Cloudron Forum

A homemade problem. We have refactored our Ansible role. It has installed an MTA that was previously started as Cloudron's mail service. After uninstalling the MTA, everything works as expected.

I remove the user from the group and add the user again to the group.

https://github.com/haraka/haraka-plugin-dns-list/pull/11/commits should fix it

Given that you hit a "permission denied" issue, maybe there is some race, where something changes permissions of that folder while the restore is busy copying files there. If you hit this, can you check the permisssion and ownership of the folder in question?

@David-0 said in Use Cloudron Mailserver but have different Webhosting?: Would it be possible to use Cloudron as a mail server for mail@new.com while the domain new.com (or even subdomain.new.com) is hosted somewhere else? yes, the DNS records for a mail server (MX record) and webhosting (A records) are entirely different. It's totally normal and safe to host web and mail of the same domain on totally different systems.

It worked! Thanks!

For anyone wondering on the same question as I did: Dovecot seems to be a standard IMAP server for now, which seems to be used on majority of servers. It claims to be written with security in mind, which doesn't seem to help to avoid privileges escalations, buffer overflow, crashes (on the same page - below). Given the dominance of that mail server on the internet, it seems to be a go-to solution for many, just like Ubuntu, referred here above, is; so I wouldn't expect it to be replaced on Cloudron anytime soon. Given the self-confidence of the authors, that claims that running from root is not a big deal and not providing any easily ready to use solution, I doubt that many will go extra mile to implement that on they own; given Cloudron limited resources and luck of advertising and hence focus to be security first platform, dovecot processes will remain to be running as root. From the positive side, root owned processes are not opening any network port, so direct exploitation would be problematic. Hope that would be of help.

@Klaus Which email provider are you testing with? We can try to implement it.

This doesn't affect Cloudron as such but the upcoming mail addon update contains the fix.

The only message was only related to PTR. And there was no other message. Maybe it was a special case or a problem with the request and the question was whether from my server or on the provider's side. After I clicked sync DNS, I left it for another 24 hours just to be sure, because the proprogation could have been prolonged. After 24 hours there was still a problem , then I did a record analysis and noticed as I wrote above one record A was not updated. In general, the situation embraced. You can close the topic only waiting for the improvement of the results from PTR. Generally I have changed but FCrDNS has not been updated.

Looks like that was the fix, now it doesn't change the A and AAAA records of the email server, and Cloudron can still use my External SMTP connection while having the Mail Server Location set to "cloudron.blockbluemedia.com".

Hello, correct, it is the subdomain. This all seems to have been solved by restarting the app

@timbo I have practically zero spam with the rules mentioned in my post and abusix DSNBL (https://abusix.com/) - the free tier is sufficient. Do you have catch-all enabled?

Ah the Cloudron is on version 7.5.2 which had a bug here. This is fixed with v8.0 already

@girish must be private. I can't view that with my account.

@nebulon , thanks for reply. in the first post, I copied a undeliverable testmail from spamhoaus to cloudron, b/c it was denieing the reception. here a little oversight: [image: 1720004240958-2024-07-03_12-50_cldrn_mail_deliv-fail.png] and they all look similar… [image: 1720004260697-2024-07-03_12-52_cldrn_mail-deniedy.png] all these hosts are N.O.T. blacklisted. I checked. also, false positives…

Please see https://docs.cloudron.io/email/#server-status . Specifically https://docs.cloudron.io/email/#ptr-record and https://docs.cloudron.io/email/#outbound-smtp

@girish That's very nice! I already have the paid version, so no problem for me, was just wondering

@girish said in Dynamic DNS and Mail Server Location: @gerard that's quite brave to run a mail server with dynamic IP @girish Yeah it's silly and unreliable But not meant for any serious usage. Thank you for fixing it.

The fix is for solr showing the incorrect status. Let's re-test once the update is out.