Cloudron Forum

@sebastienserre said in Email questions: When I received the email, the "from" header is "Matomo" which is another apps I'm running on the Cloudron. This is coming from somewhere in Dolibarr. The from name is not part of the SMTP protocol , it's inside the email body. Can you go over the SMTP settings inside Dolibarr again?

Right, the haraka log can be ignored. I think the IP and cert name don't match and thus the warning. It's not a problem since such mails don't leave the server.

Created an issue. https://github.com/haraka/Haraka/issues/3516

Hello @estudios507 Thank you for the detailed report. I will try to assist you to my best capabilities. @estudios507 said in Cloudron rejects iCloud forwarding only when “Delete after forwarding” is enabled (SMTP 550 on MAIL FROM): Identify which Cloudron restriction/policy is triggering “Mail from domain ‘X’ is not allowed from your host” in this scenario. Regarding why this is happening. When iCloud forwards messages in delete mode, iCloud uses the original sender’s MAIL FROM (envelope-from) unchanged instead of rewriting it. If that original sender domain is hosted on the same Cloudron server, Cloudron sees an external connection (from iCloud’s outbound IP) claiming to send mail from its own domain. Cloudron treats that as spoofing and rejects it. @estudios507 said in Cloudron rejects iCloud forwarding only when “Delete after forwarding” is enabled (SMTP 550 on MAIL FROM): Confirm whether there is a supported and safe way in Cloudron to allow this specific flow (forwarding from iCloud with delete enabled) without broadly weakening anti-spoofing protections. There is also another topic regarding this issue with iCloud, see: https://forum.cloudron.io/topic/1998/mail-error-after-sending-message-mail-from-domain-example-com-is-not-allowed-from-your-host A fix is to add the iCloud servers to the domain A's SPF record. Your current SPF record is: dig TXT estudios507.com +short "v=spf1 a:mail.estudios507.com include:_spf.safewebservices.com ~all" You can edit that to include apple: "v=spf1 a:mail.estudios507.com include:_spf.safewebservices.com include:_spf.apple.com ~all" after that edit it can take some time to propagate, but this should resolve your issue.

Fixed in support. Not clear what the issue is, but it could be possibly because spamcop dnsbl was not responding. I removed it from the mail acl - https://docs.cloudron.io/email/#dnsbl.

@james thank you so much! SOGoMailCustomFromEnabled worked prefectly!

Ok, so after looking into open ports a bit more, it turns out that there is nothing listening on port 587. As such, there is no SMTP server running or listening to any port whatsoever. I figure that an SMTP server may only start running if I enable incoming emails (setting which was not enabled, purposefully). When I enabled incoming email setting, sudo netstat -tlnp | grep 587 was finally returning something and n8n configuration worked fine. So to sum up, if my understanding is correct, when only using outbound mail, there isn't an actual SMTP server running, but only some kind of abstraction that containerized apps can use to send email directly through the mail relay (the internals of this are fuzzy to me...), so I need to enable incoming emails in order to send emails... But I'm glad I was at least able to make this work before going into 2026. Thanks for the help and for putting me on the right path here. Thank you for all the great work you do Cloudron Team, and wishing you all the best for the new year :).

Haven't encountered such timeouts from thunderbird, unless the network is actually flaky. Maybe check if both ipv4 and ipv6 are setup but only one works? Could be that thunderbird (probably relying on the system's network interface selector) sometimes picks one of the two which resolves but does not route.

@simplo thanks for reporting, fixed now - https://git.cloudron.io/platform/box/-/commit/fda393b5e148340e2dc138f31a5a6443fa8d0ee3

@joseph thanks! No, no errors inside of docker image logs. /home/yellowtent/platformdata/logs/mail/*.log - from what I can see, that is the same logs I can see inside of Docker - so I would say there are no (error) logs - from all of the perspective, the server looks perfectly normal... except that it doesn't accept user's messages... I would hope that you bring updated Dovecot to Cloudron 9 and it will self-resolve, but better will just do a restart for the time being...

@nebulon That's great. Apart from that, it seems to be running smoothly; it still takes time to propagate the usage stats, but that doesn't really affect us.

@hakunamatata Can you try the telnet command via SSH first (instead of web terminal) ? I think maybe a machine in DMZ is unable to connect to itself using the public IP ? Can you try `telnet cloudron-lan-ip 993 ?

Hello @ccfu and @dffla Thanks for the assistance @ccfu Good to see that you got your issue resolved @dffla

@james I have a Cloudron license, and that’s where I install and manage all our applications. Sorry for the confusion!

@mattcazz yes, definitely . In hindsight, we should have maybe package the mail server more like an "app" . And then just like other apps, it would have gained all the customization of Cloudron apps. The email configuration could then have been inside this "mail server" app. We want to rework mail server to an app after Cloudron 9.

See: https://forum.cloudron.io/post/52997

@nostrdev So glad you listened when we chatted about that too! Welcome.