Email sending errors

iamthefij

Not sure if this is effecting other apps than Vaultwarden right now, but when I send an email I'm getting an error. If I send a test email from the admin interface, the logs on the Email server show:

Aug 09 09:35:58 [NOTICE] [CD43F71D-77D4-4615-8955-474CFD81836B] [core] connect ip=x.x.x.x port=41932 local_ip=x.x.x.x local_port=2525
Aug 09 09:35:58 [INFO] [CD43F71D-77D4-4615-8955-474CFD81836B] [helo.checks] multi: true, skip:proto_mismatch(private), host_mismatch(private)
Aug 09 09:35:58 [INFO] [-] [cloudron] (cn=bitwarden@example.com,ou=sendmail,dc=cloudron) cn=bitwarden@example.com, ou=sendmail, dc=cloudron
Aug 09 09:35:58 [NOTICE] [CD43F71D-77D4-4615-8955-474CFD81836B] [cloudron] delaying for 1 seconds
Aug 09 09:35:59 [INFO] [CD43F71D-77D4-4615-8955-474CFD81836B] [core] hook=unrecognized_command plugin=cloudron function=hook_unrecognized_command params=AUTH retval=OK msg=""
Aug 09 09:35:59 [INFO] [CD43F71D-77D4-4615-8955-474CFD81836B] [core] client half closed connection ip=x.x.x.x
Aug 09 09:35:59 [NOTICE] [CD43F71D-77D4-4615-8955-474CFD81836B] [core] disconnect ip=x.x.x.x rdns=ccec216e-cf35-4df3-ad1b-9e18b59502c5.cloudron helo=ccec216e-cf35-4df3-ad1b-9e18b59502c5 relay=N early=N esmtp=Y tls=N pipe=N errors=0 txns=0 rcpts=0/0/0 msgs=0/0/0 bytes=0 lr="535 5.7.8 Authentication failed" time=1.022

To debug, I tried to send using swaks and got an error as well:

root@ccec216e-cf35-4df3-ad1b-9e18b59502c5:/app# swaks --server "${CLOUDRON_MAIL_SMTP_SERVER}" -p "${CLOUDRON_MAIL_SMTP_PORT}" --from "${CLOUDRON_MAIL_FROM}" --body "Test mail from cloudron app at $(hostname -f)" --auth-user "${CLOUDRON_MAIL_SMTP_USERNAME}" --auth-password "${CLOUDRON_MAIL_SMTP_PASSWORD}"
To: ian@example.com
=== Trying mail:2525...
=== Connected to mail.
<-  220 my.example.com ESMTP Haraka/2.8.27 ready
 -> EHLO ccec216e-cf35-4df3-ad1b-9e18b59502c5
<-  250-my.iamthefij.com Hello ccec216e-cf35-4df3-ad1b-9e18b59502c5.cloudron [x.x.x.x]Haraka is at your service.
<-  250-PIPELINING
<-  250-8BITMIME
<-  250-SMTPUTF8
<-  250-SIZE 26214400
<-  250 AUTH LOGIN PLAIN
 -> AUTH LOGIN
<-  334 VX<somehash>WU6
 -> Kml0<somehash>oZWZpai5jb20=
<-  334 UGFzc3dvcmQ6
 -> ATkOT<somehash>M3Y2ExMWMzMTk1
<** 535 5.7.8 Authentication failed
 -> AUTH PLAIN UEOpdHdhcmRlbkBpY<somehash>MjUxZGM0OWFjN2NhMTFjMzE5NQ==
<** 535 5.7.8 Authentication failed
*** No authentication type succeeded
 -> QUIT
<-  221 my.example.com closing connection. Have a jolly good day.
=== Connection closed with remote host.

Email addon logs

Aug 09 09:38:21 [NOTICE] [AE97B67D-E5F8-47A8-9E07-B664151018A6] [core] connect ip=x.x.x.x port=42596 local_ip=x.x.x.x local_port=2525
Aug 09 09:38:21 [INFO] [AE97B67D-E5F8-47A8-9E07-B664151018A6] [helo.checks] multi: true, skip:proto_mismatch(private), host_mismatch(private)
Aug 09 09:38:21 [INFO] [AE97B67D-E5F8-47A8-9E07-B664151018A6] [core] hook=unrecognized_command plugin=cloudron function=hook_unrecognized_command params=AUTH retval=OK msg=""
Aug 09 09:38:21 [INFO] [AE97B67D-E5F8-47A8-9E07-B664151018A6] [core] hook=unrecognized_command plugin=cloudron function=hook_unrecognized_command params="Kml0<somehash>oZWZpai5jb20=" retval=OK msg=""
Aug 09 09:38:21 [INFO] [-] [cloudron] (cn=bitwarden@example.com,ou=sendmail,dc=cloudron) cn=bitwarden@example.com, ou=sendmail, dc=cloudron
Aug 09 09:38:21 [NOTICE] [AE97B67D-E5F8-47A8-9E07-B664151018A6] [cloudron] delaying for 1 seconds
Aug 09 09:38:22 [INFO] [AE97B67D-E5F8-47A8-9E07-B664151018A6] [core] hook=unrecognized_command plugin=cloudron function=hook_unrecognized_command params=ATkOT<somehash>M3Y2ExMWMzMTk1 retval=OK msg=""
Aug 09 09:38:22 [INFO] [-] [cloudron] (cn=bitwarden@example.com,ou=sendmail,dc=cloudron) cn=bitwarden@example.com, ou=sendmail, dc=cloudron
Aug 09 09:38:22 [NOTICE] [AE97B67D-E5F8-47A8-9E07-B664151018A6] [cloudron] delaying for 2 seconds
Aug 09 09:38:24 [INFO] [AE97B67D-E5F8-47A8-9E07-B664151018A6] [core] hook=unrecognized_command plugin=cloudron function=hook_unrecognized_command params=AUTH retval=OK msg=""
Aug 09 09:38:24 [NOTICE] [AE97B67D-E5F8-47A8-9E07-B664151018A6] [core] disconnect ip=x.x.x.x rdns=ccec216e-cf35-4df3-ad1b-9e18b59502c5.cloudron helo=ccec216e-cf35-4df3-ad1b-9e18b59502c5 relay=N early=N esmtp=Y tls=N pipe=N errors=0 txns=0 rcpts=0/0/0 msgs=0/0/0 bytes=0 lr="535 5.7.8 Authentication failed" time=3.043

