Hooking Up to Mail
-
I have installed and tested Postfix. How do I tell NodeBB to send the mail out via Postfix, the same way the
mail
command does? -
@waugh by default NodeBB will use the sendmail command to send email when the SMTP transport isn't enabled, no emailer plugin is installed, and emails are enabled generally.
Have you tried setting up sendmail to use postfix?
-
@pitaj said in Hooking Up to Mail:
... when the SMTP transport isn't enabled ...
When I navigate to admin/settings/email, I see this.
How do I disable SMTP transport? -
@waugh Reading thru this thread I suggest not opting for Postfix. Running a fully fledged smtp server on the big bad Internet requires certain expertise, care and feeding. Hence, for most folks, opting for a free relay service is the lowest hanging fruit.
Mind you, running your own SMTP server does have advantages for some use cases. Postfix sports fairly sane defaults ootb. That does not obviate the need for you to grok just what every line in those config files means. So be ready to do some reading. Good news is that Postfix has good docs and the example config files are well commented.
Edit: Ah, yeah.... I have a suspicion you will disregard the above so.... What the heck...
Geronimo! Here ya' go!! Big medicine!!
Postfix Null Client Example Configuration
What is a Null Client, ya' says? RTFM:
A null client is a machine that can only send mail. It receives no mail from the network, and it does not deliver any mail locally.
Hence, you must have some OTHER, supplementary MX that will receive mail for your domain. Else opt for a slightly more complex config. I'll leave the reading to you.
Enjoy!
-
@waugh if that toggle is off, then it should automatically fall back to postfix automatically. Is postfix not receiving messages for outgoing mail?
I will admit that our domain knowledge for these sorts of providers like sendmail or postfix are limited.
We usually recommend using a third party emailer like sendgrid because they have better deliverability.
-
@waugh The sendmail executable may well actually be Postfix, depending on distribution, as, unlike Qmail and others, Postfix's design criteria included being a drop in replacement for Sendmail, the ancient MTA/MX app.
Falling back to Postfix may or may not work, depending on config. For e.g., user may need to tell the "Custom" pull down to listen on localhost, a.k.a. 127.0.0.1 loopback address. Likely port 25. Depending...
Postfix has a bazillion knobs. And I am glad for them but the moment you break away from the default configs you better make sure you know what you are doing. Managing a fleshed out mail server is not everybody's cup of tea and should not be undertaken lightly. If you do not already possess foundational subject domain knowledge and/or not ready to do quite a bit of background reading about stuff like MX records, DKIM, open relays, header/content inspection for filtering out the cruft, etc. then I suggest configuring a null client and relaying thru a third party service. The local "mail spool" will still provide some buffering for slow, bogged down, or offline upstream relays.
If one is targeting running NodeBB on a minimally provisioned VM and concerned about the overhead of running even a null client daemon, then consider opting for the builtin or plugin-in stuff. Not as efficient at delivery though so a larger site sending lots of mail may struggle with delays, unnecessary load on NodeBB, DOS, etc.? I don't know because I never tested that option.
Does this add any clarity?
-
It seems broken to me that when I turn off the switch for "Use an external email server to send emails", the rest of the form is still prompting for the identity of the external email server via which to send emails.
-
@julian said in Hooking Up to Mail:
@waugh if that toggle is off, then it should automatically fall back to postfix automatically. Is postfix not receiving messages for outgoing mail?
Do not have a test box handy at moment. When it falls back, does NodeBB submit mail via a pipe or tcp/ip? Pipes can be more efficient if everything is local, but for whatever reason I set mine up to use tcp/ip.
I run a Postfix null client on my forums. Incoming mail is routed via my main MX's. Here's a screenshot of my config NodeBB side. I am not updated to current stable release but the knobs should be similar.
The above presumes a local mail server listening on port 25. Might want to confirm that on your set up.
-
@gotwf said in Hooking Up to Mail:
@julian said in Hooking Up to Mail:
@waugh if that toggle is off, then it should automatically fall back to postfix automatically. Is postfix not receiving messages for outgoing mail?
.... When it falls back, does NodeBB submit mail via a pipe or tcp/ip?
It tries to open a TCP port. The port number it tries by default is generally associated with talking to an MSA.
-
@julian said in Hooking Up to Mail:
@waugh if that toggle is off, then it should ... fall back to postfix automatically. Is postfix not receiving messages for outgoing mail?
