Bug #759
open
redmine instances don't send any notification
50%
Description
Since the redmine instances are hosted within a LXC container, email notifications are no longer sent.
It looks like the issue comes from the Redmine configuration and 127.0.0.1:25 being used within the container.
The following configuration update isn't sufficient:
--- /etc/redmine/dc/configuration.yml 2022-03-15 22:28:00.095274510 +0000
+++ /etc/redmine/dc/configuration.yml.new 2022-03-15 22:27:44.102827009 +0000
@@ -4,8 +4,8 @@
email_delivery:
delivery_method: :smtp
smtp_settings:
- address: 127.0.0.1
- domain: ''
+ address: 10.0.7.1
+ domain: 'projects.duckcorp.org'
enable_starttls_auto: false
port: 25
due to the grey listing configuration:
Mar 15 23:12:37 Toushirou postfix/smtpd[1597691]: connect from unknown[10.0.7.2] Mar 15 23:12:37 Toushirou postfix/smtpd[1597691]: 4KJ71x5crKz4Bs: client=unknown[10.0.7.2] Mar 15 23:12:37 Toushirou postfix/cleanup[1597693]: 4KJ71x5crKz4Bs: message-id=<redmine.journal-2400.20220315221237.3bd6c5f55c0c0d17@projects.duckcorp.org> Mar 15 23:12:38 Toushirou postfix/cleanup[1597693]: 4KJ71x5crKz4Bs: milter-reject: END-OF-MESSAGE from unknown[10.0.7.2]: 4.7.1 Try again later; from=<issues@projects.duckcorp.org> to=<[redacted]@ir5.eu> proto=ESMTP helo=<projects.duckcorp.org>
@Marc Dequènes should the grey listing be disabled for 10.0.7.2 or is there another way ?
Updated by Marc Dequènes about 2 years ago
We could disable it per IP I think but I've never done that so we'll need to dig into rspamd's config. Another way would be a add a local relay that would handle the retries. Or it could even send outside by itself.
Updated by Pierre-Louis Bonicoli about 2 years ago
- % Done changed from 0 to 50
- Security set to No
The following configuration works fine (within the controller /etc/redmine/dc/configuration.yml needs to be updated too):
# cat /etc/rspamd/local.d/greylist.conf whitelisted_ip = "10.0.7.2"; # systemctl restart rspamd.service
Should this configuration be added to ansible? Something like that would work:
diff --git a/ansible/playbooks/tenants/duckcorp/web/projects.duckcorp.org.yml b/ansible/playbooks/tenants/duckcorp/web/projects.duckcorp.org.yml
index 79f76c3..e4b9c13 100644
--- a/ansible/playbooks/tenants/duckcorp/web/projects.duckcorp.org.yml
+++ b/ansible/playbooks/tenants/duckcorp/web/projects.duckcorp.org.yml
@@ -1,5 +1,15 @@
---
+- hosts: mx1_servers:&container_hosts
+ tasks:
+ copy:
+ dest: /etc/rspamd/local.d/greylist.conf
+ content: |-
+ whitelisted_ip = "{{ XXX }}";
+ owner: root
+ group: rspamd
+ mode: u=rw,g=r,o=
+
- hosts: Toushirou
Updated by Marc Dequènes almost 2 years ago
- Status changed from New to In Progress
- Assignee set to Pierre-Louis Bonicoli
Quack,
Sorry to reply late.
The configuration seems fine. This file is managed by Ansible already, see ansible/roles/dc-rspamd/templates/local.d/greylist.conf (although empty).
I updated the mail configuration and noticed the change being overwritten, so I adapted the rules to add the fix.
I'm not closing the ticket since the Redmine configuration also needs to be handled in Ansible (sorry no time for that right now). I assigned the ticket to you, I hope you don't mind.