Cloudron Forum

@scooke Solution was deleting a buch of files from path: /home/yellowtent/boxdata/mail/haraka-queue that files were created past Jan-06. On that day we had an account hijacked that started sending out spam. I deactivated the account and it was working fine until past feb-16th, when email service started to crash. HTH.

@robi yes!

@skmgo Haraka feature requests have to go upstream - https://github.com/haraka/Haraka . This is a feature request for Cloudron (which uses Haraka internally).

@girish Sure that's completely understandable, thanks for the reply. Given that neither mailman or SYMPA seems straightforward to implement in Cloudron I might revive this thread to add a basic moderation function to Cloudron mailing list. I believe for security purpose this is the main missing feature and the proposed approached may not be too hard to implement with the current backend(?). What users still won't get is the ability for members to subscribe and unsubscribe by themselves, but an admin can do that manually so at least it is doable. Another thing that would be nice is to be able to create a list from a Cloudron Group (i.e. mailing list that contains emails of everyone in a group and that gets updated each time you add or remove a user from a group). I don't know how your database works and how easy that might be to implement. What do you reckon? (Again this can be done manually so not as important as moderation, but just something that would be nice and possibly doable if the info are easily retrievable from the user database in the backend.)

@girish Yes there are definitely more than 20 events, and the Next page still works to load more, it's just that dropdown to change how many records are shown at once which has an issue. I just updated to 7.0.3 so will try soon, unfortunately it seems the email logs were cleared after update, so there's no records in there at all now.

@d19dotca great catch! I was a bug in the client side code. It is fixed now and will be part of next release.

@eddowding If you like you can patch the file in /home/yellowtent/box/src/mail.js and systemctl restart box.

@luckow Yes, similar view to the aliases ones where all are listed for the mailbox user.

I didn't know Argo tunnels were free. So one can hide the mail service and put it thru an Argo tunnel on a subdomain to the world. https://docs.ibracorp.io/all-guides-in-order/documentation/cloudflare-tunnel Similarly one can have another domain and IP handle the incoming, which is tunneled to you via Tailscale. https://docs.ibracorp.io/all-guides-in-order/documentation/tailscale

@murgero re-read, my response remains the same, sorry. You know the way security scanners (or script-kiddies) works, it's to scan the network (Internet), get hosts and they software; if there is zero-day on CloudRon or other not disclosed vulnerability, apply it across the hosts. Having DNS records showing that there is CloudRon here means you don't even need to scan for the ports, which just simplify things. Hope that helps to understand my response here.

I have also added Service events in the event log for the next release. So, this way, we can know if the service was automatically restarted after cert update.

@marcusquinn as @robi said, there is no such limitation of having a single app on that domain.

@murgero thank you!

@girish ah alright, that sent me down the right path. needed to switch from encoded body to raw JSON and that cleared it up. thank you!

@austinsonger Regarding Linode and Mail - default is blocked by Linode: https://www.linode.com/docs/guides/running-a-mail-server/ Sending Email on Linode In an effort to fight spam, Linode restricts outbound connections on ports 25, 465, and 587 on all Linodes for new accounts created after November 5th, 2019. If you have a need to send mail from your Linode, we ask that you first configure (1) valid DNS A records and (2) rDNS records for any Linodes that you plan to use to send mail. Then, open a Support ticket from the Linode Manager – we’ll ask you to provide the name of the Linode(s) that will be used for mailing. Once you’ve completed those steps and provided that information, our Support team will be happy to review your request.

Closed due to inactivity and was not reported any further

@nebulon Thanks

@scooke we have traced this down to a nodejs bug apparently with the domain in question. The upstream issue is at https://github.com/nodejs/node/issues/39397

Good notes to follow up when we look into email in the next release. IIRC, whitelist setting is a bit dangerous because it allows "spoofed" emails as it pretty much bypasses all the SPF/DMARC/DKIM checks. Meaning, Cloudron does not reject mail if those checks do not pass because there are too many misconfigured mail servers out there. Instead we tag the failures and allow spamassassin to score the rules. whitelisting makes spamassassin bypass the checks altogether.

@d19dotca Ah good point about editing those files. In the next release, I am hoping to make the filemanager be able to edit mail data (so admins can setup sieve rules etc for a mailbox), so this will atleast partly fix that issue.