search

flashmob / go-guerrilla

Mini SMTP server written in golang
MIT License
2.79k stars 366 forks source link

log_file for server section: logs forever empty #179

Closed lord-alfred closed 5 years ago

lord-alfred commented 5 years ago

My guerrilla.conf looks like:

{
    "log_file": "/var/log/guerrilla/main.log",
    "log_level": "debug",
...
    "servers": [
        {
            "is_enabled": true,
            "listen_interface":"0.0.0.0:25",
            "log_level": "debug",
            "log_file": "/var/log/guerrilla/server1.log",
...
        },
        {
            "is_enabled": true,
            "listen_interface":"0.0.0.0:465",
            "log_level": "debug",
            "log_file": "/var/log/guerrilla/server2.log",
...
        }
    ]

Files /var/log/guerrilla/server1.log and /var/log/guerrilla/server2.log empty for several days. But /var/log/guerrilla/main.log contains some log entries (all data in daemon.log file). I run guerrillad with command:

sudo -i -u guser /usr/local/bin/guerrillad -c /etc/guerrilla.conf.json serve >> /var/log/guerrilla/daemon.log 2>&1 &

server1.log/server2.log should it be empty or could there be some kind of error?

flashmob commented 5 years ago

Could you try the latest master? There was a bug fixed in "code cleanup" #171 that might have affected the log file name when more than one servers are initialized.

On Mon., 19 Aug. 2019, 04:04 Lord Alfred, notifications@github.com wrote:

My guerrilla.conf looks like:

{ "log_file": "/var/log/guerrilla/main.log", "log_level": "debug",... "servers": [ { "is_enabled": true, "listen_interface":"0.0.0.0:25", "log_level": "debug", "log_file": "/var/log/guerrilla/server1.log",... }, { "is_enabled": true, "listen_interface":"0.0.0.0:465", "log_level": "debug", "log_file": "/var/log/guerrilla/server2.log",... } ]

Files /var/log/guerrilla/server1.log and /var/log/guerrilla/server2.log empty for several days. But /var/log/guerrilla/main.log contains some log entries (all data in daemon.log file). I run guerrillad with command:

sudo -i -u guser /usr/local/bin/guerrillad -c /etc/guerrilla.conf.json serve >> /var/log/guerrilla/daemon.log 2>&1 &

server1.log/server2.log should it be empty or could there be some kind of error?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/179?email_source=notifications&email_token=AAE6MPYTJDXH6PG2V2TRWXDQFGMMBA5CNFSM4IMT2RKKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HF3EO5Q, or mute the thread https://github.com/notifications/unsubscribe-auth/AAE6MP76WCJ3WIW44ZKPFZTQFGMMBANCNFSM4IMT2RKA .

lord-alfred commented 5 years ago

Reinstalled yesterday guerrilla and the entire system to the last master at that time. But no changes occurred, the server logs are still empty:

$ ls -la /var/log/guerrilla/
total 42032
drwxr-xr-x  2 guser guser      4096 Aug 19 23:55 .
drwxrwxr-x 11 root  syslog     4096 Aug 19 23:55 ..
-rw-r--r--  1 root  root   42992846 Aug 20 08:56 daemon.log
-rw-r--r--  1 guser guser     27071 Aug 20 08:28 main.log
-rw-r--r--  1 guser guser         0 Aug 19 23:55 server1.log
-rw-r--r--  1 guser guser         0 Aug 19 23:55 server2.log
flashmob commented 5 years ago

Thanks for update.

On the dir listing, it looks like the main log is owned by root while the other logs by gouser - did you check permissions?

On Tue., 20 Aug. 2019, 15:08 Lord Alfred, notifications@github.com wrote:

Reinstalled yesterday guerrilla and the entire system to the last master at that time. But no changes occurred, the server logs are still empty:

$ ls -la /var/log/guerrilla/ total 42032 drwxr-xr-x 2 guser guser 4096 Aug 19 23:55 . drwxrwxr-x 11 root syslog 4096 Aug 19 23:55 .. -rw-r--r-- 1 root root 42992846 Aug 20 08:56 daemon.log -rw-r--r-- 1 guser guser 27071 Aug 20 08:28 main.log -rw-r--r-- 1 guser guser 0 Aug 19 23:55 server1.log -rw-r--r-- 1 guser guser 0 Aug 19 23:55 server2.log

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/179?email_source=notifications&email_token=AAE6MP7OASAWZYEZLWGKDPTQFOC67A5CNFSM4IMT2RKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4VFLTA#issuecomment-522868172, or mute the thread https://github.com/notifications/unsubscribe-auth/AAE6MP2WLSJ7VNNMYEBWAIDQFOC67ANCNFSM4IMT2RKA .

lord-alfred commented 5 years ago

I think daemon.log owned by root because I run him from sudo (see first message) and send all data from STDOUT/STDERR to pipe. 

