Page MenuHomeDevCentral
Create Task
Maniphest T1805

Sentry can't send mail anymore
Closed, ResolvedPublic
Actions

Description

Sentry got a 421 error from SMTP.

Reference: https://sentry.nasqueron.org/organizations/sentry/issues/2/

An EXIM mail container is still running, and we don't updated it.
OVH isn't known to block port 25, but connectivity should be checked too.

Last mails I've received:

  • Account-related mail: 2020-02-15 ("Security settings changed")
  • Weekly report: 2019-12-30 ("Weekly Report for Nasqueron: December 23rd, 2019 - December 30th, 2019")

First mail I've received:

  • Issue: 2018-11-11 ("[Sentry] INTERNAL-2 - 2 new alerts since Nov. 11, 2018, 3:02 p.m. UTC")

Revisions and Commits

rOPS Nasqueron Operations
D2918rOPSa0c2a84a3e9e Update EXIM containers uid/gid

Related Objects
Search...

StatusSubtypeAssignedTask
 ResolvedderecksonT1791 Refresh Sentry installation
 ResolvedderecksonT1805 Sentry can't send mail anymore

Event Timeline

dereckson triaged this task as Normal priority.Mar 25 2023, 13:55
dereckson created this task.
docker-002
$ docker logs sentry_smtp
   10 LOG: MAIN
   10   exim 4.92 daemon started: pid=10, no queue runs, listening for SMTP on port 25 (IPv6 and IPv4)
   11 LOG: host_lookup_failed MAIN
   11   no host name found for IP address 172.18.3.19
   11 LOG: MAIN PANIC DIE
   11   Failed to create directory "/var/spool/exim4/input": Permission denied
   11
   11 2023-03-14 23:14:08 1pcDqK-00000B-Rm Failed to create directory "/var/spool/exim4/input": Permission denied
   11
   11 2023-03-14 23:14:08 1pcDqK-00000B-Rm Failed to create directory "/var/spool/exim4/input": Permission denied
   11
   11 exim: could not open panic log - aborting: see message(s) above
   12 LOG: host_lookup_failed MAIN
   12   no host name found for IP address 172.18.3.19
   12 LOG: MAIN PANIC DIE
   12   Failed to create directory "/var/spool/exim4/input": Permission denied
   12
   12 2023-03-14 23:15:31 1pcDrf-00000C-5i Failed to create directory "/var/spool/exim4/input": Permission denied
   12
   12 2023-03-14 23:15:31 1pcDrf-00000C-5i Failed to create directory "/var/spool/exim4/input": Permission denied
   12
   12 exim: could not open panic log - aborting: see message(s) above
   13 LOG: host_lookup_failed MAIN
   13   no host name found for IP address 172.18.3.21
   13 LOG: MAIN PANIC DIE
   13   Failed to create directory "/var/spool/exim4/input": Permission denied
   13
   13 2023-03-20 12:00:02 1peEBG-00000D-9c Failed to create directory "/var/spool/exim4/input": Permission denied
   13
   13 2023-03-20 12:00:02 1peEBG-00000D-9c Failed to create directory "/var/spool/exim4/input": Permission denied
   13
   13 exim: could not open panic log - aborting: see message(s) above
dereckson added a comment.Mar 25 2023, 13:58

/var/spool/exim4 = /srv/exim/sentry_smtp/spool

The "could not open panic log" could also mean error also occurs for /srv/exim/sentry_smtp/log

Exim process now runs under uid 101. The /etc/passwd entry states a gid 101 too: Debian-exim:x:101:101::/var/spool/exim4:/usr/sbin/nologin

dereckson added a revision: D2918: Update EXIM containers uid/gid.Mar 25 2023, 14:07
dereckson added a comment.Mar 25 2023, 14:21

Test mail received with D2918:

/srv/exim/sentry_smtp/log/mainlog
2023-03-25 14:14:00 no host name found for IP address 172.18.3.19
2023-03-25 14:14:00 1pg4ee-00000K-W5 <= noreply@sentry.nasqueron.org H=(61902f82ab54) [172.18.3.19] P=esmtp S=590 id=167975364093.21.4439838707014107350@61902f82ab54
2023-03-25 14:14:01 1pg4ee-00000K-W5 H=aspmx.l.google.com [2a00:1450:400b:c03::1b] Cannot assign requested address
2023-03-25 14:14:02 1pg4ee-00000K-W5 => dereckson@espace-win.org R=dnslookup T=remote_smtp H=aspmx.l.google.com [74.125.193.27] X=TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no DN="CN=mx.google.com" K C="250 2.0.0 OK c14-20020a5d4cce000000b002db47b14636si6470613wrt.456 - gsmtp"
2023-03-25 14:14:02 1pg4ee-00000K-W5 Completed

To fix "no host name found for IP address 172.18.3.19", we could add sentry.nasqueron.org or mx.sentry.nasqueron.org as container hostname, as we support that setup in container definition:

roles/paas-docker/containers/exim.sls
{% if 'host' in container %}
    - hostname: {{ container['mailname'] }}
{% endif %}
dereckson added a commit: rOPSa0c2a84a3e9e: Update EXIM containers uid/gid.Mar 25 2023, 14:22
dereckson closed this task as Resolved.Mar 25 2023, 14:23
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator