Closed pavanfhw closed 3 years ago
While I don't use K8s, this looks to me like a network configuration problem. Basically, you need to tell K8s to permit the connection from your source container to the destination container. This error is a networking error, not an application error.
I am able to do a curl request on port 587 to the relay container. Obviously it breaks, but the container logs it. So by this I assume the container is reachable from other containers in the cluster. Can you confirm this configuration should allow all incoming smtp connections to the container? Should something be changed?
/etc/exim4/update-exim4.conf.conf
:
dc_eximconfig_configtype='smarthost'
dc_other_hostnames=''
dc_local_interfaces='[0.0.0.0]:587 ; [::0]:587'
dc_readhost=''
dc_relay_domains='*'
dc_minimaldns='false'
dc_relay_nets='10.42.3.40/24:0.0.0.0/0'
dc_smarthost='smtp.gmail.com::587'
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
The important part is dc_local_interfaces
. I currently have it running on plain SMTP and this is my config:
dc_local_interfaces='[0.0.0.0]:25 ; [::0]:25'
You could give it like that a spin, to see how it works (without TLS), maybe you can narrow it down. As for RELAY_NETWORKS
, I keep it on my infrastructure set to :192.168.0.0/16:172.16.0.0/12:10.0.0.0/8
.
@tlex Changing the port to 25 worked. Thank you! Can you help understand why? I am not familiar with smtp
Basically, port 587 assumes TLS (and everything that comes with it: a certificate). For this to work as expected, the variables KEY_PATH
and CERTIFICATE_PATH
need to be set.
Now, it would probably make sense to test with exim, how's the behavior if the port is set to 587 but there's no certificate there.
Thanks for your feedback, I'll close this now :-)
Hello, I'm trying to use your image in Kubernetes as a Gmail relay. I'm not being able to connect to the container from outside, from another container. Form inside the container it is working. I can use python to run a simple script to connect and send a mail the way I intent to. But from outside I can't connect to the relay. I think I'm not configuring my environment variables correctly for this case. Can you advise on what variables and values I should use? I'm trying with
RELAY_NETWORKS
and/orRELAY_DOMAINS
but with no success. I can allow all connections because the container is only exposed inside the Kubernetes cluster. To illustrate: From insideFrom outside