/tls/certs/trymsys.net.key"     TLS_Ciphers = "DEFAULT" }

Für PowerMTA:

  1. Set up a version of PowerMTA > 4.5.0

  2. Installieren Sie ein gültiges SSL-Zertifikat und öffnen Sie den ausgehenden Port 587, damit PowerMTA mit Bird kommunizieren kann.

  3. Configure an outbound domain path so you can route a message through PowerMTA to Bird. With the configuration below, any message hitting this configuration will be routed to smtp.sparkpostmail.com using port 587 and SMTP_Auth with the username and password defined there.  In PowerMTA, this is also where you can set TLS. Beachten Sie, dass dies auch ausführlicher dokumentiert ist here 

<domain sparkpost.rollup>    use-unencrypted-plain-auth yes    auth-username SMTP_Injection    auth-password YourAPIKeygoesherewhenyougenerateit    route smtp.sparkpostmail.com:587    use-starttls yes    require-starttls yes    max-smtp-out 10 </domain>

4. Konfigurieren Sie die VMTAs, die Sie über Bird weiterleiten möchten, mit der oben definierten {sparkpost} rollup config.

<virtual-mta SparkPostRelay>     <domain *>         queue-to {sparkpost}     </domain> </virtual-mta>

Once you have those configuration changes made, any messages sent to the selected “binding” or “VMTA” should be routed automatically through Bird for delivery.  

So wird's gemacht

When you start down this road, don’t make the mistake of thinking this is an overnight operation.  Doing this right will take some time and care.  

  1. Setup your Bird account and fully test using a development subaccount so you can filter out that traffic later.  You will need to do this for either option because you will need the API key for the SMTP_Auth password either way.

  2. If you are using SMTP injection, plan to add an X-MSYS-API header to incorporate all the metadata and message attributes needed.  Any X-Headers should be re-written as metadata and you should include the ip_pool and campaign attributes as well. A sample is available here

  3. If you are NOT using BYOIP, then you should make sure you set up slightly different sending domains for use with MessageBird so that you can run both environments in parallel for as long as it is needed.  If your current sending domain is meinUnternehmen.de, maybe set up sp.meinUnternehmen.de specifically for Bird delivery.  This allows you to migrate slowly and carefully while not compromising either domain.

  4. Make sure you have full domain alignment and security features enabled.  In DNS, set up DKIM, SPF, DMARC, bounce and tracking domains so they all look like they belong to the same organization.

  5. Configure Automatische IP-Aufwärmung on your defined IP_Pools.  If you are using the previously mentioned BYOIP option, you can ignore the warmup step.

  6. Start with one message stream and move forward from there.  Just like IP Warmup, you don’t want to do this all at once. Redirect a few hundred messages first, then 10% of the volume, then 20% the following day and increase until you have moved all the volume over. If you are an ESP, select a customer you can work with and test the process with their feedback.  If it all works well, move on to the next one. If you run into problems, take the time to fix it and work it into the process for the next one.

  7. Automate as much as possible with APIs.  Outside of the DNS changes, the SparkPost config can be mostly automated with ein paar API-Aufrufe.

Datenerhebung von Bird

MessageBird reports message delivery in a webhooks feed or in the message events API.  Accessing Bird plain text logs is just not possible. You can pull this data back to your environment with a webhooks collector or by calling the Ereignisse API periodically and consuming the data.  We recommend using webhooks and have einige Empfehlungen on doing that right.  In its most basic form, a PHP webhook collector can be deployed in a few  lines of code:

<?php $verb = $_SERVER['REQUEST_METHOD'];   if ($verb == "POST") {     $jsonStr = file_get_contents("php://input");     http_response_code(200);     $rnum = rand(1000,9999);     $t = date("YmdHis") . $rnum;     $Jfile = './data/data_'.$t.'.txt';     if (file_exists($Jfile)) {        $fn = basename($Jfile,".txt");       $seq = 0;       $ftail = substr($fn,-2,1);       if ($ftail == "-"){         $seq = substr($fn,-1);       }       $seq++;       $Jfile = basename($Jfile,".txt")."-".$seq.".txt";     }       $fh = fopen($Jfile, "w") or die("Unable to create file!");       fwrite($fh, $jsonStr);       fclose($fh);   } ?>

While you are experimenting, you can try them out with free collectors such as http://webhook.site/.

Once you have collected all the webhook data, you can read that into a data store for additional processing.  There are also ways to push Webhooks through services like StitchData and Segment.

The same information is available in the Events API if you have a need to PULL the data and cannot accept PUSH data.  Here is a sample Event API call:
GET https://api.sparkpost.com/api/v1/events/message?/

recipients=recipient@example.com&templates=my-template&events

That API is fully documented with samples here:  https://developers.sparkpost.com/api/events/#events-get-search-for-message-events

If you really need the event data back in a form that looks like PMTA or Momentum logging, that is possible as well if you employ some additional conditioning code. The great news is there are ein paar Beispiele to steal from already.

Rekapitulation

  1. Make sure you talk to your Sales and Success Management team.  We’ve done this before and can help you through it quickly and cost-effectively.

  2. Figure out if you are in Camp #1 (vollständig von On-Prem umziehen können) or Camp #2 (Wir brauchen noch etwas MTA vor Ort).

  3. Sign up for a kostenloses Testkonto to evaluate the integration details.

  4. Decide on SMTP or REST API injection methods.

  5. Wenn Sie SMTP-Injektion verwenden, finden Sie heraus, wie Sie Kopfdaten und Nachrichtenattribute in einen X-MSYS-API-Header bekommen.

  6. Confirm if you can use our BYOIP process.

  7. Aktualisieren Sie Ihr DNS mit neuen Domänen, falls erforderlich.

  8. Build a small sample to test your migration.  You may need to adjust your config.

  9. Erhöhen Sie das Volumen, bis der gesamte Verkehr migriert ist.

  10. Wenn Sie zu Lager 1 gehören, können Sie Ihre MTAs vor Ort endlich abschalten, nachdem der gesamte Datenverkehr migriert wurde.

Your new standard in Marketing, Pay & Sales. It's Bird

The right message -> to the right person -> am right time.

Your new standard in Marketing, Pay & Sales. It's Bird

The right message -> to the right person -> at the right time.