我犯了这个错误,在 mail-receiver.yml 文件中留下了 discourse.example.com。
我现在已经修复了这个问题,但 mail-receiver 似乎没有“获取”到新的详细信息。
如何“重置”mail-receiver(例如,等效于 ./launcher rebuild app 的命令是什么?)。
编辑:我没有仔细阅读前面的帖子,命令是 ./launcher rebuild mail_receiver。
1 个赞
我现在遇到了一个更严重的问题,mail-receiver 无法将邮件投递到 Discourse——我尝试搜索帮助,但没有成功。
日志:
Starting Postfix
12月14日 03:12:32 forum-mail-receiver postfix/master[1]: daemon started -- version 3.5.6, configuration /etc/postfix
12月14日 03:15:47 forum-mail-receiver postfix/smtpd[113]: connect from mail-pl1-f169.google.com[209.85.214.169]
12月14日 03:15:47 forum-mail-receiver postfix/smtpd[113]: 821CB37A659: client=mail-pl1-f169.google.com[209.85.214.169]
12月14日 03:15:47 forum-mail-receiver postfix/smtpd[113]: 821CB37A659: message-id=<602f2194be912e92b969eacf5eac26e2@frontapp.com>
12月14日 03:15:47 forum-mail-receiver postfix/qmgr[98]: 821CB37A659: from=<[my personal email address]>, size=4086, nrcpt=1 (queue active)
<23>12月14日 03:15:47 receive-mail[122]: Recipient: nobody@[my forum URL]
12月14日 03:16:20 forum-mail-receiver postfix/smtpd[113]: disconnect from mail-pl1-f169.google.com[209.85.214.169] ehlo=1 mail=1 rcpt=1 bdat=1 quit=1 commands=5
<19>12月14日 03:16:47 receive-mail[122]: Failed to POST the e-mail to [my forum URL]/admin/email/handle_mail: execution expired (Net::OpenTimeout)
<19>12月14日 03:16:47 receive-mail[122]: /usr/lib/ruby/2.7.0/net/http.rb:960:in `initialize'
/usr/lib/ruby/2.7.0/net/http.rb:960:in `open'
/usr/lib/ruby/2.7.0/net/http.rb:960:in `block in connect'
/usr/lib/ruby/2.7.0/timeout.rb:105:in `timeout'
/usr/lib/ruby/2.7.0/net/http.rb:958:in `connect'
/usr/lib/ruby/2.7.0/net/http.rb:943:in `do_start'
/usr/lib/ruby/2.7.0/net/http.rb:932:in `start'
/usr/lib/ruby/2.7.0/net/http.rb:1483:in `request'
/usr/local/lib/site_ruby/mail_receiver/discourse_mail_receiver.rb:43:in `process'
/usr/local/bin/receive-mail:13:in `<main>'
12月14日 03:16:47 forum-mail-receiver postfix/pipe[121]: 821CB37A659: to=<nobody@[my forum URL]>, relay=discourse, delay=60, delays=0.17/0.01/0/60, dsn=4.3.0, status=deferred (temporary failure)
12月14日 03:17:32 forum-mail-receiver postfix/qmgr[98]: 7C67437A663: from=<[my personal email address]>, size=4093, nrcpt=1 (queue active)
有什么想法可能导致这个问题吗?
mail-receiver.yml 文件是有效的,并且我已经检查了拼写错误:
这是我的 API 密钥范围:
邮件已经进入 mail-receiver,但它只是停留在 mailq 中:
或者,有没有办法完全删除邮件接收器容器并重新开始?
