Emails have become an effective initial vector of infection because virtually every company uses email, and employees receive a large volume of emails every day. Because of the overwhelming volume of emails, employees have very little time to review and analyze each one, which might give them a false sense of security. Cybercriminals are effectively exploiting this situation by organizing phishing attacks, which are becoming even more widespread and sophisticated with the advent of cloud-based email services. Consequently, email security is becoming a critical task for businesses and employees to avoid the consequences of these evolving threats.

Simple Mail Transfer Protocol (SMTP) [ 6 ] is the most used protocol for sending and receiving email messages on websites today. While Sendmail has traditionally been a popular choice for SMTP servers, it has faced various issues over the years. The monolithic architecture of Sendmail has been a major contributor to security vulnerabilities, making it challenging to configure and maintain.

In response to these shortcomings, Postfix was developed as an alternative to Sendmail. Postfix is designed to address many of the security concerns associated with Sendmail. Additionally, Postfix simplifies the management of email server installations by employing a straightforward approach. Administrators can conveniently handle Postfix through two configuration files, reducing complexity.

One of the standout features of Postfix is its ability to function effectively even in demanding situations. It is not uncommon for software systems, including email servers, to face unexpected conditions such as running out of memory or disk space. Postfix, however, excels at detecting and handling such conditions without worsening the problem. This robustness ensures stable and reliable email operations, even during challenging circumstances.

Of course, like any system that started a long time ago, the email system has evolved alongside and in parallel with the development of the entire Internet.

So, just as the infrastructure of enterprises has been changing first towards hydride and then towards fully cloud-based, the infrastructure also needs to evolve. As of today, more and more applications are migrating to Kubernetes clusters hosted in different cloud environments, which means that not only the applications themselves have to be redesigned for such a containerized environment, but also all the accompanying software.

The main purpose of e-mail is to exchange messages (information that is delivered asynchronously). The main messaging protocol is SMTP, which aims to ensure reliable and efficient exchange of letters.

The SMTP protocol is used to send all email in the world. According to official documentation [ 7 ], the process of transferring information using this protocol is quite simple.

A visual representation of the protocol’s scheme is provided in Fig. 1. The network on which SMTP is implemented consists of hosts that communicate using the TCP protocol and operate on the public Internet, an isolated internal TCP/IP network, or other local or wide area networks using another transport layer protocol other than TCP. With SMTP, a process can transmit electronic messages to another process on the same network or a different network using a relay or gateway that is accessible to both networks.

Thus, an electronic message can pass through several intermediate relays or gateways on its way from the sender to the final recipient. This ensures efficient routing and delivery of emails to their destination [ 7 ].

Computer programs that allow you to create, send, receive, and view emails are called email clients. Users can access email using an interface made by an email client.

Both locally on a user’s device and remotely on a web server are capable of running email clients. For the first case, examples include Microsoft Outlook, Apple Mail, and Mozilla Thunderbird—these programs are installed directly on the user’s computer or mobile device and provide the ability to manage email without a direct connection to the Internet.

In the case of web servers, examples of email clients are Google Gmail and Yahoo! Mail—these services are provided in the cloud and are accessible to users through a web browser. In particular, a user can access his or her email from any device with an Internet connection without having to install separate software on each device.

The Simple Messaging Protocol system consists of many different elements, the main elements of the system are shown in Fig. 2. Separate operations that are in charge of sending and receiving mail are necessary for an exchange system to function successfully.

The incoming mail agent and the outbound mail agent must typically run on separate servers in large commercial enterprises.

To send messages to recipients and to receive new messages from the user’s mailbox, the mail client creates two connections: one to the outgoing mail server and one to the incoming mail server.

The email client connects to the incoming mail server and the outgoing mail server using various interfaces. For communicating with particular mail agents that are used to process incoming and outgoing emails, these can be distinct protocols and ports.

This separation of functionality between servers and different interfaces allows for efficient and reliable email management and ensures optimal interaction with email clients. The outgoing mail server serves several important functions: 1. Message Queue: It receives messages from mail clients and places them in a queue for further delivery. 2. Routing: The outgoing mail server determines the appropriate incoming mail server for each recipient and transfers the messages to that server for final delivery. 3. Client-Server Interaction: Acting as a server, it interacts with mail clients when receiving messages, but functions as a client when relaying messages to incoming mail servers. 4. Connection Initiation: The outgoing mail server ensures that connections are always initiated by email clients. 5. Bounce Messages: If the outgoing mail server is unable to deliver a message, it sends a bounce message back to the user who sent the original message. 6. Sender Information: It adds information about the sender, but does not alter the content of the message. 7. Authentication: Before accepting a message, the outgoing mail server typically authenticates the user, often requiring a username and password [ 9 ].