$ ps aux | grep guerr
root     25165  0.0  0.1  56736  2992 ?        S    Aug19   0:00 sudo -i -u guser /usr/local/bin/guerrillad -c /etc/guerrilla.conf.json serve
guser    25167  0.0  0.0   4504  1680 ?        S    Aug19   0:00 -sh -c \/usr\/local\/bin\/guerrillad -c \/etc\/guerrilla\.conf\.json serve
guser    25173  0.2  8.1 821616 166944 ?       Sl   Aug19   1:28 /usr/local/bin/guerrillad -c /etc/guerrilla.conf.json serve
$ ls -la /usr/local/bin/
total 14808
drwxr-xr-x  2 root root     4096 Aug 19 23:55 .
drwxr-xr-x 11 root root     4096 Aug 19 23:51 ..
-rwxr-xr-x  1 root root      228 Aug 19 23:55 certbot_deploy_hook.sh
-rwxr-xr-x  1 root root 15150899 Aug 19 23:53 guerrillad

Maybe guerrillad need to change to guser owner and group?

flashmob commented 5 years ago

Hmm.. will investigate this more. Please allow some time, thanks.

Usually it's best to run not as root as described in the wiki, local user and just give the binary capability to open port 25.

On Tue, 20 Aug 2019 at 17:06, Lord Alfred notifications@github.com wrote:

I think daemon.log owned by root because I run him from sudo (see first message) and send all data from STDOUT/STDERR to pipe.

$ ps aux | grep guerr root 25165 0.0 0.1 56736 2992 ? S Aug19 0:00 sudo -i -u guser /usr/local/bin/guerrillad -c /etc/guerrilla.conf.json serve guser 25167 0.0 0.0 4504 1680 ? S Aug19 0:00 -sh -c \/usr\/local\/bin\/guerrillad -c \/etc\/guerrilla.conf.json serve guser 25173 0.2 8.1 821616 166944 ? Sl Aug19 1:28 /usr/local/bin/guerrillad -c /etc/guerrilla.conf.json serve

$ ls -la /usr/local/bin/ total 14808 drwxr-xr-x 2 root root 4096 Aug 19 23:55 . drwxr-xr-x 11 root root 4096 Aug 19 23:51 .. -rwxr-xr-x 1 root root 228 Aug 19 23:55 certbot_deploy_hook.sh -rwxr-xr-x 1 root root 15150899 Aug 19 23:53 guerrillad

Maybe guerrillad need to change to guser owner and group?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/179?email_source=notifications&email_token=AAE6MP6TZMUEIIQVVNYFWMLQFOJWHA5CNFSM4IMT2RKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4VJIXQ#issuecomment-522884190, or mute the thread https://github.com/notifications/unsubscribe-auth/AAE6MPZMKGQUFUZDSJXNLQLQFOJWHANCNFSM4IMT2RKA .

lord-alfred commented 5 years ago

I just launched it as described on the wiki: https://github.com/flashmob/go-guerrilla/wiki/Deploying-on-a-POSIX-system#starting-command

My command:

sudo -i -u guser /usr/local/bin/guerrillad -c /etc/guerrilla.conf.json serve >> /var/log/guerrilla/daemon.log 2>&1 &

I am ready to provide any info/logs for solve this problem :)

flashmob commented 5 years ago

yes, although before you do that, you probably did this?

$ sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/guerrillad

On Tue, 20 Aug 2019 at 17:40, Lord Alfred notifications@github.com wrote:

I just launched it as described on the wiki: https://github.com/flashmob/go-guerrilla/wiki/Deploying-on-a-POSIX-system#starting-command

My command:

sudo -i -u guser /usr/local/bin/guerrillad -c /etc/guerrilla.conf.json serve >> /var/log/guerrilla/daemon.log 2>&1 &

I am ready to provide any info :)

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/179?email_source=notifications&email_token=AAE6MP3LDBCOYM2UWWBXYJ3QFONVJA5CNFSM4IMT2RKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4VL4LA#issuecomment-522894892, or mute the thread https://github.com/notifications/unsubscribe-auth/AAE6MP27JJ4K5VEJRJUT2V3QFONVJANCNFSM4IMT2RKA .

lord-alfred commented 5 years ago

Yes, of course. Once I forgot to do this - and the demon did not start.

flashmob commented 5 years ago

There's definitely something broken here. Now looking into it.

On Tue., 20 Aug. 2019, 16:53 Lord Alfred, notifications@github.com wrote:

Yes, of course. Once I forgot to do this - and the demon did not start.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/179?email_source=notifications&email_token=AAE6MP6WVSHHT4ODSAAIRFLQFOPGNA5CNFSM4IMT2RKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4VM5ZA#issuecomment-522899172, or mute the thread https://github.com/notifications/unsubscribe-auth/AAE6MP3HOHMC2P7M7TKPLODQFOPGNANCNFSM4IMT2RKA .

lord-alfred commented 5 years ago

On a test environment, everything looks great after a bugfix! Later I will check how it will be in production! Thanks!

flashmob commented 5 years ago

Thanks for the report. Also, a new test was added so this condition will be covered next time

On Thu., 22 Aug. 2019, 18:16 Lord Alfred, notifications@github.com wrote:

On a test environment, everything looks great after a bugfix! Later I will check how it will be in production! Thanks!

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/179?email_source=notifications&email_token=AAE6MP4LXMKQHJ5UC7HJRS3QFZKQJA5CNFSM4IMT2RKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD44ONVA#issuecomment-523822804, or mute the thread https://github.com/notifications/unsubscribe-auth/AAE6MP7JSPGEA4FCT4EILKLQFZKQJANCNFSM4IMT2RKA .

lord-alfred commented 5 years ago

After deploying on production, I see the following: for server №1 the log contains all the email that have arrived, and for server №2 there are no emails. Is this normal behavior, provided that there are emails in the database with and without TLS?

> select count(id) from messages where is_tls = '0'
49
> select count(id) from messages where is_tls = '1'
36

Server №1 tls in config: start_tls_on = true, tls_always_on = false Server №2 tls in config: start_tls_on = false, tls_always_on = true

$ ls -la
total 140
drwxr-xr-x  2 guser guser    4096 Aug 22 13:48 .
drwxrwxr-x 11 root  syslog   4096 Aug 22 13:48 ..
-rw-r--r--  1 root  root     2058 Aug 22 14:09 daemon.log
-rw-r--r--  1 guser guser     101 Aug 22 14:09 main.log
-rw-r--r--  1 guser guser  116125 Aug 22 14:09 server1.log
-rw-r--r--  1 guser guser     188 Aug 22 13:48 server2.log

$ tail server1.log
time="2019-08-22T14:09:46+03:00" level=debug msg="Writing response to client: \n250-myproduction.server Hello\r\n250-SIZE 3145728\r\n250-PIPELINING\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250 HELP\r\n"
time="2019-08-22T14:09:46+03:00" level=debug msg="Client sent: MAIL FROM:<info@from.com>"
time="2019-08-22T14:09:46+03:00" level=debug msg="Writing response to client: \n250 2.1.0 OK\r\n"
time="2019-08-22T14:09:46+03:00" level=debug msg="Client sent: RCPT TO:<user@myproduction.server>"
time="2019-08-22T14:09:46+03:00" level=debug msg="Writing response to client: \n250 2.1.5 OK\r\n"
time="2019-08-22T14:09:46+03:00" level=debug msg="Client sent: DATA"
time="2019-08-22T14:09:47+03:00" level=debug msg="Writing response to client: \n354 Enter message, ending with '.' on a line by itself\r\n"
time="2019-08-22T14:09:47+03:00" level=debug msg="Writing response to client: \n250 2.0.0 OK: queued as 2336efc8fc5434988320fcb3fc6732fb\r\n"
time="2019-08-22T14:09:47+03:00" level=debug msg="Client sent: QUIT"
time="2019-08-22T14:09:47+03:00" level=debug msg="Writing response to client: \n221 2.0.0 Bye\r\n"

$ cat server2.log
time="2019-08-22T13:48:44+03:00" level=info msg="Listening on TCP 0.0.0.0:465"
time="2019-08-22T13:48:44+03:00" level=debug msg="[0.0.0.0:465] Waiting for a new client. Next Client ID: 1"

$ cat main.log
time="2019-08-22T13:48:45+03:00" level=info msg="main log configured to /var/log/guerrilla/main.log"

PS: maybe need full configuration file?

flashmob commented 5 years ago

That's the 2nd server, is that the one on the dedicated TLS port?

