Configuration with Docker behind Reverse Proxy

[The-Inamati]

Hi, I'm having an issue deploying this awesome service. I set up my compose like this:

    build: $DOCKERDIR/apps/killthenewsletter
    container_name: ktn
    networks:
      - traefik
    security_opt:
      - no-new-privileges:true
    restart: unless-stopped
    ports:
      - 2525:2525
    labels:
      - "traefik.enable=true"
      ## HTTP Routers
      - "traefik.http.routers.ktn.entrypoints=https"
      - "traefik.http.routers.ktn.rule=Host(`$KTN_SUBDOMAIN.$DOMAINNAME1`)"
      - "traefik.http.routers.ktn.tls=true"
      ## HTTP Services
      - "traefik.http.routers.ktn.service=ktn"
      - "traefik.http.services.ktn.loadbalancer.server.port=8000"
      - "traefik.http.routers.ktn.middlewares=chain-no-auth@file"

The container builds successfully and runs and I can access it through my Traefik reverse proxy without an issue.

When I generate an email if I send an email to it I get the following error: 554 5.7.1 <3qmeii7netl0a5dp@ktn.undebug.com>: Relay access denied

My Dockerfile is:

FROM node:latest

WORKDIR /kill-the-newsletter

COPY package*.json ./
RUN npm ci --production
COPY . .

VOLUME /kill-the-newsletter/static/feeds/
VOLUME /kill-the-newsletter/static/alternate/

ENV WEB_PORT=8000
ENV EMAIL_PORT=2525
ENV BASE_URL=https://ktn.undebug.com
ENV EMAIL_DOMAIN=ktn.undebug.com
ENV ISSUE_REPORT=mailto:webmaster@undebug.com

EXPOSE 8000
EXPOSE 2525

CMD npm start

The port 2525 is open. I have no idea what I'm missing. Can somebody help?

[leafac]

@The-Inamati: Thanks for the nice words about my work 😃

Judging by the error message, it seems like your emails are reaching a mail server, who’s declining to deliver the messages. The thing is: That doesn’t sound like the Kill the Newsletter! email server!

One thing I know for sure: Kill the Newsletter! doesn’t send that type of error message: if it doesn’t recognize an address, it considers that as spam and drops the message on the floor.

Under the hood we’re using the smtp-server package, but I don’t think it would send that kind of error message either.

Also, you’re running the email server on port 2525, which is for development/test. In production, you should use port 25, which is the appropriate port for SMTP servers receiving email from the internet.

Then again, you may not be able to do that, because it sounds like your server already has an email service running on that port…

Let me know how it goes.

[The-Inamati]

You are right I do have a mail server already running on that port. Is there a way to run Kill The Newsletter through an existing mail server?

[leafac]

I really recommend that you let Kill the Newsletter! sit on a machine by itself.

That said: I’ve never done this myself, but I think there are two ways to do what you asked for (in the following discussion say your email server is Exim):

1. Exim relays the emails to Kill the Newsletter!

This is similar to how you’d setup email forwarding. You’re probably interested in the SMTP transport.

You must also configure Kill the Newsletter! to run the email server on a port other than 25 (for example, 2525, as you’re already doing). Check the EMAIL_PORT environment variable.

2. A mail proxy sits in front of both Exim and Kill the Newsletter!

I think the most popular solution as a mail proxy is nginx. Start here: http://nginx.org/en/docs/mail/ngx_mail_core_module.html https://docs.nginx.com/nginx/admin-guide/mail-proxy/mail-proxy/

Good luck. Let me know how it goes.

I’m closing this for now since the main issue seems to have been resolved.

[The-Inamati]

Follow Up to this. I added a routing rule in my mail server pointing to the Kill The Newsletter container. When I test the routing in the mail server it appears to be working as you can see below:

The issue is that the feed isn't updated. I checked the feeds folder inside the container and there is a XML file with the feed information. How can I troubleshoot this further?

[The-Inamati]

Nevermind. It's working now.

[leafac]

👍

What was wrong? Or was it one of those issues that solves itself and you never get to learn what happened?