EDIT

# CdmServer in docker instance sending e-mails

## Problem:

For the self registration in phycobank it is necessary that the CDM Server is able to send emails. This works fine for the CDM Server running on the host system, but fails when the CDM Server is running in a docker instance.

The mail is sent with org.springframework.mail.javamail.JavaMailSender and the host is defined as localhost, this does not work within docker because the MTA (exim4) runs on the host machine.

## Ideas:

First we have to install ssmtp on docker-container, this is already done with inside Dockerfile:

~~~

RUN apt-get update && apt-get install -y ssmtp && rm -rf /var/lib/apt/lists/*

COPY ssmtp.conf /etc/ssmtp/ssmtp.conf

~~~

To analyse the ip configuration also iproute2 is installed:

~~~

RUN apt-get update && apt-get install -y iproute2 && rm -rf /var/lib/apt/lists/*

~~~

Some urls to find ideas how to fix the problem:

https://gehrcke.de/2014/07/discourse-docker-container-send-mail-through-exim/

https://stackoverflow.com/questions/26215021/configure-sendmail-inside-a-docker-container/30021595#30021595 (using postfix instead of exim4)

How to connect from inside the docker instance to localhost:

https://www.howtogeek.com/devops/how-to-connect-to-localhost-within-a-docker-container/

Configure firewall to allow the docker container connecting to host MTA

https://docs.docker.com/network/iptables/

https://serverfault.com/questions/705192/iptables-rule-set-so-that-a-docker-container-can-access-a-service-on-a-host-ip

The docker container can be started with different network modes, for us it is the bridge mode, this means between docker container and host system there is a bridge with different IP adresses on container side (172.17.0.2) and host side (172.17.0.1). 

So we need to configure exim4 to listen also on 172.17.0.1 and ssmtp to send the mails to 172.17.0.2 (mailhub).

For edit-integration 

iptables -I INPUT "linenumber" -s 172.17.0.2 -d 172.17.0.1 -p tcp --dport 25 -j ACCEPT

for edit-production this would be

iptables -I ALLOW "linenumber" -s 172.17.0.2 -d 172.17.0.1 -p tcp --dport 25 -j ACCEPT

To get the line numbers call:

iptables --list --line-numbers -n

did the trick to allow the docker container contacting port 25 on host system. This can be tested with netcat:

First install netcat on docker container with

~~~

apt-get update

apt-get -y install netcat

~~~

and try to connect to docker.host.internal port 25:

~~~

nc -vz docker.host.internal 25

~~~

After fixing the firewall problem, the mail is send by exim4, but there are still some problems:

~~~

2023-04-18 15:19:46 no host name found for IP address 172.17.0.2

2023-04-18 15:19:47 1polFK-0003qc-W7 <= mail@cybertaxonomy.org H=(e746b3eea32a) [172.17.0.2] P=esmtp S=879 id=1902382989.6.1681823986995@e746b3eea32a

2023-04-18 15:19:51 1polFK-0003qc-W7 ** k.luther@bo.berlin R=smarthost T=remote_smtp_smarthost H=mail.fu-berlin.de [130.133.4.67] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256 CV=yes DN="C=DE,ST=Berlin,O=Freie Universit\303\244t Berlin,CN=mail.fu-berlin.de": SMTP error from remote mail server after RCPT TO:<k.luther@bo.berlin>: 550-Verification failed for <mail@cybertaxonomy.org>\n550-Unknown user\n550 Sender verify failed

2023-04-18 15:19:54 1polFS-0003qg-9d <= <> R=1polFK-0003qc-W7 U=Debian-exim P=local S=2584

2023-04-18 15:19:54 1polFK-0003qc-W7 Completed

2023-04-18 15:19:58 1polFS-0003qg-9d ** mail@cybertaxonomy.org R=smarthost T=remote_smtp_smarthost H=mail.fu-berlin.de [130.133.4.67] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256 CV=yes DN="C=DE,ST=Berlin,O=Freie Universit\303\244t Berlin,CN=mail.fu-berlin.de": SMTP error from remote mail server after RCPT TO:<mail@cybertaxonomy.org>: 550 Unknown user

2023-04-18 15:19:58 1polFS-0003qg-9d Frozen (delivery error message)

~~~

from https://bobcares.com/blog/smtp-error-from-remote-mail-server-after-rcpt-to/

~~~

5. Sender errors

SMTP error from remote mail server after RCPT  TO::

host host.domain.com [xx.xx.xx.xx]: 554 5.1.8  :

Sender address rejected: Domain not found

SMTP error from remote mail server after RCPT TO::

host mx.server.com [xxx.xxx.xxx.xxx]: 550-Verification failed for 

550-No Such User Here : Sender verify failed

Cause: A sender error can be caused due to many factors. The prominent reasons we have seen in our role as Website Support Techs for web hosting companies, include:

a. Duplicate sender account present in the recipient server

b. Misconfigured mail configuration settings

c. Sender email account doesn’t exist or cannot be detected

d. Permission issues caused by server migrations, updates or custom scripts

Fix: To resolve sender errors, we examine the mail server logs, sender email account settings, folder permissions, mail server configuration, etc. and resolve any issues related to that.

~~~

The Server mail.fu-berlin.de allows only internal e-mail addresses, actually I do not know whether this also includes the host address or the mail address mail@cybertaxonomy.org is not allowed.

see https://www.zedat.fu-berlin.de/Relaying

This problem could also be solved by creating a new e-mail address no-reply@phycobank.org by Dominik and then we have a valid from address. If we want to use the password recovery for other instances as well, we have to find out how to set this property outside cdmlib.