2023-06-24T11:48:35.798293Z  WARN lemmy_server::root_span_builder: email_send_failed: Connection error: failed to lookup address information: Try again
   0: lemmy_api::local_user::reset_password::perform
             at crates/api/src/local_user/reset_password.rs:15
   1: lemmy_server::root_span_builder::HTTP request
           with http.method=POST http.scheme="http" http.host=iusearchlinux.fyi http.target=/api/v3/user/password_reset otel.kind="server" request_id=ba8117b9-9c0f-49e5-af0e-01e92a4917cf
             at src/root_span_builder.rs:16
LemmyError { message: Some("email_send_failed"), inner: Connection error: failed to lookup address information: Try again

Caused by:
    failed to lookup address information: Try again, context: SpanTrace [{ target: "lemmy_api::local_user::reset_password", name: "perform", file: "crates/api/src/local_user/reset_password.rs", line: 15 }, { target: "lemmy_server::root_span_builder", name: "HTTP request", fields: "http.method=POST http.scheme=\"http\" http.host=iusearchlinux.fyi http.target=/api/v3/user/password_reset otel.kind=\"server\" request_id=ba8117b9-9c0f-49e5-af0e-01e92a4917cf", file: "src/root_span_builder.rs", line: 16 }] }
2023-06-24T11:48:46.118615Z  WARN lemmy_server::root_span_builder: data did not match any variant of untagged enum AnnouncableActivities
   0: lemmy_apub::activities::community::announce::receive
             at crates/apub/src/activities/community/announce.rs:46
   1: lemmy_server::root_span_builder::HTTP request
           with http.method=POST http.scheme="http" http.host=iusearchlinux.fyi http.target=/inbox otel.kind="server" request_id=0d639361-7707-4f9b-b61f-fc133d3946e7
             at src/root_span_builder.rs:16

I am using the lemmy-ansible setup on ubuntu 22.10

    • Sören@iusearchlinux.fyiOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      This almost fixed it. So no more error in Lemmy. Now I get this error in postfix: 2023-06-25T07:44:48.221806+00:00 f42cba971055 postfix/bounce[150]: B5C5E99B88: sender non-delivery notification: 34AF199B8A 2023-06-25T07:44:48.221897+00:00 f42cba971055 postfix/qmgr[134]: 34AF199B8A: from=<>, size=4451, nrcpt=1 (queue active) 2023-06-25T07:44:48.222390+00:00 f42cba971055 postfix/qmgr[134]: B5C5E99B88: removed 2023-06-25T07:44:48.226425+00:00 f42cba971055 postfix/smtp[149]: connect to iusearchlinux.fyi[2a03:b0c0:3:d0::1b5f:9001]:25: Cannot assign requested address 2023-06-25T07:44:48.226554+00:00 f42cba971055 postfix/smtp[149]: connect to iusearchlinux.fyi[46.101.183.128]:25: Connection refused 2023-06-25T07:44:48.240297+00:00 f42cba971055 postfix/smtp[149]: 34AF199B8A: to=<noreply@iusearchlinux.fyi>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=4.4.1, status=deferred (connect to iusearchlinux.fyi[46.101.183.128]:25: Connection refused) 2023-06-25T07:45:47.742485+00:00 f42cba971055 postfix/smtpd[146]: disconnect from iusearchlinuxfyi-lemmy-1.iusearchlinuxfyi_lemmyexternalproxy[172.22.0.3] ehlo=1 quit=1 commands=2 2023-06-25T07:45:47.742847+00:00 f42cba971055 postfix/smtpd[144]: disconnect from iusearchlinuxfyi-lemmy-1.iusearchlinuxfyi_lemmyexternalproxy[172.22.0.3] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5

      • Freeman@lemmy.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Well that would make sense. That domain has no MX record. Nor SPF, DMARC or even PTR records set.

        That looks like a misconfig somewhere.

        the flow should be

        Lemmy APP see’s request to email something@gmail.com. --> Postfix looks up something@gmail.com --> gets MX record --> connects to gmail.com --> Does HELO/EHLO ahndshake --> Sends email.

        Your server is stuck here

        Lemmy APP see’s request to email something@iusearchlinux.fyi. --> Postfix looks up something@iusearchlinux.fyi --> Error no mx record for this domain…close

        You are either testing with a misconfigured domain/email address, or you have configured postfix to try and relay through iusearchlinux.fyi domain, which is misconfigured on the email side.

        At the very least you should have an SPF record, a DMARC record and a PTR/A record for the domain. All I see is an A record there.

        I would double/triple check your config.hjson and docker-compose.yml and make sure you didnt try and setup relay ala: https://github.com/wader/postfix-relay#relay-client-authentication

          • Freeman@lemmy.pub
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            So if your instance is https://iusearchlinux.fyi then here is what I would do. For most of this it can be done in the DNS section of the place you registered the domain with.

            NOTE: It looks like you are using Google Domains. Those are going away. So you may need to move to a differe registrar: https://9to5google.com/2023/06/15/google-domains-squarespace/

            1. SPF record. This is a txt record (text) record saying “these servers can relay from this location” For you the content should be

            v=spf1 ip4:45.33.23.198 ~all

            1. DMARC record. is another text record that says “Do this if SPF or DKIM dont match.” If you put it in strict mode, you need BOTH SPF and DKIM. DKIM is a bit of a pain (though is much better). But if you start with SPF and the default relaxed mode you are probably fine. The record here would be for the _dmarc subdomain as well ie: _dmarc.iusearchlinux.fyi. In the below case I am saying “reject emails that are trying to spoof my domain” you can set it to quarantine but there is little need here.

            _dmarc.iusearchlinux.fyi 900 IN TXT "v=DMARC1;p=reject"

            1. PTR record. You are using digital ocean. These are good to setup because many email servers will look up your IP and make sure it matches the domain. It shows you own it. Dont know how to do it in digital ocean but on linode its in the networking section of the UI. Because linode/DO owns the IP they need to make the change for you as opposed to all the previous steps being done in your domain registrars portal (ie: goodle domains)

            This will get you most of the way to ensure Digital Ocean doesnt get pissed and suspend you for spamming or the like. They may also restrict port 25 outbound due to abuse. For linode you ahve to log a ticket if your account is too young. Your other alternative would be to use a relay host, like sendgrid. Its possible to relay through other services like gmail, but it would probably get your account flagged for something like this. So I would stick to sendgrid or some other relay provider if DO support wont allow you to relay off your droplet.

            The default postfix setup is a direct relay, which DigitalOcean may block. So you can setup relay with these instructions: https://github.com/wader/postfix-relay#relay-client-authentication This is the docker container bundled in the lemmy-ansible app.

            • Sören@iusearchlinux.fyiOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              I added the missing records. Lets hope its working soon. I will have to wait to move the domain since it’s less than 60 days since i bought it.

              • Freeman@lemmy.pub
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                Best of luck. If you have any questions feel free to holler.

                I’m not a lemmy (or docker) pro, but I have done a few postfix and email setups including a lot of email admin, dmarc/dkim/spf etc.

                It does look like digital ocean may be blocking the normal mail ports outbound. So you’ll want to make sure you can work around that or get them to open it.

                • Sören@iusearchlinux.fyiOP
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  I wrote them about opening the port but maybe it will already be open since my acount is older. