Configure direct-delivery incoming email for self-hosted sites with Mail-Receiver

Documentation Self-Hosting
, , ,
532

How exactly does one disable the DMARC support?

I.e., adding INCLUDE_DMARC: false to the env section of mail-receiver.yml does not seem to do it. This does appear to cause the opendkim and opendmarc daemons to not run (leading to a warning in the logs), but SPF checking is still being performed.

Edited to add:
I think I managed to disable the SPF checks by also adding the following POSTCONF_ line to the env section:

env:
  ...
  INCLUDE_DMARC: false
  POSTCONF_smtpd_recipient_restrictions: check_policy_service unix:private/policy
  ...

I got this by looking at the commit which introduced the DMARC checks, and seeing what should happen when INCLUDE_DMARC is false.

I know next-to-nothing about how docker images are built, but I am getting the impression that the INCLUDE_DMARC flag is something meant to be set by someone else, somewhere else, at some other time — not something that can be done in mail-receiver.yml.

2 Likes
533

I’ve found the need to open port 443 on ufw — I got API Request Preparation Failed in the logs otherwise. I thought this is best mentioned because the standard installation instructions mention enabling ufw.

Port 25 is mentioned in the mail-receiver.yml and seems to bypass ufw.

1 Like
534

Should the GitHub repo be in the OP?

3 Likes
535

Users of mail-receiver, please see Remove smtp_should_reject & discourse-smtp-fast-rejection

We’re going to remove fast-rejection entirely as the original feature was broken and causing problems for users, specifically this kind of thing:

and it also affects forwarded mail as the pre-delivery test was checking the envelope-from and envelope-to, whereas Discourse uses only the values in headers.

1 Like
536

I just submitted this PR to remove the unnecessary quotes around DISCOURSE_BASE_URL value in the mail-receiver.yml sample file. The quotes were breaking my setup. Getting rid of the quotes allows for successful completion of this document.

537

Can you explain how? The presence/absence of quotes around this value yields no difference:

[2] pry(main)> YAML::load("env:\n  DISCOURSE_BASE_URL: 'https://discourse.example.com'")
=> {"env"=>{"DISCOURSE_BASE_URL"=>"https://discourse.example.com"}}

[3] pry(main)> YAML::load("env:\n  DISCOURSE_BASE_URL: https://discourse.example.com")
=> {"env"=>{"DISCOURSE_BASE_URL"=>"https://discourse.example.com"}}
538

When tailing the logs from that container and sending messages to it, I was seeing a bunch of errors mentioning something like discourse.example.com is not part of MX records or such. I removed the quotes, rebuilt the container and it started working :person_shrugging:

The sequence of events may matter too:

  1. I configured and launched the mail-receiver container
  2. Some days later I got the MX DNS records going
  3. I validated that MX records were set correctly and then started testing. It wasn’t working - postfix was seeing the messages, but not delivering to discourse, complaining about MX
  4. Removed quotes, rebuilt container, started working

So I’m not sure if the resolution was related to the removal of quotes, or the rebuild of container after MX records were created.

Worst case the PR makes the yml look consistent :slight_smile:

1 Like