search

jeboehm / docker-mailserver

Docker Mailserver based on the famous ISPMail guide
MIT License
368 stars 97 forks source link

Enable DKIM: Error 500 #176

Closed Gurkengewuerz closed 2 years ago

Gurkengewuerz commented 2 years ago

Hey,

if i try to activate DKIM for my domain an error 500 is thrown. regardless of whether i use the enable in the edit context or the enable switch in the table. The domain key entries do match.

image

It's a complete fresh installation running latest with just one administrator.

Do you have any plan what i can try? Cheers

Error 500

Oops! An Error Occurred
The server returned a "500 Internal Server Error".
Something is broken. Please let us know what you were doing when this error occurred. We will fix it as soon as possible. Sorry for any inconvenience caused.

Web Log

mailserver-web-1     | 127.0.0.1 -  23/May/2022:20:25:07 +0000 "GET /index.php" 200
mailserver-web-1     | 172.18.0.2 - - [23/May/2022:20:25:31 +0000] "GET /?crudAction=index&crudControllerFqcn=App%5CController%5CAdmin%5CDKIMCrudController&entityFqcn=App%5CEntity%5CDomain&menuIndex=4&submenuIndex=-1 HTTP/1.1" 200 32040 "https://mail.example.net/?crudAction=edit&crudControllerFqcn=App%5CController%5CAdmin%5CDKIMCrudController&entityId=2&menuIndex=4&submenuIndex=-1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Edg/101.0.1210.53" "172.18.0.1"
mailserver-web-1     | 127.0.0.1 -  23/May/2022:20:25:31 +0000 "GET /index.php" 200
mailserver-web-1     | NOTICE: PHP message: [error] Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\BadRequestHttpException: "" at /opt/manager/vendor/easycorp/easyadmin-bundle/src/Controller/AbstractCrudController.php line 240
mailserver-web-1     | 2022/05/23 20:25:33 [error] 51#51: *2184 FastCGI sent in stderr: "PHP message: [error] Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\BadRequestHttpException: "" at /opt/manager/vendor/easycorp/easyadmin-bundle/src/Controller/AbstractCrudController.php line 240" while reading response header from upstream, client: 172.18.0.2, server: , request: "PATCH /?crudAction=edit&crudControllerFqcn=App%5CController%5CAdmin%5CDKIMCrudController&csrfToken=b8c1341cd4eb.qzQ0RMUr3_biGZp81cH0C_6Db7G2ksr7bztg8t13Qhw.7HZrLZVIvKSmS6ImvI-8bpnbX_bd-rCCVwIPq7kjKm3NWl0w6GWHgbtWog&entityFqcn=App%5CEntity%5CDomain&entityId=2&fieldName=dkimEnabled&menuIndex=4&submenuIndex=-1&newValue=true HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "mail.example.net", referrer: "https://mail.example.net/?crudAction=index&crudControllerFqcn=App%5CController%5CAdmin%5CDKIMCrudController&entityFqcn=App%5CEntity%5CDomain&menuIndex=4&submenuIndex=-1"
mailserver-web-1     | 172.18.0.2 - - [23/May/2022:20:25:33 +0000] "PATCH /?crudAction=edit&crudControllerFqcn=App%5CController%5CAdmin%5CDKIMCrudController&csrfToken=b8c1341cd4eb.qzQ0RMUr3_biGZp81cH0C_6Db7G2ksr7bztg8t13Qhw.7HZrLZVIvKSmS6ImvI-8bpnbX_bd-rCCVwIPq7kjKm3NWl0w6GWHgbtWog&entityFqcn=App%5CEntity%5CDomain&entityId=2&fieldName=dkimEnabled&menuIndex=4&submenuIndex=-1&newValue=true HTTP/1.1" 400 823 "https://mail.example.net/?crudAction=index&crudControllerFqcn=App%5CController%5CAdmin%5CDKIMCrudController&entityFqcn=App%5CEntity%5CDomain&menuIndex=4&submenuIndex=-1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Edg/101.0.1210.53" "172.18.0.1"
mailserver-web-1     | 127.0.0.1 -  23/May/2022:20:25:33 +0000 "PATCH /index.php" 400
jeboehm commented 2 years ago

I'ld guess that there is a permission error that prevents the dkim keys from being written. Could you check, if /media/dkim is writable by the user www-data in the web container? You can become this user by entering the container using docker exec -u www-data mail_web.

Gurkengewuerz commented 2 years ago

Hey @jeboehm, thanks for your answer. Sadly this is working.


mail@myhost:~/mailserver$ docker compose ps
NAME                  COMMAND                  SERVICE             STATUS              PORTS
mailserver-db-1       "docker-entrypoint.s…"   db                  running             3306/tcp
mailserver-filter-1   "/usr/local/bin/entr…"   filter              running (healthy)   11334/tcp
mailserver-mda-1      "/usr/local/bin/entr…"   mda                 running (healthy)   0.0.0.0:110->110/tcp, 0.0.0.0:143->143/tcp, 0.0.0.0:587->587/tcp, 0.0.0.0:993->993/tcp, 0.0.0.0:995->995/tcp
mailserver-mta-1      "/usr/local/bin/entr…"   mta                 running (healthy)   0.0.0.0:25->25/tcp
mailserver-redis-1    "docker-entrypoint.s…"   redis               running             6379/tcp
mailserver-ssl-1      "/usr/local/bin/crea…"   ssl                 exited (0)
mailserver-virus-1    "/usr/local/bin/entr…"   virus               exited (0)
mailserver-web-1      "docker-php-entrypoi…"   web                 running (healthy)   0.0.0.0:81->80/tcp
mail@myhost:~/mailserver$ docker compose exec -u www-data web /bin/ash
/var/www/html $ cd /media/dkim/
/media/dkim $ whoami
www-data
/media/dkim $ ls -lah
total 8K
drwxrwxrwx    2 www-data root        4.0K May 25 20:43 .
drwxr-xr-x    1 root     root        4.0K May 23 13:29 ..
-rw-rw-rw-    1 www-data root           0 May 23 13:30 dkim_selectors.map
/media/dkim $ touch github_issue_176
/media/dkim $ ls -lah
total 8K
drwxrwxrwx    2 www-data root        4.0K May 25 20:43 .
drwxr-xr-x    1 root     root        4.0K May 23 13:29 ..
-rw-rw-rw-    1 www-data root           0 May 23 13:30 dkim_selectors.map
-rw-r--r--    1 www-data www-data       0 May 25 20:43 github_issue_176
/media/dkim $
mail@myhost:~/mailserver$

Just to be sure i have overwritten the network for each container in order to use traefik but i don't guess this is the problem.

version: '3.5'

services:
  db:
    networks: [backend]

  filter:
    networks: [backend]

  virus:
    networks: [backend]

  redis:
    networks: [backend]

  mda:
    networks: [backend]

  mta:
    networks: [backend]

  web:
    networks:
      - traefik
      - backend
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=traefik"
      - "traefik.http.routers.mail-web.entrypoints=websecure"
      - "traefik.http.routers.mail-web.rule=HOST(`$VIRTUAL_HOST`)"
      - "traefik.http.routers.mail.service=mail-web-srv"
      - "traefik.http.services.mail-web-srv.loadbalancer.server.port=80"

networks:
  backend:
  traefik:
    external: true
Gurkengewuerz commented 2 years ago

Weird. I don't know what i have exactly done but it works now. I pulled the latest image, got dns resolve errors, tried v3.2.1 and had the same issue (lookup db on 127.0.0.11:53: no such host.). Now i am using the latest version with filter v3.2.1 (i know this isn't intended!) because rspamd crashed on startup with illegal instruction in the latest version.