When I first installed NodeBB and had not even become aware of the settings, and so obviously had not changed them, and I posted a reply that should have generated e-mail, NodeBB complained that it couldn't open a certain port. I have learned that the port number in question is generally used for SMTP to an MSA, message submission agent.
After I installed Postfix, the same thing happened. But I believe I understand why. Postfix out of the box accepts mail from "mail" via a "sendmail" program that Postfix includes for backward compatibility with Sendmail. I believe that "mail" invokes this "sendmail" and pipes the message to it. This succeeds on my system -- I can send and receive e-mail across the Internet, including to gmail and including to the (paid) disposable-email-address provider that I use. But Postfix out of the box does not have its MSA turned on. This is called "submission" in the "master.cf" configuration file. I have since tried turning that on. I think I need to study and change some of the arguments I am not passing to it, but that I see mentioned in an example someone posted. So what is currently happening, with my MSA turned on but not properly configured, is that NodeBB is showing an error message evidently returned by Postfix, to the effect that "localhost." (note the period at the end) is not one of the domains mentioned in my TLS cert (which it isn't, shouldn't be, and can't be). Since NodeBB knows nothing about TLS (does not prompt for any configuration for it), I take this error message as evidence that NodeBB is now talking to Postfix and Postfix is taking the basic syntax but reporting back on a problem that is happening internally to Postfix between its modules on account of my not having configured them correctly yet.
-
@waugh Your atypical config may well be confounding the issue. Mail submission port is 587. Hence why you get "depending" in some of my replies. Or maybe you are doing wrong NodeBB config side. Hard saying since we're not psychic.
Try this NodeBB side:
Replicate the config parameters in my screenshot above excepting changing the port to 587 and see if it works. Note that Connection security should be None. Else if you invoke STARTTLS NodeBB side then of course Postfix will endeavor to oblige (depending on config). Username and Password should not be necessary for local submission. Note that Submission ports typically are configured to require authentication and authorization. But maybe not from locally submitted mail. Depending....
Be the above as it may. Presuming you do get things "working", I suggest you implement a Null Client configuration Postfix side. I've linked the docs for you somewhere up thread. Arrange to receive incoming mail for your nodebb domain elsewhere.
If you must receive email for that domain on boxes managed by you then I suggest spinning up some additional VM's dedicated to that task:
- Primary MX
- Secondary MX
Which you can config to handle initial filtering, blacklist handling and such before forwarding to:
- Local spool for local delivery - Bit of a pain MUA side unless you're accustomed to kickin' it old skool.
- Yet another VM hosting an IMAP Server such as Dovecot.
a. And maybe yet another VM, or two dedicated to SPAM and Antivirus duties. - Forward to third party mailbox provider.
There is some configuration DNS side required for the various options mentioned above. I shall not delve into those at this time, but please do be aware that there are additional moving pieces involved.
Have fun!
-
Some additional comments that may help flesh this thread out a bit more:
@waugh queried:
if I use the SMTP support that is included in NodeBB, can I configure it to send the mail directly to the destination rather than via gmail or another intermediary?
@PitaJ replied:
I don't think SMTP works that way, it requires an intermediary mail server. What you're talking about is exactly what sendmail does my default.
Howsomever: Yes you may, depending on your configuration.
sendmail, the executable, will send mail via a variety of transports in keeping with the postal service mantra of "the mail must get thru".
man sendmail(8) speaketh thusly:
Sendmail sends a message to one or more recipients, routing the message over whatever networks are necessary. Sendmail does internetwork forwarding as necessary to deliver the message to the correct place.
...
..... snip, snip.....
...
With no flags, sendmail reads its standard input up to an end-of-file or a line consisting only of a single dot and sends a copy of the message found there to all of the addresses listed. It determines the network(s) to use based on the syntax and contents of the addresses.If the recipient is not known locally, i.e. a local user/domain, then the server's resolver subsystem should, (once gain, depending on config) return the MX record for the domain at hand and attempt a delivery. Whether or not that MX accepts your mail is another matter, contingent upon their assessment of your server's legitimacy. At minimum you will need matching forward and reverse DNS enteries, and likely an SPF record, for example. Others will automatically put you on their blacklist even if your stuff is squeaky clean and require a near act of god to be removed.
Handling of refused, bounced, etc. mail is, once again, contingent upon configuration. One should ensure their mail queues do not become constipated to the extent undeliverable mail exhausts disk space, thereby effectively creating a DOS.
