opensource icon indicating copy to clipboard operation
opensource copied to clipboard

Published 20 hours ago verified publisher icon sendgrid

Inbound parse webhook url does not work

Open devpro9219 opened this issue 4 years ago • 3 comments

I've made the webhook URL to parse incoming email on localhost(Laravel project), and it works (it leaves some logs in the local file) after I register this URL(used the ngrok) in SendGrid inbound parse when sending email to registered domain email address. But after upload this project into the host(Siteground), and replace the inbound webhook URL with this host URL in SendGrid, it doesn't work (it doesn't write any logs in the local file). I've tested this live URL using curl post and postman, and this URL works well. I don't know why the SendGrid couldn't call this live URL when receiving the incoming email. Thank you.

devpro9219 avatar Dec 22 '20 19:12 devpro9219

same for me. I have set up the inbound parse correctly (have an authorized domain, etc.). The hook works and delivers email messages to a URL generated via https://pipedream.com/ but when I use an endpoint of my app the hook doesn't deliver messages even to the load balancer. My endpoint works and is able to accept POST "form-data" requests. I tested it via Postman.

@devpro9219 @snowman0707 Could you find out what was an issue in your cases? Thank you in advance.

oleksandrtaran avatar Feb 02 '22 21:02 oleksandrtaran

@oleksandrtaran @snowman0707 @devpro9219 , I spent two weeks on what seems like this same issue and found one possible answer (that worked for me):

Problem:

  • Localhost: my endpoint route was working correctly. I was able to receive and parse both SendGrid (through a local tunnel -- both cloudflare and localtunnel) and Postman POSTs.
  • Production: my endpoint route was working fine when tested with Postman and when tested with SendGrid POSTs when sent to a cloudflare tunnel that pointed at my live site. However the SendGrid POSTs that were sent directly to my site seemed to fall into a black hole. They never made it. I did not have any agent blocks or any IPs blacklisted, so I wasn't sure what was going on.

Solution:

  • After a lot of back and forth with the support team, I learned that SendGrid Inbound Parse seems to only support TLS 1.2... My site was using TLS 1.3. Local tunnels generated full backwards compatability SSL certs which is why the POSTs would work there, but not directly to my site.
  • To identify if this is an issue for you, you can test your site at: https://www.ssllabs.com/ssltest/analyze.html ... once it is done, there will be a section that shows you what your site supports: image
  • If you don't have green for TLS 1.2, then you need to update your server to support this.

I used NGINX and CertBot. To update them:

  • SSL into your server and use sudo NGINX -T to see what your current configuration is, and where it is.
  • Open up that config with sudo /etc/nginx/snippets/ssl-params.conf (or whatever your actual path and preferred editors are.. and make sure to use the path from the -T call b/c you might end up updating the wrong config).
  • Look for the line that says ssl_protocols.... you need to update it to read ssl_protocols TLSv1.3 TLSv1.2;
  • You may also need to add specific ciphers and a path to a dhparam if you don't already have one generated and linked. This is what the relevant portion of my final file looks like:
ssl_protocols TLSv1.3 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
  • Exit out, make sure your new config works with sudo service nginx configtest and then restart NGINX with sudo service nginx restart
  • Test your site again on SSLLabs and make sure it supports TLS 1.2

I then sent another inbound parse to SenGrid and was able to confirm that it hit my site, was logged, and was processed.

sharedphysics avatar Nov 18 '22 18:11 sharedphysics