In some cases, the inbound mail server may support an alternative authentication method such as OAuth. This allows the email client to obtain a special access token that allows access to only certain functions or messages within a limited scope. This approach gives users more control over which applications or services have access to their mailboxes [ 11 ].

After studying the principles of exchange, we move on to study the problems of secure mail sending.

An incoming mail server operates by listening for connections from outgoing mail servers. When an outgoing mail server connects to send a message, the incoming mail server records the message and session details, including the sender’s IP address [ 10 ]. 1.1.2. Researching the Problems

Incoming messages can be rejected by an of Secure Mail Sending email server for various reasons, such as: • Non-existent email recipient. Classifying messages as spam based on their • Full mailbox of the recipient. content and origin is an important task in spam • Message size exceeding the server’s limit. filtering systems. Probabilistic classifiers, such • Unreliable or inauthentic sender. as naive Bayesian spam filtering [ 12 ], use In case of rejection, the incoming mail statistical models to calculate the probability server may try to resend the message later or that an incoming message is spam. notify the user of the failed delivery. To make a classification decision, it is

Once the incoming mail server receives a necessary to convert the continuous message, it takes charge of its subsequent probability into a binary value. If the delivery. If there are any issues with delivery, probability exceeds a certain threshold, the such as the need for forwarding, the incoming message is rejected as spam. This approach mail server informs the message sender. allows you to divide messages into two

After concluding the session with the categories: spam and non-spam (legitimate outgoing mail server, the incoming mail server messages). includes the gathered session details in the When classifying spam, it is important to received message. It then assesses the message ensure that the false positive rate (classifying to determine if it is spam or legitimate. legitimate messages as spam) is close to zero. Depending on this assessment, the message This helps to avoid users missing important may be: messages. On the other hand, the false negative • Delivered to the recipient’s inbox if it is rate (classifying spam as legitimate messages) deemed legitimate and does not contain can be somewhat higher to prevent spam from any spam indicators. getting into the inbox [ 13 ]. • Moved to the recipient’s spam folder if it To determine a message’s authenticity and is detected as unsolicited content. potential delivery to the recipient’s inbox, the • Deleted without notification to the message’s origin holds significant importance. sender if the inbound mail server is When sender domain authentication is convinced that it is spam and should not unavailable, the message’s delivery is reliant be delivered. on the IP address’s reputation. • sagTinehtndueeaourttiashoeteneorsafu[u1fnti0lowt]mea.rnastteihcderlmpessepstosoanigsdeeessn,itanisfycweserptllaaaimns tsupeesecneohSdponilcnsieqipg’asuoleeogm.feueInandlligilabsindisltedeioetniytrdviioniehcngrta,ismpbahsdabisdsetehhcrdeoiansmtgsoleeoansot,atkaeiclxcnikpokcsemllouoimtdfthtiioennennygg came from their addresses. Also, spoofed email addresses can be misused in the context of email authentication, for example, when trying to unsubscribe from mailing lists [ 14 ]. Thus, spoofing emails makes it possible to bypass

For authorization, the email client provides identification data, such as an email address and password. The inbound mail server verifies this information to ensure that it corresponds to a valid user and matches the data in the database correctly. restrictions and spam mailing lists. Preventing such attacks and protecting emails are becoming important tasks to ensure the safety and reliability of users.

Modern email protocols are designed to ensure confidentiality, authenticity, and integrity during message transmission without the need for user intervention. The use of Transport Layer Security (TLS) in IMAP, POP, and SMTP protocols allows you to ensure the confidentiality of messages even when an attacker acts in the middle, trying to capture information. Additionally, the DomainKeys Identified Mail (DKIM) mechanism along with domain name system security extensions guarantees the authenticity and integrity of messages [ 15 ].

Support for TLS is common, but certificate validation is not always used, which can compromise protection against active attacks by an attacker [ 15 ]. However, the use of Sender Policy Framework (SPF) and DKIM is also common, which helps reduce the risk of receiving spam and fake messages. These technologies help improve email security, but you need to make sure they are properly configured and used to maximize user protection.

The case study enterprise, from the very beginning of its application development, had a distributed infrastructure, and applications were hosted on physical servers in various data centers. With the development of cloud computing, application orchestration, and containerization technologies, the company began moving its infrastructure to containers hosted by cloud providers.