问题可能在于您没有设置API密钥
(Net::OpenTimeout)
这就是您的问题。邮件接收器无法访问您的论坛 URL。因此,您要么某个地方的 URL 有误,要么 Docker 中存在邮件接收器和您的论坛之间的网络问题。我认为是这样。
我该如何进一步排查问题?
ping forum.[mydomain].co.nz 从 mailq 内部显示:
64 bytes from [ip].vultrusercontent.com ([ip]): icmp_seq=1 ttl=64 time=0.113 ms
64 bytes from [ip].vultrusercontent.com ([ip]): icmp_seq=2 ttl=64 time=0.074 ms
64 bytes from [ip].vultrusercontent.com ([ip]): icmp_seq=3 ttl=64 time=0.069 ms
依此类推,表明连接成功。
forum.[mydomain].co.nz 是论坛托管的地方,并且此 URL 在 MAIL_DOMAIN 和 DISCOURSE_MAIL_ENDPOINT 中使用。
仔细查看 mail-receiver.yml 设置,我是否遗漏了任何应有的引号或 https://?
## this is the incoming mail receiver container template
##
## After making changes to this file, you MUST rebuild
## /var/discourse/launcher rebuild mail-receiver
##
## BE *VERY* CAREFUL WHEN EDITING!
## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
## visit http://www.yamllint.com/ to validate this file as needed
base_image: discourse/mail-receiver:release
update_pups: false
expose:
- "25:25" # SMTP
env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
## Where e-mail to your forum should be sent. In general, it's perfectly fine
## to use the same domain as the forum itself here.
MAIL_DOMAIN: forum.[domain].co.nz
# uncomment these (and the volume below!) to support TLS
# POSTCONF_smtpd_tls_key_file: /letsencrypt/discourse.example.com/discourse.example.com.key
# POSTCONF_smtpd_tls_cert_file: /letsencrypt/discourse.example.com/fullchain.cer
# POSTCONF_smtpd_tls_security_level: may
## The URL of the mail processing endpoint of your Discourse forum.
## This is simply your forum's base URL, with `/admin/email/handle_mail`
## appended. Be careful if you're running a subfolder setup -- in that case,
## the URL needs to have the subfolder included!
DISCOURSE_MAIL_ENDPOINT: 'https://forum.[domain].co.nz/admin/email/handle_mail'
## The master API key of your Discourse forum. You can get this from
## the "API" tab of your admin panel.
DISCOURSE_API_KEY: 639[rest of API key]884ef
## The username to use for processing incoming e-mail. Unless you have
## renamed the `system` user, you should leave this as-is.
DISCOURSE_API_USERNAME: system
volumes:
- volume:
host: /var/discourse/shared/mail-receiver/postfix-spool
guest: /var/spool/postfix
# uncomment to support TLS
# - volume:
# host: /var/discourse/shared/standalone/letsencrypt
# guest: /letsencrypt
您是在容器内运行 ping 命令吗?也就是说,在运行 ./launcher enter mail-receiver 之后?
另外值得注意的是,ping(通常是 ICMP)与连接到 http/https(TCP)不同,并且可能因网络配置中的许多因素而表现不同。
我建议在进入容器后尝试使用 curl 来查看它是否可以通过 https 连接到您的论坛,例如:
cd /var/discourse
./launcher enter mail-receiver
curl -v https://forum.[domain].co.nz
如果成功,它将打印一堆 HTML。如果失败,它将显示一些错误,并且 -v 会在过程中打印大量信息,这可能有助于揭示失败的原因。
如果失败了,也值得尝试在容器外运行相同的 curl 命令,以确定问题是特定于容器还是普遍存在于宿主系统。
3 个赞
感谢 @Simon_Manning,非常感谢您的帮助!我不知道通过 ping 的连接不一定等同于通过 curl 的连接。
我正在容器内运行 ping,并且成功了。
我按照您的指示在容器内运行了 curl,但失败了:
root@forum:/var/discourse# ./launcher enter mail-receiver
x86_64 arch detected.
WARNING: containers/mail-receiver.yml file is world-readable. You can secure this file by running: chmod o-rwx containers/mail-receiver.yml
bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
root@forum-mail-receiver:/# curl -v https://forum.[domain].co.nz
* Trying [IPv4 address]:443...
* Trying [IPv6 address]:443...
