MiaB and Discourse problems resolved


#1

Problems been fixed :slight_smile:

Sent mail to admin@example.com (2260.8ms)
Job exception: 535 5.7.8 Error: authentication failed:

Got it working on fresh installs with nonblacklisted IPs
Didn’t miss the TLSA DNS records this time either. :sweat_smile:

BTW I didn’t have to make any manual changes to app.yml or setup relay on the discourse server.


#2

I find Nullmailer a better solution for SMPT mail service. Not sure why the MiaB guide recommends Postfix, which is often overkill if the only thing the server is doing for mail service is SMTP mail.


#3

I haven’t messed with any of this very much. Can’t figure this one out. :frowning_face:
I’ll update the original post with the errors I do have for admin System Status Checks.

Maybe I was supposed to put information into these settings from the advanced configuration page?

mydestination =
smtp_sasl_tls_security_options =

Maybe this is wrong?

Original

yourmailinabox.yourdomain relayusername:relaypassword

Edited:

mail.example.com discourse@example.com:examplepassword
!-- with and without below encryption --!
perl -MMIME::Base64 -e 'print encode_base64(“username”);


#4

telnet boxIPaddress 587

Do you get the same result? Type quit followed by to exit if successful (or the Escape character).

If successful you should get something like:
Connected to 1.1.1.1.
Escape character is ‘^]’.
220 box.domain.com ESMTP Hi, I’m a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)


#5

Double check that the username and password as well as the MiaB hostname were entered correctly on the droplet with the Discourse install. Also be sure that you followed the rest of the instructions in that section (step 4 of the relaying section).


#6

Please send this info in PM unedited … it is too late in the evening for me to try descrambling it with your presumed edits.

This should be:

DISCOURSE_SMTP_USER_NAME: discourse@example.com

additional info:

[quote=“hekubas, post:1, topic:4099”]
System Status Check Errors

System
The SSH server on this machine permits password-based login.

Network
The IP address of this machine is listed in the Spamhaus Block List

mail.example.com
Nameserver glue records should be configured at your domain name registrar as having the IP address of this box. They currently report addresses of [Not Set]/[Not Set].
Your box’s reverse DNS is currently [Not Set][/quote]

Is the proper droplet name set (wait, is MiaB on DO?) or the PTR set?

This can be safely ignored with your setup. Formatting is all out of whack, sorry.


#7

Yes I didn’t include everything I’ll add a few more lines.
This is what i get from the discourse server to the MiaB server.

Telnet Summary

telnet mail.example.com 587

Trying XXX.XX.XX.XXX…
Connected to mail.example.com
Escape character is ‘^]’.
220 mail.example.com ESMTP Hi, I’m a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)

EHLO mail.example.com

250-mail.example.com
250-PIPELINING
250-SIZE 134217728
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

AUTH LOGIN

530 5.7.0 Must issue a STARTTLS command first

STARTTLS
220 2.0.0 Ready to start TLS
AUTHLOGIN
Connection closed by foreign host.

I did use "discourse@example.com" not “exampleuser” in the app.yml sorry I’ll change it in the topic.
Just checked again and here is a copy pasta from terminal with just mail.example.com and example.com replacing the actual values.

Copy Pasta
  ## TODO: The domain name this Discourse instance will respond to
  ## Required. Discourse will not work with a bare IP number.
  DISCOURSE_HOSTNAME: 'example.com'

  ## Uncomment if you want the container to be started with the same
  ## hostname (-h option) as specified above (default "$hostname-$config")
  #DOCKER_USE_HOSTNAME: true

  ## TODO: List of comma delimited emails that will be made admin and developer
  ## on initial signup example 'user1@example.com,user2@example.com'
  DISCOURSE_DEVELOPER_EMAILS: 'me@example.com,admin@example.com'

  ## TODO: The SMTP mail server used to validate new accounts and send notifications
  # SMTP ADDRESS, username, and password are required
  # WARNING the char '#' in SMTP password can cause problems!
  DISCOURSE_SMTP_ADDRESS: mail.example.com
  DISCOURSE_SMTP_PORT: 587
  DISCOURSE_SMTP_USER_NAME: discourse@example.com
  DISCOURSE_SMTP_PASSWORD: encryptedpw
  #DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none
  #DISCOURSE_SMTP_ENABLE_START_TLS: true           # (optional, default true)#

I’ll double check the relay guide steps and add more to this post or reply again.
Additionally I found the discourse server IP has blacklist, I tried a new droplet with no blacklist and got same error. Not sure if that matters or not.


#8

Got it working on fresh installs with nonblacklisted IPs :slight_smile:
Also didn’t miss the TLSA DNS records this time. Thanks alento.

Edited

Went back through the relay settings and made sure I did them correctly. I sent you a message alento.

Checked back over things and found I named discourse email wrong. Fixed this but still getting authentication error. It should at least have given me wrong credentials error instead of authentication error I would think.

Been looking at the postfix config and some guides and thinking there may be something I need to do there. Probably going to fresh install on two droplets and try again to see if maybe I screwed something up along the way.

Also, Both the original IPs of the discourse and MiaB servers had shown on a blacklist at mxtoolbox.com so I switched both server IPs in DNS to ones not blacklisted. Thinking this may still be causing problems. Another reason I’m going to try again.