At present, the company has not implemented a mechanism for storing and processing e-mail, which in turn leads to its loss and potential interception by a third party.

In this case, the loss or transfer of information or the contents of the emails is critical, as the emails contain information about orders placed and other sensitive information.

We have a situation in which the main applications have already been moved to the cloud, but emails are sent directly to recipients without proper protection and minimal operations to hide the content of emails. The main problem, of course, is the loss of emails in the chain between the application and the recipient. The main task is to develop a clusterembedded solution that combines encryption, message queuing, and logging of the number of sent and unsent messages.

Since there are a large number of applications in the infrastructure, auditing how many users have sent emails is also a critical factor. At the moment, an end user who sends only a few emails and a user who sends hundreds of thousands of emails pay the same because there is currently no control mechanism.

A container is a standardized unit of software that stores code along with all its dependencies and allows it to be easily ported and run in different environments standardization by including dependencies means that you will get the same behavior wherever you run it [ 16 ].

Transform your monolithic code into lightweight modules to enhance manageability and connectivity. By doing so, you can avoid the risk of one small module breaking your entire program. This approach grants you more precise control over your code, but it does introduce multiple moving parts to your platform.

However, managing numerous moving parts can be challenging. When one container connects to another, it becomes essential to remember to update each one for platform stability. With dozens of containers, this can lead to code management complexities.

Kubernetes greatly simplifies the process of deploying containers and helps to reduce a large number of costs associated with it. Thanks to it, deployment periods can be reduced from a full day to a much shorter time, as Kubernetes automates code compilation, testing, and checking for updates to all services. Previously, there were several automation tools to help with the deployment process, but they were mostly designed for monolithic architectures, while Kubernetes provides more efficient and scalable container management. Orchestration and automation offer solutions to the challenges encountered when deploying infrastructure manually. With these processes, you can eliminate the risk of forgetting files, ensure updates are applied across all servers, and easily undo changes as needed [ 17 ].

One distinguishing factor between Kubernetes and other deployment options is the continuous nature of container deployment. There’s no need to wait for sequential compilation and deployment of binaries. Instead, Kubernetes constantly incorporates new changes into containers and deploys them in the background. This enables swift code deployment without disrupting performance during specific periods. With Kubernetes and containers, there’s no need for developer intervention to manage services that require frequent updates.

Kubernetes and containers are well-suited for cloud environments due to their portability and lightweight nature. They can be deployed on cloud platforms as well as local servers, making them versatile for a multi-cloud strategy across various service providers. Containers offer an attractive option for reducing risk when implementing a microservice architecture in cloud computing.

When considering the best cloud hosting service out of the three options (AWS, Azure, GCP), it is important to analyze the benefits and drawbacks of each. AWS, being the leader in the cloud hosting market, should be given priority.

AWS offers three container environments: ECS, EKS, and Fargate. If developers have limited experience with containers and already use AWS to host their services, ECS is the recommended option. This “containers-as-aservice” solution automates deployments directly in the cloud using Amazon AWS CloudFormation, making it a great starting point to determine if containers are suitable for an organization.

For a more comprehensive use of Kubernetes and containers, Amazon EKS is a suitable choice. EKS can move an existing onpremises Kubernetes deployment to the cloud. Advantages and surveys show that EKS is positioned to become the most popular container management method, with 63% of container users surveyed by Kubernetes preferring AWS.

AWS Fargate, Amazon’s latest release for container users, enables container deployment without the need to manage servers or clusters. Fargate also works with AWS EKS, providing multiple options and combinations based on individual needs.

Hosted Kubernetes with AWS is particularly attractive for developers who are new to the container environment. It serves as an excellent starting point to experiment with containers and gauge their compatibility with the development environment. However, EKS is considered difficult to set up and requires technical experience with containers. On the plus side, it offers full scalability and configurability, empowering companies to control Kubernetes and its integration with local development processes [ 18 ].

Let’s now analyze the advantages and disadvantages of Microsoft Azure. IT professionals primarily working with the Windows software environment will find deploying to Azure intuitive and straightforward. Although Azure is a relatively new container service, launched in 2015, Microsoft continues to enhance its offerings.

While Microsoft is known for its Windows operating system, Azure can also work with various Linux and Unix distributions. This means that it is not limited to Windows-only applications, but it does have limitations regarding hybrid container support, unlike AWS, which does support hybrid deployments.

