Email Setup

Kener supports two methods for sending emails: SMTP and Resend. You can configure either or both, though SMTP will take precedence if both are configured.

Configuration Priority

If both SMTP and Resend are configured, Kener will use SMTP as the primary email service. Resend will only be used if SMTP is not configured.

SMTP Configuration

To use SMTP for sending emails, configure the following environment variables:

SMTP_HOST=smtp.example.com
SMTP_PORT=587
SMTP_USER=your-username
SMTP_PASS=your-password
SMTP_FROM_EMAIL=noreply@example.com
SMTP_SECURE=0

Kener accepts both naming styles for compatibility:

• Password: SMTP_PASS or SMTP_PASSWORD
• Sender: SMTP_FROM_EMAIL or SMTP_SENDER

SMTP Variables

Variable	Description	Required
SMTP_HOST	SMTP server hostname	Yes
SMTP_PORT	SMTP server port (25, 587, or 465)	Yes
SMTP_USER	SMTP authentication username	Yes
SMTP_PASS or SMTP_PASSWORD	SMTP authentication password	Yes
SMTP_FROM_EMAIL or SMTP_SENDER	Sender email address	Yes
SMTP_SECURE	SSL/TLS mode (0 or 1)	Yes

Understanding SMTP_SECURE

The SMTP_SECURE variable determines whether to use implicit SSL or STARTTLS:

• Port 465: Use SMTP_SECURE=1 (expects implicit SSL)
• Port 587: Use SMTP_SECURE=0 (uses STARTTLS)
• Port 25: Use SMTP_SECURE=0 (uses STARTTLS)

Generally, port 465 expects implicit SSL (SMTP_SECURE=1), while port 587 and port 25 usually use STARTTLS (SMTP_SECURE=0).

Resend Configuration

To use Resend for sending emails, configure the following environment variables:

RESEND_API_KEY=re_123456789
RESEND_SENDER_EMAIL=noreply@example.com

Resend Variables

Variable	Description	Required
RESEND_API_KEY	Your Resend API key	Yes
RESEND_SENDER_EMAIL	Verified sender email address	Yes

Note: Your sender email domain must be verified in your Resend account before you can send emails.

Verification

Kener will automatically detect which email service is configured:

1. If SMTP variables are set, Kener will use SMTP
2. If only Resend variables are set, Kener will use Resend
3. If both are configured, SMTP takes priority
4. If neither is configured, email functionality will be disabled

Common SMTP Providers

Gmail

SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_SECURE=0
# Use App Password instead of regular password
SMTP_USER=your-email@gmail.com
SMTP_PASS=your-app-password
SMTP_FROM_EMAIL=your-email@gmail.com

SendGrid

SMTP_HOST=smtp.sendgrid.net
SMTP_PORT=587
SMTP_SECURE=0
SMTP_USER=apikey
SMTP_PASS=your-sendgrid-api-key
SMTP_FROM_EMAIL=noreply@yourdomain.com

AWS SES

SMTP_HOST=email-smtp.us-east-1.amazonaws.com
SMTP_PORT=587
SMTP_SECURE=0
SMTP_USER=your-smtp-username
SMTP_PASS=your-smtp-password
SMTP_FROM_EMAIL=noreply@yourdomain.com

Resend SMTP (SMTP relay mode)

SMTP_HOST=smtp.resend.com
SMTP_PORT=587
SMTP_USER=resend
SMTP_PASS=re_xxxxxxxxxxxxx
SMTP_FROM_EMAIL=accounts@example.com
SMTP_SECURE=0

Important gotcha:

• SMTP_SECURE=1 means implicit TLS (TLS handshake starts immediately on connect).
• SMTP_SECURE=0 means STARTTLS/upgrade (plain connection first, then TLS upgrade).

For Resend SMTP, using ports like 587 (and provider-documented STARTTLS ports such as 2587/2465) generally works with SMTP_SECURE=0.
If you force SMTP_SECURE=1 on these ports, connections can time out because the server expects STARTTLS negotiation, not immediate implicit TLS.

Use SMTP_SECURE=1 only with an implicit TLS port (commonly 465).

Troubleshooting

Email not sending

1. Verify all required environment variables are set
2. Check SMTP credentials are correct
3. Ensure sender email is authorized by your SMTP provider
4. Check server logs for detailed error messages

Wrong port/SSL configuration

If you're getting connection errors, verify:

• Port 465 should use SMTP_SECURE=1
• Port 587 should use SMTP_SECURE=0
• Port 25 should use SMTP_SECURE=0

Resend not working

1. Verify your API key is correct
2. Ensure sender domain is verified in Resend dashboard
3. Check API key has proper permissions
4. If using Resend SMTP relay on 587, set SMTP_SECURE=0