gitops icon indicating copy to clipboard operation
gitops copied to clipboard

Published 20 hours ago verified publisher icon hashbang

Add mail

Open daurnimator opened this issue 4 years ago • 2 comments

Hard codes groups for now; they need to be migrated to a userdb data source.

Had to hardcode the userdb IP.... dns lookups are failing with:

Jun  5 05:39:46 mail-67d99dc66b-qfvrv postfix/smtpd[297]: warning: connect to pgsql server postgresql://mail:userdb-mail-lookup@userdb-attempt-too-do-user-989073-0.db.ondigitalocean.com:25060/userdb?sslmode=require: could not translate host name "userdb-attempt-too-do-user-989073-0.db.ondigitalocean.com" to address: System error?
Jun  5 05:39:46 mail-67d99dc66b-qfvrv postfix/smtpd[297]: warning: pgsql:/etc/postfix/userdb-aliases.cf lookup error for "[email protected]"
Jun  5 05:39:46 mail-67d99dc66b-qfvrv postfix/smtpd[297]: NOQUEUE: reject: RCPT from unknown[123.123.123.123]: 451 4.3.0 <[email protected]>: Temporary lookup failure; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<hashbang.sh>

Tested and seems to work... aside from antispam...

Jun  5 05:58:07 mail-966b75b74-m5527 postfix/smtp[158]: 8AF4A34: host aspmx.l.google.com[173.194.69.26] said: 421-4.7.0 [161.35.77.52      15] Our system has detected that this message is 421-4.7.0 suspicious due to the very low reputation of the sending IP address. 421-4.7.0 To protect our users from spam, mail sent from your IP address has 421-4.7.0 been temporarily rate limited.
Please visit 421 4.7.0  https://support.google.com/mail/answer/188131 for more information. w16si2893908ejn.715 - gsmtp (in reply to end of DATA command)

 

daurnimator avatar Jun 05 '20 04:06 daurnimator

Tested and seems to work... aside from antispam...

This will happen for the next year ish, because most popular mail hosts have a ranking system based on the age of the IP to prevent people from just picking up a new host and using mail on it.

I don't know why it happens for DigitalOcean IPs, as if I recall correctly, mail is blocked by default, so we had to open up an issue a very long time ago to get it activated for our account. I guess Google doesn't care.

RyanSquared avatar Jun 06 '20 02:06 RyanSquared

aside from antispam...

our SPF records say only accept mail from our MX; need to update it to allow from any k8s node running mail....

daurnimator avatar Jun 08 '20 05:06 daurnimator