Nowadays this setup is not used that way. It always goes through port 25 and then STARTTLS is used to negotiate TLS.

That should be removed from the example confiig too, if it is still there...

On Thu., 22 Aug. 2019, 20:12 Lord Alfred, notifications@github.com wrote:

After deploying on production, I see the following: for server №1 the log contains all the email that have arrived, and for server №2 there are no emails. Is this normal behavior, provided that there are emails in the database with and without TLS?

Server №1 tls in config: start_tls_on = true, tls_always_on = false Server №2 tls in config: start_tls_on = false, tls_always_on = true

$ ls -la

total 140

drwxr-xr-x 2 guser guser 4096 Aug 22 13:48 .

drwxrwxr-x 11 root syslog 4096 Aug 22 13:48 ..

-rw-r--r-- 1 root root 2058 Aug 22 14:09 daemon.log

-rw-r--r-- 1 guser guser 1145 Aug 22 14:09 main.log

-rw-r--r-- 1 guser guser 116125 Aug 22 14:09 server1.log

-rw-r--r-- 1 guser guser 188 Aug 22 13:48 server2.log

$ tail server1.log

time="2019-08-22T14:09:46+03:00" level=debug msg="Writing response to client: \n250-myproduction.server Hello\r\n250-SIZE 3145728\r\n250-PIPELINING\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250 HELP\r\n"

time="2019-08-22T14:09:46+03:00" level=debug msg="Client sent: MAIL FROM:info@from.com"

time="2019-08-22T14:09:46+03:00" level=debug msg="Writing response to client: \n250 2.1.0 OK\r\n"

time="2019-08-22T14:09:46+03:00" level=debug msg="Client sent: RCPT TO:user@myproduction.server"

time="2019-08-22T14:09:46+03:00" level=debug msg="Writing response to client: \n250 2.1.5 OK\r\n"

time="2019-08-22T14:09:46+03:00" level=debug msg="Client sent: DATA"

time="2019-08-22T14:09:47+03:00" level=debug msg="Writing response to client: \n354 Enter message, ending with '.' on a line by itself\r\n"

time="2019-08-22T14:09:47+03:00" level=debug msg="Writing response to client: \n250 2.0.0 OK: queued as 2336efc8fc5434988320fcb3fc6732fb\r\n"

time="2019-08-22T14:09:47+03:00" level=debug msg="Client sent: QUIT"

time="2019-08-22T14:09:47+03:00" level=debug msg="Writing response to client: \n221 2.0.0 Bye\r\n"

$ cat server2.log

time="2019-08-22T13:48:44+03:00" level=info msg="Listening on TCP 0.0.0.0:465"

time="2019-08-22T13:48:44+03:00" level=debug msg="[0.0.0.0:465] Waiting for a new client. Next Client ID: 1"

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/179?email_source=notifications&email_token=AAE6MPZ7HTPICIKWTRQJBPTQFZYBXA5CNFSM4IMT2RKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD44XSQI#issuecomment-523860289, or mute the thread https://github.com/notifications/unsubscribe-auth/AAE6MP6KDOM73T2GRIRNLMTQFZYBXANCNFSM4IMT2RKA .

On Thu., 22 Aug. 2019, 20:12 Lord Alfred, notifications@github.com wrote:

After deploying on production, I see the following: for server №1 the log contains all the email that have arrived, and for server №2 there are no emails. Is this normal behavior, provided that there are emails in the database with and without TLS?

Server №1 tls in config: start_tls_on = true, tls_always_on = false Server №2 tls in config: start_tls_on = false, tls_always_on = true

$ ls -la

total 140

drwxr-xr-x 2 guser guser 4096 Aug 22 13:48 .

drwxrwxr-x 11 root syslog 4096 Aug 22 13:48 ..