* Immediate connect fail for [IPv6 address]: Cannot assign requested address
* connect to [IPv4 address] port 443 failed: Connection timed out
* Failed to connect to forum.[domain].co.nz port 443: Connection timed out
* Closing connection 0
curl: (28) Failed to connect to forum.[domain].co.nz port 443: Connection timed out
然后我运行了 exit,接着再次运行 curl,得到了:
root@forum:/var/discourse# curl -v https://forum.[domain].co.nz
* Trying 127.0.1.1:443...
* Connected to forum.[domain].co.nz (127.0.1.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
...and so on.
看起来问题出在容器本身,而不是宿主机系统——有什么想法吗?
我也已经向 Vultr(此实例的 VPS 提供商)开了一个支持工单,看看是否是他们那端的问题!
Docker 会为容器创建虚拟网络,如果没有指定网络,容器将使用默认网络。这个默认网络不允许容器间通信。
通常这对于 mail-receiver 来说没问题,因为你的 Discourse 容器会在该网络之外暴露端口 443,当 mail-receiver 尝试连接到 1.2.3.4 时,它将离开 Docker 网络。主机系统(或更远的网络)会意识到它只需要再次进来,最终会从外部进入 Discourse 容器。
我想到了两种可能性。一种是 mail-receiver 在查找域名时以某种方式感知到了 Discourse 容器的 IP,因此阻止了容器内部连接。我认为这不太可能。
另一种是主机系统上的防火墙阻止了连接从一个容器离开并进入另一个容器。Vultr 可能会使用导致这种情况的默认防火墙规则,或者我隐约记得 Docker 默认会在 UFW 中安装一些规则,如果使用了 UFW,这可能与之有关。
2 个赞
您不能使用 https,因为您没有取消注释这些行:
这只适用于邮件服务器端的 TLS 支持,即其他邮件服务器能够通过 TLS 向 mail-receiver 发送电子邮件。
值得这样做,因为 Discourse 容器显然有一个证书,但不应影响 mail-receiver 连接到 Discourse。如果重建恰好纠正了容器网络中的某些内容,则有可能。
谢谢,我取消了那些行的注释,以及 volume 的那一行。
我的 mail-receiver.yml 文件现在看起来是这样的:
root@forum:/var/discourse# cat containers/mail-receiver.yml
## this is the incoming mail receiver container template
##
## After making changes to this file, you MUST rebuild
## /var/discourse/launcher rebuild mail-receiver
##
## BE *VERY* CAREFUL WHEN EDITING!
## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
## visit http://www.yamllint.com/ to validate this file as needed
base_image: discourse/mail-receiver:release
update_pups: false
expose:
- "25:25" # SMTP
env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
## Where e-mail to your forum should be sent. In general, it's perfectly fine
## to use the same domain as the forum itself here.
MAIL_DOMAIN: forum.[domain].co.nz
# uncomment these (and the volume below!) to support TLS
POSTCONF_smtpd_tls_key_file: /letsencrypt/forum.[domain].co.nz/forum.[domain].co.nz.key
POSTCONF_smtpd_tls_cert_file: /letsencrypt/forum.[domain].co.nz/fullchain.cer
POSTCONF_smtpd_tls_security_level: may
## The URL of the mail processing endpoint of your Discourse forum.
## This is simply your forum's base URL, with `/admin/email/handle_mail`
## appended. Be careful if you're running a subfolder setup -- in that case,
## the URL needs to have the subfolder included!
DISCOURSE_MAIL_ENDPOINT: 'https://forum.[domain].co.nz/admin/email/handle_mail'
## The master API key of your Discourse forum. You can get this from
## the "API" tab of your admin panel.
DISCOURSE_API_KEY: '074[rest of API key - yes I generated a new one limited to the system user]d98'
