CdmServer in docker instance sending e-mails » History » Version 6
Katja Luther, 04/19/2023 01:23 PM
| 1 | 1 | Katja Luther | # CdmServer in docker instance sending e-mails |
|---|---|---|---|
| 2 | |||
| 3 | ## Problem: |
||
| 4 | |||
| 5 | For the self registration in phycobank it is necessary that the cdmServer is able to send emails. This works fine for the cdmServer running on the host system, but fails when the cdmServer is running in a docker instance. |
||
| 6 | |||
| 7 | 3 | Belen Escobari | The mail is sent with org.springframework.mail.javamail.JavaMailSender and the host is defined as localhost, this does not work within docker because the MTA (exim4) runs on the host machine. |
| 8 | 1 | Katja Luther | |
| 9 | ## Ideas: |
||
| 10 | |||
| 11 | First we have to install ssmtp on docker-container, this is already done with inside Dockerfile: |
||
| 12 | |||
| 13 | ~~~ |
||
| 14 | RUN apt-get update && apt-get install -y ssmtp && rm -rf /var/lib/apt/lists/* |
||
| 15 | |||
| 16 | COPY ssmtp.conf /etc/ssmtp/ssmtp.conf |
||
| 17 | ~~~ |
||
| 18 | |||
| 19 | To analyse the ip configuration also iproute2 is installed: |
||
| 20 | |||
| 21 | ~~~ |
||
| 22 | RUN apt-get update && apt-get install -y iproute2 && rm -rf /var/lib/apt/lists/* |
||
| 23 | ~~~ |
||
| 24 | |||
| 25 | Some urls to find ideas how to fix the problem: |
||
| 26 | |||
| 27 | https://gehrcke.de/2014/07/discourse-docker-container-send-mail-through-exim/ |
||
| 28 | https://stackoverflow.com/questions/26215021/configure-sendmail-inside-a-docker-container/30021595#30021595 (using postfix instead of exim4) |
||
| 29 | |||
| 30 | How to connect from inside the docker instance to localhost: |
||
| 31 | https://www.howtogeek.com/devops/how-to-connect-to-localhost-within-a-docker-container/ |
||
| 32 | Configure firewall to allow the docker container connecting to host MTA |
||
| 33 | https://docs.docker.com/network/iptables/ |
||
| 34 | https://serverfault.com/questions/705192/iptables-rule-set-so-that-a-docker-container-can-access-a-service-on-a-host-ip |
||
| 35 | 2 | Katja Luther | |
| 36 | The docker container can be started with different network modes, for us it is the bridge mode, this means between docker container and host system there is a bridge with different IP adresses on container side (172.17.0.1) and host side (172.17.0.1). |
||
| 37 | So we need to configure exim4 to listen also on 172.17.0.1 and ssmtp to send the mails to 172.17.0.2 (mailhub). |
||
| 38 | 4 | Katja Luther | |
| 39 | For edit-integration |
||
| 40 | |||
| 41 | iptables -I INPUT 21 -s 172.17.0.2 -d 172.17.0.1 -p tcp --dport 25 -j ACCEPT |
||
| 42 | |||
| 43 | did the trick to allow the docker container contacting port 25 on host system. This can be tested with netcat: |
||
| 44 | |||
| 45 | First install netcat on docker container with |
||
| 46 | |||
| 47 | ~~~ |
||
| 48 | apt-get update |
||
| 49 | apt-get -y install netcat |
||
| 50 | ~~~ |
||
| 51 | |||
| 52 | and try to connect to docker.host.internal port 25: |
||
| 53 | |||
| 54 | ~~~ |
||
| 55 | nc -vz docker.host.internal 25 |
||
| 56 | ~~~ |
||
| 57 | 5 | Katja Luther | |
| 58 | After fixing the firewall problem, the mail is send by exim4, but there are still some problems: |
||
| 59 | |||
| 60 | ~~~ |
||
| 61 | 2023-04-18 15:19:46 no host name found for IP address 172.17.0.2 |
||
| 62 | 2023-04-18 15:19:47 1polFK-0003qc-W7 <= mail@cybertaxonomy.org H=(e746b3eea32a) [172.17.0.2] P=esmtp S=879 id=1902382989.6.1681823986995@e746b3eea32a |
||
| 63 | 2023-04-18 15:19:51 1polFK-0003qc-W7 ** k.luther@bo.berlin R=smarthost T=remote_smtp_smarthost H=mail.fu-berlin.de [130.133.4.67] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256 CV=yes DN="C=DE,ST=Berlin,O=Freie Universit\303\244t Berlin,CN=mail.fu-berlin.de": SMTP error from remote mail server after RCPT TO:<k.luther@bo.berlin>: 550-Verification failed for <mail@cybertaxonomy.org>\n550-Unknown user\n550 Sender verify failed |
||
| 64 | 2023-04-18 15:19:54 1polFS-0003qg-9d <= <> R=1polFK-0003qc-W7 U=Debian-exim P=local S=2584 |
||
| 65 | 2023-04-18 15:19:54 1polFK-0003qc-W7 Completed |
||
| 66 | 2023-04-18 15:19:58 1polFS-0003qg-9d ** mail@cybertaxonomy.org R=smarthost T=remote_smtp_smarthost H=mail.fu-berlin.de [130.133.4.67] X=TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256 CV=yes DN="C=DE,ST=Berlin,O=Freie Universit\303\244t Berlin,CN=mail.fu-berlin.de": SMTP error from remote mail server after RCPT TO:<mail@cybertaxonomy.org>: 550 Unknown user |
||
| 67 | 2023-04-18 15:19:58 1polFS-0003qg-9d Frozen (delivery error message) |
||
| 68 | ~~~ |
||
| 69 | 6 | Katja Luther | |
| 70 | from https://bobcares.com/blog/smtp-error-from-remote-mail-server-after-rcpt-to/ |
||
| 71 | |||
| 72 | ~~~ |
||
| 73 | 5. Sender errors |
||
| 74 | |||
| 75 | SMTP error from remote mail server after RCPT TO:: |
||
| 76 | host host.domain.com [xx.xx.xx.xx]: 554 5.1.8 : |
||
| 77 | Sender address rejected: Domain not found |
||
| 78 | |||
| 79 | SMTP error from remote mail server after RCPT TO:: |
||
| 80 | host mx.server.com [xxx.xxx.xxx.xxx]: 550-Verification failed for |
||
| 81 | 550-No Such User Here : Sender verify failed |
||
| 82 | |||
| 83 | |||
| 84 | |||
| 85 | Cause: A sender error can be caused due to many factors. The prominent reasons we have seen in our role as Website Support Techs for web hosting companies, include: |
||
| 86 | |||
| 87 | a. Duplicate sender account present in the recipient server |
||
| 88 | b. Misconfigured mail configuration settings |
||
| 89 | c. Sender email account doesn’t exist or cannot be detected |
||
| 90 | d. Permission issues caused by server migrations, updates or custom scripts |
||
| 91 | |||
| 92 | Fix: To resolve sender errors, we examine the mail server logs, sender email account settings, folder permissions, mail server configuration, etc. and resolve any issues related to that. |
||
| 93 | |||
| 94 | ~~~ |