Smtp_should_reject 400 bad request em nounces

Hi!

I am basically having the exact same issue described here: Configure direct-delivery incoming email for self-hosted sites with Mail-Receiver - #482 by Carleas

The problem seems to be that the bounces I am receiving don’t come with a from so when the API call is made like https://forum.example.com/admin/email/smtp_should_reject.json?from=&to=replies+verp-326f6e22828d2543ba65497a47608f13@mail.forum.example.com it returns a 400 with:

{"errors":["param is missing or the value is empty or invalid: from"]}

here’s a bit more of the mail-receiver logs

Nov 03 07:34:53 mail postfix/smtpd[1044]: connect from v-108-120-yyy-74-srvr1.xxx.com[74.91.xxx.108]
<19>Nov  3 07:34:53 discourse-smtp-fast-rejection[1048]: Failed to GET smtp_should_reject answer from https://forum.example.com/admin/email/smtp_should_reject.json: 400<22>Nov  3 07:34:53 policyd-spf[1049]: : prepend Received-SPF: None (no SPF record) identity=helo; client-ip=74.91.xxx.108; helo=v-148-29-xxx-192-srvr1.xxx.com; envelope-from=<>; receiver=mail.forum.example.com Nov 03 07:34:53 mail postfix/smtpd[1044]: NOQUEUE: reject: RCPT from v-108-120-yyy-74-srvr1.xxx.com[74.91.xxx.108]: 450 4.7.1 <replies+verp-326f6e22828d2543ba65497a47608f13@mail.forum.example.com>: Recipient address rejected: Internal error, API request failed; from=<> to=<replies+verp-326f6e22828d2543ba65497a47608f13@mail.forum.example.com> proto=ESMTP helo=<v-148-29-xxx-192-srvr1.xxx.com>

However, even if it came with a right from (putting my email there) it comes back with

{"reject":true,"reason":"Mail to this address is not accepted. Check the address and try to send again?"}

So it would’ve rejected that as well…

Am I missing something on the config? I can’t figure it out

Hello! Sorry but it appears your topic found no takers. Were you able to resolve your problem on your own?

What mail provider are you using?

No, unfortunately, I am not receiving the bounces…

I am using an SMTP server from a CPanel though

What about your outbound email provider? Are you using mailgun or some other transactional email provider?

Nope. The same SMTP, outgoing is working perfectly, and incoming for topics it’s also arriving perfectly, the problem is bounces are not visible to the forum so it keeps trying and I get scolded by my hosting provider

I’m slipping this across to #hosting.

The typical official answer for this sort of thing unfortunately is to say “email is hard”. You will get much better results if you use a transactional email provider.

If you have a budget, you can post in Marketplace or I can move this topic there for you.

Thanks for at least taking the time to look into this with me !!

Hi DevTeVe,

I’ve reviewed the code in question and I believe you are right - I think the smtp_should_reject code may be incorrectly rejecting bounce messages and replies.

I’m escalating this internally.

In the meanwhile, if you disable the discourse-smtp-fast-rejection policy filter does it allow mail to flow?

Wow! Thank you for escalating it! I was a little bit hopeless hahaha! I will try disabling discourse-smtp-fast-rejection (although I am not sure how to do that, but I will search and report back)

If you can remove this line from the mail-receiver postfix config file:

smtpd_recipient_restrictions = check_policy_service unix:private/policy

This should do the trick - I haven’t tested this but I think it’ll work:

postconf -e "smtpd_recipient_restrictions ="

Success!

image2900×698 112 KB

I am making my mail-receiver.yaml like this (in the meantime or forever? @supermathie)

# this is the incoming mail receiver container template
##
## After making changes to this file, you MUST rebuild
## /var/discourse/launcher rebuild mail-receiver
##
## BE *VERY* CAREFUL WHEN EDITING!
## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
## visit http://www.yamllint.com/ to validate this file as needed

base_image: discourse/mail-receiver:release
update_pups: false

expose:
  - "25:25"   # SMTP

env:
  LC_ALL: en_US.UTF-8
  LANG: en_US.UTF-8
  LANGUAGE: en_US.UTF-8

  ## Where e-mail to your forum should be sent.  In general, it's perfectly fine
  ## to use the same domain as the forum itself here.
  MAIL_DOMAIN: community.example.com
# uncomment these (and the volume below!) to support TLS 
  POSTCONF_smtpd_tls_key_file:  /letsencrypt/community.example.com/community.example.com.key
  POSTCONF_smtpd_tls_cert_file:  /letsencrypt/community.example.com/community.example.com.crt
  POSTCONF_smtpd_tls_security_level: may
  POSTCONF_myhostname: community.example.com
  POSTCONF_mynetworks: "127.0.0.0/8 [::1]/128 [fe80::]/64 172.17.0.0/16"
  POSTCONF_smtpd_recipient_restrictions: ""
  ## The base URL for this Discourse instance.
  ## This will be whatever your Discourse site URL is. For example,
  ## https://discourse.example.com. If you're running a subfolder setup,
  ## be sure to account for that (ie https://example.com/forum).
  DISCOURSE_BASE_URL: 'https://community.example.com'

  ## The master API key of your Discourse forum.  You can get this from
  ## the "API" tab of your admin panel.
  DISCOURSE_API_KEY: <YOURKEY>

  ## The username to use for processing incoming e-mail.  Unless you have
  ## renamed the `system` user, you should leave this as-is.
  DISCOURSE_API_USERNAME: system

volumes:
  - volume:
      host: /var/discourse/shared/mail-receiver/postfix-spool
      guest: /var/spool/postfix
# uncomment to support TLS
  - volume:
      host: /var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/
      guest: /letsencrypt

Let’s go with “for now” and we’ll update this topic when we have more news.

Thank you very much! I really didn’t expect this to move any further but now it’s perfect and im receiving all the other bounces!