## The username to use for processing incoming e-mail. Unless you have
## renamed the `system` user, you should leave this as-is.
DISCOURSE_API_USERNAME: system
volumes:
- volume:
host: /var/discourse/shared/mail-receiver/postfix-spool
guest: /var/spool/postfix
# uncomment to support TLS
- volume:
host: /var/discourse/shared/standalone/letsencrypt
guest: /letsencrypt
当我发送一封新邮件并运行 ./launcher logs mail-receiver 时,我看到以下内容:
Dec 21 22:41:21 forum-mail-receiver postfix/smtpd[132]: connect from mail-pj1-f54.google.com[209.85.216.54]
Dec 21 22:41:23 forum-mail-receiver postfix/smtpd[132]: 16DAC379E42: client=mail-pj1-f54.google.com[209.85.216.54]
Dec 21 22:41:23 forum-mail-receiver postfix/cleanup[139]: 16DAC379E42: message-id=<94fc2bef18b410ae8b121c6af2da2df4@frontapp.com>
Dec 21 22:41:23 forum-mail-receiver postfix/qmgr[100]: 16DAC379E42: from=<[my email address]>, size=5585, nrcpt=1 (queue active)
<23>Dec 21 22:41:23 receive-mail[141]: Recipient: nobody@forum.[domain].co.nzDec 21 22:41:50 forum-mail-receiver postfix/smtpd[143]: connect from mail-oa1-f50.google.com[209.85.160.50]
Dec 21 22:41:52 forum-mail-receiver postfix/smtpd[143]: 2E445379E48: client=mail-oa1-f50.google.com[209.85.160.50]
Dec 21 22:41:52 forum-mail-receiver postfix/cleanup[139]: 2E445379E48: message-id=<6b2f9d646dc46f4fec4af006de01d3ae@frontapp.com>
Dec 21 22:41:52 forum-mail-receiver postfix/qmgr[100]: 2E445379E48: from=<[my email address]>, size=4100, nrcpt=1 (queue active)
<23>Dec 21 22:41:52 receive-mail[147]: Recipient: nobody@forum.[domain].co.nzDec 21 22:41:53 forum-mail-receiver postfix/smtpd[132]: disconnect from mail-pj1-f54.google.com[209.85.216.54] ehlo=2 starttls=1 mail=1 rcpt=1 bdat=1 quit=1 commands=7
Dec 21 22:41:58 forum-mail-receiver postfix/qmgr[100]: 1194937A670: from=<double-bounce@forum-mail-receiver.localdomain>, size=942, nrcpt=1 (queue active)
Dec 21 22:41:58 forum-mail-receiver postfix/smtp[149]: fatal: unknown service: smtp/tcp
Dec 21 22:41:59 forum-mail-receiver postfix/qmgr[100]: warning: private/smtp socket: malformed response
Dec 21 22:41:59 forum-mail-receiver postfix/qmgr[100]: warning: transport smtp failure -- see a previous warning/fatal/panic logfile record for the problem description
Dec 21 22:41:59 forum-mail-receiver postfix/master[1]: warning: process /usr/lib/postfix/sbin/smtp pid 149 exit status 1
Dec 21 22:41:59 forum-mail-receiver postfix/master[1]: warning: /usr/lib/postfix/sbin/smtp: bad command startup -- throttling
Dec 21 22:41:59 forum-mail-receiver postfix/error[150]: 1194937A670: to=<postmaster@forum-mail-receiver.localdomain>, orig_to=<postmaster>, relay=none, delay=1192, delays=1191/1/0/0.01, dsn=4.3.0, status=deferred (unknown mail transport error)