Azure introduced Azure Kubernetes Service (AKS) in October 2017, a service similar to AWS EKS. Deploying AKS on an Azure virtual machine has the added advantage of being free, with payment only required for the resources used on Azure’s virtual machines.

The main disadvantage of Azure is that while AKS was introduced before AWS EKS, Kubernetes is more adapted to AWS and GCP. As a result, Azure lags behind both AWS and Google’s Kubernetes engine when it comes to updating to the latest versions of Kubernetes. However, if Azure is already a part of your existing architecture and you need to implement containers, it simplifies deployment and provides detailed analytics to assess if the platform meets your needs. Additionally, Azure offers a competing service to AWS ECS called Service Fabric, which is also worth considering.

Now, let’s analyze the advantages and disadvantages of Google Cloud Platform (GCP). Given that Google is the original creator of Kubernetes, working with GCP provides several advantages. Any new versions and deployments are immediately available, while other platforms may have a time lag. Moreover, GCP offers excellent opportunities for working with big data, machine learning, and Artificial Intelligence (AI) technologies.

However, GCP faces challenges as it is not as popular as AWS or Azure in terms of infrastructure as a service solution. GCP lacks the small business cloud offerings that make AWS and Azure more appealing for corporate integration into internal networks. Additionally, GCP does not have features like Active Directory integration (Azure) or Identity and Access Management (AWS).

Google promotes its platform as the ideal choice for working with the DevOps methodology. DevOps teams consist of specialists who simultaneously work on automating deployment and application development tasks. For such teams, GCP offers advantages for automating deployments.

Comparing costs becomes difficult due to the pay-as-you-go pricing policies of these platforms. The price an individual developer experimenting with Kubernetes and containers pays will not be the same as what an enterprise requires for powerful computing resources. Costs also depend on the resources utilized, with each platform having a minimum cluster allocation [ 19 ].

Ultimately, there is no clear-cut answer regarding the best service to use with Kubernetes. The choice depends on the specific project requirements. If you are already experienced with Azure or AWS, it is advisable to stick with the same platform. However, if you need to work with AI and machine learning, GCP offers an attractive and costeffective solution. 2.3.

Organizations have different email needs. While some businesses only need a way to send straightforward marketing newsletters, others need a more sophisticated email infrastructure for high-volume and transactional uses.

Let’s now examine the technical details of SendGrid and Mailgun, the two top email platforms. Both systems provide great ways to communicate large amounts of data, complete transactions, and guarantee first-rate delivery quality.

Being the “Email Service for Developers,” Mailgun offers robust APIs that make sending, receiving, and tracking emails simple. Mailgun provides a sophisticated API, Mailjet for marketing, email verification, bulk sending, delivery issue prediction, and other services to over 200,000 enterprises with a 99.99% uptime guarantee.

Let’s now evaluate SendGrid’s advantages and disadvantages. SendGrid, one of the top transactional email systems on the market, also provides email marketing capabilities including user-friendly registration forms and design templates. SendGrid, which has more than 80,000 customers’ trust, enables the safe delivery of more than 70 billion emails each month.

Since its founding in 2009, SendGrid has maintained an advantage in transactional email services. They stand out from the competition because of their emphasis on availability, scalability, and considerable email experience. Clients that use SendGrid’s services enjoy an average delivery rate of 97%, exceeding the sector average of 85%, according to the company’s data [ 20 ]. This reflects their service’s high level of effectiveness and dependability in assuring successful email delivery.

To counter phishing and spoofing attempts, SendGrid provides sophisticated authentication with SPF and DKIM. Furthermore, they include AI-based technologies like their adaptive communication engine, which makes use of AI to improve availability and react to changing ISP requirements.

In addition, Mailgun offers proactive email monitoring, continuing advising, managed delivery services with API support, and management of IP and domain reputation.

A 97% average delivery success rate is what Mailgun advertises. Additionally, they tout an industry-lower bounce rate of 0.4% on average, compared to the industry standard of 2%.

Email security helps protect organizations and recipients from data breaches and other threats.

Use secure login authentication methods.

The traditional use of just a password and login to authenticate a user is considered outdated, but many people still use it. Modern authentication methods require two or more factors to verify a user’s identity.

To use Two-Factor Authentication (2FA), users must combine three different types of authentication factors: knowledge (something you know, like a PIN or password), possession (something you have, like a debit card or cell phone), and physical uniqueness (something that only you have, like a fingerprint). For instance, you have to show your debit card and enter your PIN to use an ATM (possession factor and knowledge component, respectively). Temporary one-time passwords or SMS are frequently used for this kind of authentication.

