Forward Email with SES, Got "554 Message rejected: Email address is not verified"

Thanks to everyone who gave me suggestions. I finally found a solution. ChatGPT provided misleading information—actually, the 'From' field can be modified. Here is the Sieve filter I ultimately used.

require ["editheader", "variables", "copy"];

if true {
    if header :matches "From" "*" {
        set "original_from" "${0}";
    } else {
        set "original_from" "unknown@domain.com";
    }

    deleteheader "Reply-To";
    addheader "Reply-To" "${original_from}";

    deleteheader "From";
    deleteheader "DKIM-Signature";

    addheader "From" "Forwarder <forwarder@mydomain.com>";
    addheader "X-Original-From" "${original_from}";

    redirect "myemail@gmail.com";

    keep;
}

@scooke Yes, I have control over mydomain.com and can set DNS entries.

I use the Email server of Cloudron. I first tried forward with Email list within Cloudron Email. (create Email list b@mydomain.com and distribute to c@gmail.com) It has the same issue. SES refuse to send the Email since From is a@gmail.com.

Since this doesn't work, I created the Snappymail web client and hope it can support more advanced forward feature.

I am not familiar with sieve, ChatGPT said Sieve cannot change to "From" in header.

@scooke Yes, I guess I can verify a@gmail.com in SES, but that's not what I want.

I would like to forward all Emails sending to b@mydomain.com to my own Gmail. a@gmail.com is just used for testing.

I hope there is an Email forwarding fuction works like "Forward" of regular Email client.

I am trying to setup an Email account with my domain, and forward all incoming mails to my Gmail account. I tried two methods:

1. Set up a mail list in Cloudron Email, and add my Gmail address as list member
2. Create the Email address, and set up simple filter in SnappyMail, forward all mails to my Gmail address

When testing, I use a@gmail.com to send an Email to b@mydomain.com and expects the mail is forwarded to c@gmail.com. I encountered the same error for both approaches. When Cloudron send Email with SES, SES rejected because it cannot verify a@gmail.com as sender.

554 Message rejected: Email address is not verified.
The following identities failed the check in region US-EAST-1: A <a@gmail.com>

I checked Sieve tutorial, looks like Sieve will also use the original "From" for redirect. Is there anyway I can forward the Email without replacing SES?

Thanks!

Hi there,

According to the security advisory (https://confluence.atlassian.com/security/cve-2023-22522-rce-vulnerability-in-confluence-data-center-and-confluence-server-1319570362.html) Confluence Data Center and Server should update to 8.5.4.

Current version in Cloudron is 8.5.3.

Thanks!

thanks for the prompt update!

Hi there,

According to the security advisory (https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html) Confluence Data Center and Server should update to 8.5.3 ASAP. Current version in Cloudron is 8.5.2.

Thanks!

Hi community,

I am affected by this bug introduced in 8.0.0 and fixed in 8.0.4: https://jira.atlassian.com/browse/CONFSERVER-81330

The latest packaged version is 2.22.0 (Confluence 8.0.2) which is affected by it. To avoid the bug, I have been using the last major version 7.20 for half year.

I will highly appreicate if anyone can package the latest version Confluence.

Thanks
Chang

Thank you very much!

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability

Released versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1 which contain a fix for this issue.

Current latest version on Cloudron is 7.18.0

https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html

@girish Thank you, it works!

Migrate Confluence from Cloud to Server might be tricky because you need to reset the admin password in recovery mode. And the official doc doesn't work on a Cloudron instance. Here is how I made it.

Prerequisite:

1. Install cloudron cli npm install -g cloudron
2. Login to your cloudron cloudron login my.domain.com

Export data from Confluence Cloud and import data to Confluence Server:

1. In Confluence Cloud, go to Settings - Backup Manager - Create backup for server. Download the zip file.
2. Install Confluence app on Cloudron
3. Resize the app memory limit to 6GB (Strongly advise to avoid import failure)
4. Use web terminal to get database parameter: cat /app/data/credentials.txt
5. Open your Confluence, setup database connection, import the backup zip file.

After import succeed, you will need to login to Confluence, but the old password doesn't work. Follow these steps to reset admin password:

1. Enable debug mode of your app cloudron debug --app confluence.domain.com
2. Get a shell to your app's docker cloudron exec --app confluence.domain.com
3. Edit file vim /home/cloudron/confluence/bin/setenv.sh
4. Add CATALINA_OPTS="-Datlassian.recovery.password=your_random_password" to the end of file, after the last CATALINA_OPTS line. Save.
5. Start confluence by run /home/cloudron/start.sh
6. Login your confluence with username recovery_admin and the password in step 4.
7. The Confluence site seems empty and ask you to create a space. Don't worry, create a new space.
8. Open Settings - User Management, list all users. Find your old admin user, reset password and add it to all admin groups.
9. Logout, and try login with your admin user. It works!
10. Delete the the CATALINA_OPTS added in setenv.sh
11. Exit from app docker. Disable debug mode by running cloudron debug --disable --app configure.domain.com. Wait the app restart.
12. Your Confluence is ready!

Reference:

• Confluence Official: Migrate from Confluence Cloud to Server
• How to edit file in /home/cloudron

@robi I tried, but it told me it's a read-only file system.

For example:

root@2a790adb-5abf-431b-9fc0-9a27912311a8:/home/cloudron# touch a
touch: cannot touch 'a': Read-only file system

I am trying to setup a Confluence instance and migrate data from Confluence Cloud.

After imported the data successfully, I cannot login with my username & password. I found a post about how to restore password. And I guess this is the reason:

You've imported a site from Cloud, and it does not contain a system administrator account.

So I followed this post to restore my access. It ask me to modify <installation-directory>/bin/setenv.sh and the file is located at /home/cloudron/confluence/bin/setenv.sh.

However, the file cannot be updated. I understand it's the security mechanism of Cloudron, but is there any way I can update the file temporarily?

Hi there,

I am a translator of Cloudron and found following strings I couldn't understand. I tried but cannot find them in my Cloudron instance. Could you please attach related screenshots to weblate so I can understand them by context?

• appstore.accountDialog.intendedUse
• backups.configureBackupStorage.s3LikeNote
• emails.eventlog.type.spamFilterTrained

Best,
Chang