It looks to me like maybe the credentials that are being passed to my application are potentially invalid. I'm not sure how to cycle this or test another way.

iamthefij

Just verified that my Wekan instance can send emails just fine. So something to do with my Vaultwarden instance in particular.

girish

I am getting emails from Vaultwarden just fine here but this is a new instance though. Which package version are you on?

girish

Also, I can confirm the swaks command did work in my case. Can you check if you see any errors in the LDAP i.e /home/yellowtent/platformdata/logs/box.log should show any errors ?

iamthefij

@girish I didn't see any relevant logs there when attempting to send an email. Just a bunch of health monitor checks.

girish

So, a first step would be to check if the password/credentials in the database and in the container are the same. For the credentials in the database, you can check like this:

• In SSH, mysql -uroot -ppassword . Then, use box. Then SELECT * from appAddonConfigs WHERE appId="theappid" . That should match the env | grep CLOUDRON_MAIL_SMTP output .

iamthefij

@girish creds in mysql and env both match. Does the mail server authenticate using mysql directly?

girish

@iamthefij mail server authenticates via LDAP and doesn't contact mysql directly.. I can't quite make out what the issue can be, do you think you can give me access to the server and send a mail to support@ and I can try to investigate?

Also, can you quickly check if this happens if you make a new Vaultwarden install?

potemkin_ai

@girish I seems to get the same error: just created new user on the already up and running server with quite a few working mailboxes and I can't send messages from that user.

Here is the log when I tried to configure another CloudRon to use my mail CloudRon for sending mails:

Sep 22 10:14:51 [INFO] [-] [cloudron] (cn=donotreply_box@domain.name,ou=sendmail,dc=cloudron) cn=donotreply_box@domain.name, ou=sendmail, dc=cloudron
Sep 22 10:14:51 [NOTICE] [B4B964A8-A30C-4FBF-944D-33E8625DC37F] [cloudron] delaying for 1 seconds
Sep 22 10:14:52 [INFO] [B4B964A8-A30C-4FBF-944D-33E8625DC37F] [core] hook=unrecognized_command plugin=cloudron function=hook_unrecognized_command params=AUTH retval=OK msg=""
Sep 22 10:14:52 [INFO] [B4B964A8-A30C-4FBF-944D-33E8625DC37F] [core] client half closed connection ip=178.22.67.253
Sep 22 10:14:52 [NOTICE] [B4B964A8-A30C-4FBF-944D-33E8625DC37F] [core] disconnect ip=178.22.67.253 rdns=my.box.domain.name helo=[127.0.0.1] relay=N early=N esmtp=Y tls=Y pipe=N errors=0 txns=0 rcpts=0/0/0 msgs=0/0/0 bytes=0 lr="535 5.7.8 Authentication failed" time=1.073

Cloud-as-a-mail client report this message: Invalid login: 535 5.7.8 Authentication failed

As mentioned, there are dozens of other mailboxes on that server, and all was working just fine.

Cloudron v6.3.6, unfortunately, I would rather not provide SSH access, if possible.

Tried to configure this account on Thunderbird, but it also can't send anything - also due to the login issues.

No errors on the platform logs:

$ sudo tail -5 /home/yellowtent/platformdata/logs/box.log
2021-09-22T07:33:00.011Z box:apphealthmonitor app health: 0 alive / 0 dead.
2021-09-22T07:33:10.007Z box:apphealthmonitor app health: 0 alive / 0 dead.
2021-09-22T07:33:20.003Z box:apphealthmonitor app health: 0 alive / 0 dead.
2021-09-22T07:33:30.005Z box:apphealthmonitor app health: 0 alive / 0 dead.
2021-09-22T07:33:40.005Z box:apphealthmonitor app health: 0 alive / 0 dead.

Any clue?

potemkin_ai

@potemkin_ai in my case, as it's turned out, the issue was due to the fact that I created user, but not his mailbox