@d19dotca Inspecting a few mail servers that I can ssh into it seems all the sieve files are -rw------- and all the mailboxes are drwx------. Was this server restored from a backup by any chance? If so, that would maybe explain the discrepancy. But even then I am not sure why some of the mailbox folders have pretty bizzare permissions like "r-x" for group/others. I think you can safely change the permissions to the ones I listed above.

@d19dotca Just got around to looking into this. This doesn't work because the mail server processes spam messages using dovecot's sieve_before flag - https://doc.dovecot.org/settings/pigeonhole/#plugin-sieve-setting-sieve-before . You can check the /app/dovecot-config/sieve_before/spam-move.sieve script in the mail container which is moving X-Spam-Flag into the Spam folder. Because the filter below is run before user messages, your filters don't work. This also makes it easy for the end user to not worry about processing spam messages when writing filters, so I think the default behavior is good.

require ["fileinto","mailbox"]; if header :contains "X-Spam-Flag" "YES" { fileinto "Spam"; stop; }

For the original use case of discarding all spam for forwarding mailboxes, this is the default behavior in next release.

@nebulon Okay, I've further lowered the backup config and will hope that works for now. I just don't quite get why memory is an issue when my server never seems to go much beyond 5 GB used out of 8 GB. Nothing really changed outside of moving to Vultr, and even then that was about 1.5 months ago and this issue only started in the past week or so.

@alexsunny123 ok there are quite a few variables in the mix here it seems. For a start, can you connect to the Cloudron setup view using the public IP address from your ISP on port 80 and 443?

To rule out some other maybe interfering parts, disable the Cloudflare proxying.

Since you mentioned email, on a residential connection you will most likely require a mail relay to work properly, anyways port 25 will most likely be blocked by your ISP. Cloudron as mail relay support for various providers though.

Lastly for Cloudron it doesn't really matter if bare-metal or VM, so there are no special docs about this. You should be fine as long as you have vanilla Ubuntu 20.04 server installed.

@girish I think that might be an improvement worth considering, no? Making the necessary changes would (I think)...

Make it clear to monitoring tools and manual checks by users which processes being run are local to the host and which are from containers, particularly useful when multiple instances of a service are being run both on the host and container.

Follow what appears to be "best practices" when running containers.

Improve security in certain situations.

Admittedly these may be minor and not worth the overhead, but now that I'm aware of the behaviour, I'm a bit irked by it as it currently prevents me from easily identifying which services are container-run and which are local to the host, as well as making it confusing to which user is actually running the process listed.

@eddowding ah, great you managed to figure this out. indeed, cloudflare can only proxy http(s) and not email.

@lonkle TBH, we don't really test on any system other than ubuntu. Most likely other platforms don't work. Even on ubuntu derivatives like mint, it is known to not work.

To close this, turned out that "libpython3.8" was missing on my newly upgraded 20.04 Hetzner system...therefore I was getting the message "dependency problems prevent configuration of collectd"

@girish Thank you for those commands. I think I'll just use the cloudron push after I run cloudron install on my image server.

Also, not sure if there is a specific way to go about this but I could strip this down a bit to have a base install for the app if it's of use to the Cloudron community. I'm sure it would have to be polished by the devs but it is an install for Timetrex CE which is a timeclock software that our company uses.

@vladimir-d This is already fixed in the coming release - https://git.cloudron.io/cloudron/box/-/commit/6d044bfbf384b8ae98f1beac0f9d1c50005e8d34 . For now, you can ignore the warning, it's harmless.

@marcusquinn I understand your time constraints, unfortunately I am not able to trigger the behavior you are describing, so this is hard to find a fix for it. Maybe if you have some time, can you describe how one of those apps was setup initially before you adjusted the access control from the groups panel?

@nebulon Yeah fair enough. I figured it was a decision based on app compatability. Thankfully I only had 40 apps to go through 😛

My understanding is that mint is primarily targeting a Desktop environment.

Sorry, this was a duplicate post, because the first didn't go through for a while. Please ignore, and answer the question in the other forum.

@girish that worked. Thanks

Thank you @d19dotca @nebulon @robi for your replies. I use adguard on the same server which allows for DNS rewrites. I guess I was trying to achieve what Resilio sync does (e.g. connect to peers using LAN when in LAN).

In this case, I wanted to try by pointing the DNS name of nextcloud installation to local server IP:port. I am not sure if this will be possible (probably not right? unless I change the server itself in my nextcloud client?). If it's not possible, it is OK I guess.

Success! Re-installed Ubuntu, added nothing, and everything worked as advertised!

@ianhyzy for nginx configs? No, they're on the Cloudron host.

@girish I don't know if it was installed before the upgrade, but it wasn't enabled, because unbound managed to run without problem 🤷

I'm not sure how it got there. It was supposed to be a clean Ubuntu 16.04. The only things I installed manually besides cloudron are basically ZSH and screen.

In any case, I marked this as solved, thanks !

@finnengenhorst thanks for reporting, let me check.

I finally managed to get to the bottom of this. There was a bug in the postgresql addon backup logic where connections were not closed properly. This resulted in periodic backups keeping lots of connections open. This is fixed in 6.3.

@msbt yes, thanks for reaching out, will take a look.

@subtlecourage said in Outbound SMTP not working on my External Relay:

It says it should be coming from noreplay@domain.com, but instead it is coming from imanalias@domain.com

Can you clarify what you mean by "it says"? Is there some error/warning somewhere? Also, I assume that you have put a custom domain in fastmail and also fastmail is able to relay mail as any email address i.e <anything>@domain.com ?

@nj Thank you
I'm trying to do it without manual intervention.
More or less got the shared volume mount working.

@vladimir What other configurations are needed by redisearch though? I think it needs to be laid out specifically so that the amazing Cloudron team can figure out what can be safely added if any to the current redis server configuration, or if it's configurations needed within the WordPress server/app instead, etc. When you deploy redissearch, does it error on anything, what errors does it provide in the user interface and the logs for example?

We are using minIO for it. s3 compatible. the Service on our side was down… and then we also have a problem with backup size. but now it works! thx!