Open slowkow opened 7 years ago
namsral
commented
7 years ago Reading the trace, it seems there isn't any SMTP server available on host 127.0.0.1 with port 2525.
panic: dial tcp 127.0.0.1:2525: getsockopt: connection refused
A nasty panic none the less.
slowkow
commented
7 years ago Could I please ask you to recommend the next steps to get this working? For example, how did you get this working on your own sites?
namsral
commented
7 years ago Since you mentioned Gmail in your examples, the following example uses a gmail account:
multipass {
resources /authenticaed
handles myusername@gmail.com
mail_from "Multipass <myusername@gmail.com>"
smtp_server smtp.gmail.com:465
smtp_user myusername@gmail.com
smtp_pass secret
}Just replace the myusername and secret credentials with your own.
slowkow
commented
7 years ago Thank you! I appreciate the help. Now I'm starting to remember how the SMTP server is supposed to work again.
I tried the settings you suggested, and this is the error I get now. Do you have any tips to get past this error?
Thanks to your comment, I remember now that I also setup Amazon SES and Mailgun SMTP servers, so I went ahead and tried my Mailgun server and credentials instead of Gmail. However, it gives the same error.
caddy -conf=/etc/caddy/Caddyfile -log stdout
Activating privacy features... done.
multipass for https://test.mydomain.net is initialized
https://test.mydomain.net
2017/01/19 18:25:45 https://test.mydomain.net
http://test.mydomain.net
2017/01/19 18:25:45 http://test.mydomain.net
WARNING: File descriptor limit 1024 is too low for production servers. At least 8192 is recommended. Fix with "ulimit -n 8192".
panic: x509: certificate is valid for ip-123-45-6-789, not localhost
goroutine 21 [running]:
panic(0xbdf3a0, 0xc42006bb80)
/usr/local/go/src/runtime/panic.go:500 +0x1a1
github.com/namsral/multipass/services/email.NewUserService.func1(0xc420374120, 0xc420193d50)
/home/caddy/go/src/github.com/namsral/multipass/services/email/email.go:125 +0x27f
created by github.com/namsral/multipass/services/email.NewUserService
/home/caddy/go/src/github.com/namsral/multipass/services/email/email.go:141 +0x495panic: x509: certificate is valid for ip-123-45-6-789, not localhostThere is a mismatch in the hostname of the SSL/TLS certificate used for the SMTP connection. And the IP referenced in the error is non-existant, 123.45.6.789? Something is off in your setup.
slowkow
commented
7 years ago Indeed, I manually censored the IP address in the pasted code snippet.
Yes, the conflict is about the mismatch. Unfortunately, I can't seem to find any hints about how to resolve this. I was hoping that maybe you might have run into this same error on your servers. Any hints would be greatly appreciated. I'm learning as I go.
For example, is there some way to manually inspect the certificate? Where is it located? Can I modify it? Why don't I run into this type of issue with Apache and only trigger the error with Caddy?
This error seems to be related, there are no instructions for resolution:
The gomail package describes this error in the README, but there is no resolution there either:
If you get this error it means the certificate used by the SMTP server is not considered valid by the client running Gomail.
I ran the TLS Sender Test from my server by sending an email to test@TestSender.CheckTLS.com with this script and it worked:
email_to="test@TestSender.CheckTLS.com"
email_subject="a8jqbpup4xtbt"
email_text="This is a test message."
curl -s --user 'api:MY_API_KEY' \
https://api.mailgun.net/v3/MY_DOMAIN/messages \
-F o:require-tls='true' \
-F o:skip-verification='false' \
-F from='K S <MY_USERNAME@gmail.com>' \
-F to="$email_to" \
-F subject="$email_subject" \
-F text="$email_text"I got the reply:
Your email was successfully sent securely using TLS.
A transcript of the eMail SMTP session is below:
[REDACTED]For example, is there some way to manually inspect the certificate?
Use the openssl cli and connect to the receiving side to inspect the certificate.
Connect the client (gomail) to a SMTP server you control and log the TLS handshake.
The gomail package describes this error in the README
That's a different error regarding self-signed certificates.
What's configured for smtp_addr in your multipass directive?
namsral
commented
7 years ago I use a SMTP client like nullmailer to send emails.
multipass {
smtp_client /usr/sbin/sendmail -t -i
mail_from "Multipass <no-reply@dallas>"
...This has the advantaged of having the SMTP client handling all the nasties; message queue, fails, retries, etc.
Support for SMTP clients was added in 99ad323, see #11.
slowkow
commented
7 years ago I still get the same error:
panic: x509: certificate is valid for ip-172-30-1-238, not localhostI tried smtp_client as you suggested, and GMail, and Mailgun. All of them give me the same error.
Here is my Caddyfile:
test.mydomain.net {
root /var/www/test.mydomain.net
multipass {
resources /
handles myusername@gmail.com
smtp_client /usr/sbin/sendmail -t -i
mail_from "Multipass <no-reply@mydomain.net>"
#smtp_server smtp.mailgun.org:587
#smtp_user postmaster@mg.mydomain.net
#smtp_pass MAILGUN_PASSWORD
#smtp_server smtp.gmail.com:465
#smtp_user myusername@gmail.com
#smtp_pass GMAIL_PASSWORD
}
}Notably, I can successfully send myself an email from the server with:
echo "this is a test" | mail -s "testing $(date)" myusername@gmail.comThanks for your patience with me on this issue! I appreciate it.
namsral
commented
7 years ago I still get the same error:
Please provide the whole trace.
Are you using a Multipass binary from the releases page?
Expected behavior
In the multipass login form, when I click submit, I expect to receive an email to the address I entered.
Observed behavior
caddycrashes with this error when I click submit:Caddyfile: