Inbound mail is not handled anymore due to invalid API key


(Bart) #1

I just realised that I’m no longer seeing any bounces being handled. When checking my mail log, I see the following line for each incoming email:

Failed to POST the e-mail to https://blenderartists.org/admin/email/handle_mail: 404

This has been going on for 4 days. I just did a rebuild to latest and I see the same thing happening.


(Matt Palmer) #2

What changed four days ago? What do the app logs say?


(Bart) #3

I then did a rebuild also. It just seems like that /admin/email/handle_email route is gone - I can’t access it from a browser either.

Edit: hang on, I missed your question about app logs. Will dig that up now.


(Matt Palmer) #4

Could you access it from a browser before?


(Bart) #5

Ah that was useful. Apparently nginx is rate-limiting my own IP address:

2018/05/17 04:48:41 [error] 312#312: *5257301 limiting requests, excess: 100.873 by zone "bot", client: xxxxx, server: _, request: "POST /admin/email/handle_mail?api_key=xxxxx&api_username=system HTTP/1.1", host: "blenderartists.org"

This is uncharted area for me; any thoughts on how I can fix this?


(Bart) #6

Looking a little deeper, I also see this in production.log:

Started POST "/admin/email/handle_mail?api_key=[FILTERED]&api_username=system" for xxx at 2018-05-17 05:57:37 +0000
ActionController::RoutingError (No route matches [POST] "/admin/email/handle_mail")

Perhaps the rate-limiting was a secondary effect of a missing route, causing many retries?


(Régis Hanol) #7

Pretty sure that route is still there. We use it here on meta and receive lots of :email:️ every day.


(Bart) #8

Gotcha. Is there a way to print the active routes? I do still see handle_email in config/routes.db, but I’m not sure where to do from there to debug this.


(Régis Hanol) #9

Is your API key properly working? You might get a 404 because the request isn’t being authenticated to an admin account?


(Bart) #10

YES! That was it! My API key had disappeared from the admin, very strange.

Thanks for your help Régis!

And for what it’s worth, wouldn’t an ‘401 unauthorized’ response be better in this case than a ‘404 not found’?