This appears to be a case of https://forum.cloudron.io/post/6533 . Applying the linked setting change fixed the issue.
Best posts made by Peter Newman
-
RE: SMTP rejected for some users
-
RE: Upcoming apps
Rocketchat group calls are also using Jitsi, so including that would be a big plus for us.
-
SMTP rejected for some users
For some of our users, their SMTP connections are being denied, with:
902 Host names have more than one DNS label
This error appears to come from https://codeclimate.com/github/msimerson/Haraka/plugins/helo.checks.js/source
I don't know how to walk them through finding out what HELO their device is sending to validate it, but it seems related to the plugin.cfg.reject.valid_hostname setting. Did this change in 5.0.3 ?
-
RE: Custom Wildcard Certifiate not applied to email
@girish Thank you, the workaround worked.
I grabbed out the certs that were there before. I don't know if it would help to attach them, but they look like standard Lets Encrypt Authority X3 issued certs.
Latest posts made by Peter Newman
-
RE: Custom Wildcard Certifiate not applied to email
@girish Yes I did, and the problem with the certificates is now fixed. Thank you!
-
RE: Custom Wildcard Certifiate not applied to email
@girish Actually, I just double-checked and the update didn't install. I'd seen it was in the process of installing, then had finished, so had assumed I was on 5.5, but I'm still using 5.4 . I've retriggered the update process and will test again if it finishes.
Edit: Hmm, it ran and again failed, but I refreshed the page before clicking to get the logs, and the nightly scheduled update had started! The displayed message was something like "failed with signal null".
Edit: Ah, I was able to grab the log (and the log of cloudton-updater) and found the problem. A little while ago, I'd started installing a tool used by my hosting provider, without realizing it was going to trigger an apt update etc, which Cloudron specifically warns against. I broke out of it, but it seems I left dpkg with unconfigured packages. I've fixed that now, and am trying the update again.
-
RE: Custom Wildcard Certifiate not applied to email
@girish I'm still getting the same behaviour, and having to reapply the manual change whenever a app updates.
-
RE: Custom Wildcard Certifiate not applied to email
Great, I'm looking forward to it.
So you know, the old certificate got put back into place and I had to re-apply the manual change.
Do you know what circumstances cause the cert to be reevaluated? For example, adding applications? Or is it just something that will happen on a regular schedule? -
RE: Custom Wildcard Certifiate not applied to email
@girish Yes, that was the case.
-
RE: Custom Wildcard Certifiate not applied to email
@girish Thank you, the workaround worked.
I grabbed out the certs that were there before. I don't know if it would help to attach them, but they look like standard Lets Encrypt Authority X3 issued certs.
-
RE: Custom Wildcard Certifiate not applied to email
@girish OK, I've just tried that (for the main domain), but I'm not seeing any change.
This is affecting both incoming SMTP (so is domain agnostic at that point), as well as IMAP (which I assume also uses STARTTLS or equivalent before using a specific domain login).
If it's helpful, I'm familiar enough with sysadmin to be able to access the docker container command line and such, to get more information/apply changes.
Edit: I also just tried cycling the mail service, in case the change hadn't applied yet.
Edit: I also just tried disabling email across all domains (which did disable the mail service, based on the SSL test), but as soon as I re-enabled it for the main domain, the same error occurred.
-
Custom Wildcard Certifiate not applied to email
We're using custom wildcard certificates for all our domains. When we made this switch, email didn't change to using the new certificate, and kept using the Lets Encrypt cert.
This cert has now expired. I've found various issues in the past similar to this, and tries those fixes (add new domain then remove it, restart email service), but the issue persists.
-
RE: SMTP rejected for some users
This appears to be a case of https://forum.cloudron.io/post/6533 . Applying the linked setting change fixed the issue.
-
SMTP rejected for some users
For some of our users, their SMTP connections are being denied, with:
902 Host names have more than one DNS label
This error appears to come from https://codeclimate.com/github/msimerson/Haraka/plugins/helo.checks.js/source
I don't know how to walk them through finding out what HELO their device is sending to validate it, but it seems related to the plugin.cfg.reject.valid_hostname setting. Did this change in 5.0.3 ?