CdmServer in docker instance sending e-mails¶
For the self registration in phycobank it is necessary that the CDM Server is able to send emails. This works fine for the CDM Server running on the host system, but fails when the CDM Server is running in a docker instance.
The mail is sent with org.springframework.mail.javamail.JavaMailSender and the host is defined as localhost, this does not work within docker because the MTA (exim4) runs on the host machine.
First we have to install ssmtp on docker-container, this is already done with inside Dockerfile:
RUN apt-get update && apt-get install -y ssmtp && rm -rf /var/lib/apt/lists/* COPY ssmtp.conf /etc/ssmtp/ssmtp.conf
To analyse the ip configuration also iproute2 is installed:
RUN apt-get update && apt-get install -y iproute2 && rm -rf /var/lib/apt/lists/*
Some urls to find ideas how to fix the problem:
https://stackoverflow.com/questions/26215021/configure-sendmail-inside-a-docker-container/30021595#30021595 (using postfix instead of exim4)
How to connect from inside the docker instance to localhost:
Configure firewall to allow the docker container connecting to host MTA
The docker container can be started with different network modes, for us it is the bridge mode, this means between docker container and host system there is a bridge with different IP adresses on container side (172.17.0.2) and host side (172.17.0.1).
So we need to configure exim4 to listen also on 172.17.0.1 and ssmtp to send the mails to 172.17.0.2 (mailhub).
iptables -I INPUT "linenumber" -s 172.17.0.2 -d 172.17.0.1 -p tcp --dport 25 -j ACCEPT
for edit-production this would be
iptables -I ALLOW "linenumber" -s 172.17.0.2 -d 172.17.0.1 -p tcp --dport 25 -j ACCEPT
To get the line numbers call:
iptables --list --line-numbers -n
did the trick to allow the docker container contacting port 25 on host system. This can be tested with netcat:
First install netcat on docker container with
apt-get update apt-get -y install netcat
and try to connect to docker.host.internal port 25:
nc -vz docker.host.internal 25
The Server mail.fu-berlin.de allows only internal e-mail addresses, actually I do not know whether this also includes the host address or the mail address email@example.com is not allowed.
This problem could also be solved by creating a new e-mail address firstname.lastname@example.org by Dominik and then we have a valid from address. If we want to use the password recovery for other instances as well, we have to find out how to set this property outside cdmlib.