Users can access numerous applications using Single Sign-On (SSO) after authenticating their identities with an identity provider. SSO and 2FA are frequently coupled. Centralized access with SSO lessens the possibility of account intrusion, streamlines the login procedure, and aids in enforcing strong passwords [ 20 ].

Application Programming Interfaces (APIs) are unique codes that identify and authenticate users. They provide a more secure alternative to logging in with a username and password. Developers commonly use APIs to control access to services like email APIs.

When configuring API keys, different permission levels can be assigned to restrict access to specific parts of an account.

Sender authentication protocols are essential for proving the authenticity of the sender and preventing spam or spoofing. The following authentication protocols should be used: • SPF: Identifies mail servers allowed to send emails from a specific domain. • DKIM: Verifies that the sender is responsible for the email’s content and domain. • Domain-based Message Authentication, Reporting & Conformance (DMARC): Specifies how to handle emails not authenticated by SPF or DKIM.

Using an SMTP server is crucial for email delivery. The SMTP server processes and sends emails to the recipient’s inbox. It also verifies the email’s origin and protects recipients from illegitimate senders.

SMTP authentication enhances email security by requiring a login using a supported authentication mechanism.

Data protection is vital, especially for sensitive information. Encryption, such as TLS, safeguards email content during transmission. Mail providers prioritize TLS-encrypted connections when delivering emails, preventing unauthorized access to email content [ 21–23 ].

To enhance data security, it is important to restrict access to data, especially recipient data, to only those employees who require it. This minimizes the risk of email leaks becoming more serious if the data is compromised. Here are some ways to achieve this: • Limit the number of users to only those employees who regularly need access to your ESP. Regularly review the user list to ensure there are no inactive users. • Implement different levels of permissions based on each user’s role. This allows team members to access the necessary features for their functions while safeguarding sensitive customer data.

According to the study of the requirements for the design of the security subsystem, we have a problem with email delivery. It has been determined that emails may not reach the final recipient for the following reasons: • SendGrid may become unavailable. • The SendGrid API key may expire or be incorrectly configured. • IP address restrictions may be configured incorrectly.

That’s why it was decided to add a mail intermediary to this scheme, which will make a mail queue and prevent mail loss. Since we have a multi-cluster environment, we need to take care of working in this scenario. So, each cluster has two redundant Postfix applications running synchronously and on different feeds. On each cluster, Postfix will have separate settings and its own SendGrid API key.

After researching the available software, the following resources were selected: • Azure cluster (AKS). • Postfix as a mail transfer agent. • Fluent-bit for collecting logs from other containers. • Grafana-Loki-SQL database for logging processing. • Azure managed disks for persistent storage to keep the mail queue even when something happens to the deployment.

Develop a system that will store the mail sent by the application, check if the mail is possible, and only then send the mail. You also need to develop a system for monitoring the number of sent emails. We develop Helm configuration files for deploying infrastructure in cluster environments. So, in one cluster we have: • Two Postfix pods that include two containers with Fluent-bit and Postfix. • Two PersistentVolumeClaim. • Two ReplicaSets. • One ConfigMap for FluentBit. • One ConfigMap for Postfix. • One ServiceAccount. • One Service. • One Secret.

The Postfix application was chosen as the basis of the email system for the project. The main problem with Postfix, in our case, is that its development began a long time ago and was not designed for the modern infrastructure of Internet technologies. Postfix has proven to be a simple and reliable system for sending and queuing mail, but it was not designed for containerized environments and has a log system that is quite difficult to work with. For optimal work with logs and system monitoring in general, it was decided to create an application for parsing and transforming logs].

As an alternative to syslog (which is still the default), Postfix has its logging system. Postfix version 3.4 or later supports this. When Postfix is operating in a container, logging to stdout is advantageous since it removes the syslogd dependence.

Python, a general-purpose high-level programming language, was used to create the solution. Its design philosophy places a strong emphasis on the readability of the code by using substantial indentation.

The most recent Alpine base container with the parser and Postfix was chosen as the foundation for the container with the parser. Alpine is currently the standard for using it as the basis for your applications. It is constantly updated, constantly receives modern solutions to security problems, has basic functionality, and, despite all of the above, has a fairly small size of ~5Mb.