Hence, something seemingly as simple as mail delivery can pose more than a few sticky wickets and why I suggest following @julian et.al.'s advice up post. Unless you have a clear use case not to. Learning how to do all of this stuff is a legitmate use case. Just be forewarned that you may experience a bit of trial by fire if you are learning the zen of email administration on a production system.
Enjoy!
-
@pitaj said in Hooking Up to Mail:
NodeBB supports using sendmail on Linux to send emails. To do this you just turn off the SMTP transport and make sure no email plugins are enabled.
In my case, I'm fine now, because I found a way to configure Postfix that results in its relaying the outgoing mail. NodeBB is talking SMTP in the submissive aspect of SMTP, and Postfix can understand that aspect if configured to. And I think that's a fine and future-oriented way to work. However, if anyone searching for information comes across this thread, it will not tell them how to get NodeBB to use "sendmail", either when the "sendmail" executable is that of the Sendmail package, or when it is the backward-compatible shim included in the Postfix package. Even though @PitaJ says that an admin of a NodeBB instance can configure it to turn off SMTP transport, I never found a mix of settings of NodeBB that would do that. With every mix I tried, it continued to try to open the submission port. And again, for me, that's fine.
My thanks to everyone who responded.
-
BTW, here is my config of the MSA in Postfix (master.cf) :
# ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (no) (never) (100) # ========================================================================== submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=none -o smtpd_reject_unlisted_recipient=no -o smtpd_recipient_restrictions= -o smtpd_sasl_auth_enable=no -o smtpd_client_restrictions=permit_mynetworks,reject
When I received Postfix from the package library of the distro I am using, Postfix as packaged had the
submission
logical line commented out. Maybe if I had compiled Postfix from its source as published in its repo (instead of installing the package), thesubmission
line wouldn't have been commented out. But no doubt there were benefits to using the package. I suppose it included some aspects of default configuration appropriate to the rest of the distro, e. g. the method of setting up the auto restart of Postfix when the system is rebooted. Anyway, it all seems to be working for me now. -
@waugh said in Hooking Up to Mail:
@pitaj said in Hooking Up to Mail:
NodeBB supports using sendmail on Linux to send emails. To do this you just turn off the SMTP transport and make sure no email plugins are enabled.
In my case, I'm fine now, because I found a way to configure Postfix that results in its relaying the outgoing mail. NodeBB is talking SMTP in the submissive aspect of SMTP, and Postfix can understand that aspect if configured to. And I think that's a fine and future-oriented way to work. However, if anyone searching for information comes across this thread, it will not tell them how to get NodeBB to use "sendmail", either when the "sendmail" executable is that of the Sendmail package, or when it is the backward-compatible shim included in the Postfix package. Even though @PitaJ says that an admin of a NodeBB instance can configure it to turn off SMTP transport, I never found a mix of settings of NodeBB that would do that. With every mix I tried, it continued to try to open the submission port. And again, for me, that's fine.
My thanks to everyone who responded.
Sendmail is like MySQL, it's become an API. Postfix is "a sendmail" and MariaDB is "a MySQL." People tend to call anything that looks like the app to be the app, but Postfix and MariaDB are used far more than the applications that they mimic.
-
@julian said in Hooking Up to Mail:
Okay, guys, this ? This is why we try to have an arm's length relationship with sendmail.
Seems like managing sendmail/postfix can be an entire undergraduate course SENDMAIL101
It is. Plus no one uses actual Sendmail and hasn't in forever. Postfix started wiping it out twenty years ago when every major platform moved away. Since then, Sendmail has become all but forgotten. Even mentioning it is a little weird as almost on one will ever have it, but everyone has Postfix as its the default in every non-Windows platform in production today. Sendmail was hella complex, Postfix is normally ready to go by default for most purposes. But it depends on how it gets installed, what OS you run, etc.
For most Ubuntu, CentOS or Fedora users you just install it and it works immediately. But then dealing with mail transport in general can be a mess.
-
@waugh said in Hooking Up to Mail:
@julian Do you engage in a more intimate relationship with Haraka?
Niche third party platforms would be far less likely. Postfix is built into nearly all production platforms and configured out of the box for most usages (standard SMTP relay.) His point was that they don't get their hands dirty with any specific email implementation and leave that for the admins, they just send email out on whatever protocol or API is selected and the rest is up to the email admin to configure.