-rw-r--r-- 1 root root 2058 Aug 22 14:09 daemon.log

-rw-r--r-- 1 guser guser 1145 Aug 22 14:09 main.log

-rw-r--r-- 1 guser guser 116125 Aug 22 14:09 server1.log

-rw-r--r-- 1 guser guser 188 Aug 22 13:48 server2.log

$ tail server1.log

time="2019-08-22T14:09:46+03:00" level=debug msg="Writing response to client: \n250-myproduction.server Hello\r\n250-SIZE 3145728\r\n250-PIPELINING\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250 HELP\r\n"

time="2019-08-22T14:09:46+03:00" level=debug msg="Client sent: MAIL FROM:info@from.com"

time="2019-08-22T14:09:46+03:00" level=debug msg="Writing response to client: \n250 2.1.0 OK\r\n"

time="2019-08-22T14:09:46+03:00" level=debug msg="Client sent: RCPT TO:user@myproduction.server"

time="2019-08-22T14:09:46+03:00" level=debug msg="Writing response to client: \n250 2.1.5 OK\r\n"

time="2019-08-22T14:09:46+03:00" level=debug msg="Client sent: DATA"

time="2019-08-22T14:09:47+03:00" level=debug msg="Writing response to client: \n354 Enter message, ending with '.' on a line by itself\r\n"

time="2019-08-22T14:09:47+03:00" level=debug msg="Writing response to client: \n250 2.0.0 OK: queued as 2336efc8fc5434988320fcb3fc6732fb\r\n"

time="2019-08-22T14:09:47+03:00" level=debug msg="Client sent: QUIT"

time="2019-08-22T14:09:47+03:00" level=debug msg="Writing response to client: \n221 2.0.0 Bye\r\n"

$ cat server2.log

time="2019-08-22T13:48:44+03:00" level=info msg="Listening on TCP 0.0.0.0:465"

time="2019-08-22T13:48:44+03:00" level=debug msg="[0.0.0.0:465] Waiting for a new client. Next Client ID: 1"

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/179?email_source=notifications&email_token=AAE6MPZ7HTPICIKWTRQJBPTQFZYBXA5CNFSM4IMT2RKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD44XSQI#issuecomment-523860289, or mute the thread https://github.com/notifications/unsubscribe-auth/AAE6MP6KDOM73T2GRIRNLMTQFZYBXANCNFSM4IMT2RKA .

lord-alfred commented 5 years ago

Yes, the first server is on port 25, and the second is on 465. I took this from an example and took that the wiki was the same and thought it was right :) Here is my full config:

{
    "log_file": "/var/log/guerrilla/main.log",
    "log_level": "debug",
    "allowed_hosts": ["example1.com", "example2.com"],
    "pid_file": "/var/run/guerrillad/guerrillad.pid",
    "backend_config": {
        "log_received_mails": true,
        "save_workers_size": 16,
        "save_process": "HeadersParser|Hasher|Header|BenderSql",
        "primary_mail_host": "mx.example1.com",
        "gw_save_timeout": "30s",
        "gw_val_rcpt_timeout": "3s",
        "sql_driver": "mysql",
        "sql_dsn": "BM_DB_USERNAME:BM_DB_PASSWORD@tcp(BM_DB_HOST:BM_DB_PORT)/BM_DB_DATABASE?readTimeout=10s&writeTimeout=10s&charset=utf8mb4&collation=utf8mb4_unicode_ci",
        "mail_table": "messages",
        "sql_max_open_conns": 250,
        "sql_max_idle_conns": 150,
        "sql_max_conn_lifetime_sec": "200s"
    },
    "servers": [
        {
            "is_enabled": true,
            "host_name":"mx.example1.com",
            "max_size": 3145728,
            "timeout":180,
            "listen_interface":"0.0.0.0:25",
            "max_clients": 1000,
            "log_level": "debug",
            "log_file": "/var/log/guerrilla/server1.log",
            "tls" : {
                "start_tls_on":true,
                "tls_always_on":false,
                "private_key_file":"/etc/letsencrypt/live/mx.example1.com/privkey.pem",
                "public_key_file":"/etc/letsencrypt/live/mx.example1.com/fullchain.pem",
                "protocols" : ["ssl3.0", "tls1.2"],
                "ciphers" : ["TLS_FALLBACK_SCSV", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", "TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDHE_RSA_WITH_RC4_128_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"],
                "curves" : ["P256", "P384", "P521", "X25519"],
                "client_auth_type" : "NoClientCert"
            }
        },
        {
            "is_enabled": true,
            "host_name":"mx.example1.com",
            "max_size": 3145728,
            "timeout":180,
            "listen_interface":"0.0.0.0:465",
            "max_clients": 1000,
            "log_level": "debug",
            "log_file": "/var/log/guerrilla/server2.log",
            "tls" : {
                "start_tls_on":false,
                "tls_always_on":true,
                "private_key_file":"/etc/letsencrypt/live/mx.example1.com/privkey.pem",
                "public_key_file":"/etc/letsencrypt/live/mx.example1.com/fullchain.pem",
                "protocols" : ["ssl3.0", "tls1.2"],
                "ciphers" : ["TLS_FALLBACK_SCSV", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", "TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDHE_RSA_WITH_RC4_128_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"],
                "curves" : ["P256", "P384", "P521", "X25519"],
                "client_auth_type" : "NoClientCert"
            }
        }
    ]
}