However, for Postfix to work properly and use all the parser’s functions, you need to install the software. For the parser to work, you must first install Python from the repository, the pyodbc library, msodbcsql, mssql-tool. For Postfix to work with secure authorization, you need to install Postfix and the packages postfixpcre, libsasl, cyrus-sasl. In addition to all these packages, you need to install some additional ones.

For Postfix authorization to work properly, you need to create a system user and add information about it to the Postfix configuration files.

The final step in the Dockerfile is to run the script for initial setup and start the parser.

The functions of the initial startup script are to configure Postfix parameters and then start the parser. The shell used is ash, which is a simplified version of the shell from the Alpine Linux developers. The parameters used for configuration are taken from environment variables, which is a safe approach.

We have also implemented functionality when it is necessary to transfer non-standard settings when deploying a solution. For this purpose, there is a separate environment variable POSTFIX_CUSTOM_CONFIG, to which non-standard parameters are passed through the “;” symbol.

Today, many cloud service providers provide services for renting their computing capabilities and using Kubernetes clusters based on their equipment. In this case, the architecture of the solution is based on the AKS from Microsoft. Despite this, the development of automated templates based on Helm Charts is not dependent on service providers in most cases and is universal, that is, it can be used on almost any environment, including a local computer.

Helm is a Kubernetes package manager. Helm is used to build “charts”, which are packages of Kubernetes resources used to deploy applications to a cluster. There are different types of storage and distribution of these packages: they can be stored in archives or just directories with files, distributed through private or public repositories.

The main part of any Helm chart is the Deployment type, which describes what the Pod will consist of, what containers should be included in it, what files should be attached to it, and what environment variables should be in the containers.

In this case, the Deployment consists of a Pod that includes two containers: Fluent-Bit of the latest version and the container with the parser and Postfix. The container with FluentBit contains log storage and a configuration file. A persistent memory disk is attached to the container with Postfix to store logs in case of a cluster or container reboot. In Deployment, checks are additionally configured to see if the container has been successfully powered on and if it is still available.

If you need to have multiple copies of Postfix on different host machines for greater reliability, Deployment is configured to prevent the installation of two copies on one host. Also, environment variables that are stored in the ConfigMap are passed to the container. The ConfigMap.yaml file describes two ConfigMap resources: the first one stores environment variables that are passed to the container from Postfix and the parser, and the second one contains configuration files for Fluent-Bit.

The FluentBit settings describe where to get the information, how to process it, how to filter only the necessary data, and where to send the generated output information. It also contains information on how to work with the information we receive from the developed parser.

To store passwords, certificates, etc., the Secret type is used, which stores information in a hashed form. It’s worth noting that it’s exactly hashed, not encrypted. In the Secret of our Helm Chart, we store the password to the MSSQL database and the key to the SMTP service provider. This is to ensure that other services in the cluster, namely applications that send mail, have a network connection to Postfix, you need to create a Service dash resource. It specifies the port-forwarding parameters. that contains The name, version, and version of the program, as well as a brief description of the Helm Chart, are all included in the Chart.yaml file, which also contains some basic information about the Helm Chart itself.

Variables can be passed to Helm Chart using various methods, but the best practice is to store them in a YAML file and keep them in a version-controlled git repository to prevent configuration drift.

It is recommended to deploy one Postfix Deployment per cluster but with a different number of Postfix replicas, at least two.

At this point, the development of the template for automatic deployment of the solution can be considered completed. Further, the received files will be automatically processed by the helm utility, which is part of the Azure DevOps Pipelines portal plugins. After the system has been successfully developed, and the operability of several systems has been constructed, it is necessary to have complete information about the operation of these systems, error visualization, and complete statistics on successfully delivered mail.

There are many systems for monitoring, but the choice was made to use free open-source solutions—Grafana and Grafana Loki.

Grafana Loki is an aggregator of log records, in this case, received from FluentBit.

Grafana is a modern data visualizer that can work with almost any data source. We need to visualize data from Grafana Loki and MSSQL.

Several deployment options are available for Grafana and Grafana Loki, including installation as a service, operation in a container, and deployment in Kubernetes. We chose to use Kubernetes since it is currently the most cutting-edge method of deploying Grafana.

With the help of the IDE for Kubernetes— Lens, we will deploy the above services with standard settings, but add a certificate for secure connection to web resources.

In the Grafana data sources settings, we configure Grafana Loki and MSSQL.

Grafana has a fairly wide range of tools for displaying information, which means that operators will be able to get all the necessary data in the form they need. Monitoring systems are installed on the cluster environment and dashboards are developed for easy access to the necessary information.