<19>Dec 21 22:42:23 receive-mail[141]: Failed to POST the e-mail to https://forum.sobercheck.co.nz/admin/email/handle_mail: execution expired (Net::OpenTimeout)<19>Dec 21 22:42:23 receive-mail[141]: /usr/lib/ruby/2.7.0/net/http.rb:960:in `initialize'
/usr/lib/ruby/2.7.0/net/http.rb:960:in `open'
/usr/lib/ruby/2.7.0/net/http.rb:960:in `block in connect'
/usr/lib/ruby/2.7.0/timeout.rb:105:in `timeout'
/usr/lib/ruby/2.7.0/net/http.rb:958:in `connect'
/usr/lib/ruby/2.7.0/net/http.rb:943:in `do_start'
/usr/lib/ruby/2.7.0/net/http.rb:932:in `start'
/usr/lib/ruby/2.7.0/net/http.rb:1483:in `request'
/usr/local/lib/site_ruby/mail_receiver/discourse_mail_receiver.rb:43:in `process'
/usr/local/bin/receive-mail:13:in `<main>'Dec 21 22:42:23 forum-mail-receiver postfix/pipe[140]: 16DAC379E42: to=<nobody@forum.[domain].co.nz>, relay=discourse, delay=60, delays=0.23/0.01/0/60, dsn=4.3.0, status=deferred (temporary failure)
Dec 21 22:42:25 forum-mail-receiver postfix/smtpd[143]: disconnect from mail-oa1-f50.google.com[209.85.160.50] ehlo=2 starttls=1 mail=1 rcpt=1 bdat=1 quit=1 commands=7
<19>Dec 21 22:42:52 receive-mail[147]: Failed to POST the e-mail to https://forum.[domain].co.nz/admin/email/handle_mail: execution expired (Net::OpenTimeout)<19>Dec 21 22:42:52 receive-mail[147]: /usr/lib/ruby/2.7.0/net/http.rb:960:in `initialize'
/usr/lib/ruby/2.7.0/net/http.rb:960:in `open'
/usr/lib/ruby/2.7.0/net/http.rb:960:in `block in connect'
/usr/lib/ruby/2.7.0/timeout.rb:105:in `timeout'
/usr/lib/ruby/2.7.0/net/http.rb:958:in `connect'
/usr/lib/ruby/2.7.0/net/http.rb:943:in `do_start'
/usr/lib/ruby/2.7.0/net/http.rb:932:in `start'
/usr/lib/ruby/2.7.0/net/http.rb:1483:in `request'
/usr/local/lib/site_ruby/mail_receiver/discourse_mail_receiver.rb:43:in `process'
/usr/local/bin/receive-mail:13:in `<main>'Dec 21 22:42:52 forum-mail-receiver postfix/pipe[146]: 2E445379E48: to=<nobody@forum.[domain].co.nz>, relay=discourse, delay=60, delays=0.15/0.01/0/60, dsn=4.3.0, status=deferred (temporary failure)
Dec 21 22:45:45 forum-mail-receiver postfix/anvil[135]: statistics: max connection rate 1/60s for (smtp:209.85.216.54) at Dec 21 22:41:21
Dec 21 22:45:45 forum-mail-receiver postfix/anvil[135]: statistics: max connection count 1 for (smtp:209.85.216.54) at Dec 21 22:41:21
Dec 21 22:45:45 forum-mail-receiver postfix/anvil[135]: statistics: max cache size 2 at Dec 21 22:41:50
我现在卡住了,有人有什么想法可能是什么原因吗?
哎呀!是的。我混淆了 TLS 和 https。
这仍然完全不起作用,邮件没有从 mail-receiver 传递到 Discourse。
我能否将 mail-receiver “撤销”回初始状态(完全重置它)然后重新开始,希望能让它正常工作?
我该如何操作?
您可以直接编辑文件并重新构建邮件容器。
感谢关于防火墙的提示!我也遇到了与 @MathiasFoster 类似的问题,mail-receiver 容器无法访问 app 容器中的论坛站点。起初有点令人费解,因为容器被允许毫无问题地监听外部世界。
我也使用 Vultr 作为我的 VPS 提供商,并使用他们的 Ubuntu 操作系统镜像。操作系统镜像默认设置与 Docker 的某些组合确实似乎阻止了容器之间的通信。
总之,在我的例子中,允许主机上的 HTTPS 就足够了:
$ ufw allow https
之后,mail-receiver 能够按预期发送邮件。
1 个赞