Can I delete server number 2?

flashmob commented 5 years ago

Yes. You don't need 465.

On Fri., 23 Aug. 2019, 18:49 Lord Alfred, notifications@github.com wrote:

Yes, the first server is on port 25, and the second is on 465. I took this from an example and took that the wiki was the same and thought it was right :) Here is my full config:

{ "log_file": "/var/log/guerrilla/main.log", "log_level": "debug", "allowed_hosts": ["example1.com", "example2.com"], "pid_file": "/var/run/guerrillad/guerrillad.pid", "backend_config": { "log_received_mails": true, "save_workers_size": 16, "save_process": "HeadersParser|Hasher|Header|BenderSql", "primary_mail_host": "mx.example1.com", "gw_save_timeout": "30s", "gw_val_rcpt_timeout": "3s", "sql_driver": "mysql", "sql_dsn": "BM_DB_USERNAME:BM_DB_PASSWORD@tcp(BM_DB_HOST:BM_DB_PORT)/BM_DB_DATABASE?readTimeout=10s&writeTimeout=10s&charset=utf8mb4&collation=utf8mb4_unicode_ci", "mail_table": "messages", "sql_max_open_conns": 250, "sql_max_idle_conns": 150, "sql_max_conn_lifetime_sec": "200s" }, "servers": [ { "is_enabled": true, "host_name":"mx.example1.com", "max_size": 3145728, "timeout":180, "listen_interface":"0.0.0.0:25", "max_clients": 1000, "log_level": "debug", "log_file": "/var/log/guerrilla/server1.log", "tls" : { "start_tls_on":true, "tls_always_on":false, "private_key_file":"/etc/letsencrypt/live/mx.example1.com/privkey.pem", "public_key_file":"/etc/letsencrypt/live/mx.example1.com/fullchain.pem", "protocols" : ["ssl3.0", "tls1.2"], "ciphers" : ["TLS_FALLBACK_SCSV", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", "TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDHE_RSA_WITH_RC4_128_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"], "curves" : ["P256", "P384", "P521", "X25519"], "client_auth_type" : "NoClientCert" } }, { "is_enabled": true, "host_name":"mx.example1.com", "max_size": 3145728, "timeout":180, "listen_interface":"0.0.0.0:465", "max_clients": 1000, "log_level": "debug", "log_file": "/var/log/guerrilla/server2.log", "tls" : { "start_tls_on":false, "tls_always_on":true, "private_key_file":"/etc/letsencrypt/live/mx.example1.com/privkey.pem", "public_key_file":"/etc/letsencrypt/live/mx.example1.com/fullchain.pem", "protocols" : ["ssl3.0", "tls1.2"], "ciphers" : ["TLS_FALLBACK_SCSV", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", "TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDHE_RSA_WITH_RC4_128_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"], "curves" : ["P256", "P384", "P521", "X25519"], "client_auth_type" : "NoClientCert" } } ] }

Can I delete server number 2?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/flashmob/go-guerrilla/issues/179?email_source=notifications&email_token=AAE6MP5MXLG2HO5DQ4CNDG3QF6XCNA5CNFSM4IMT2RKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD47XD6I#issuecomment-524251641, or mute the thread https://github.com/notifications/unsubscribe-auth/AAE6MP2XFSMJOV3WCN2PPP3QF6XCNANCNFSM4IMT2RKA .

lord-alfred commented 5 years ago

Thanks! I'm close this issue, because the problem is resolved :)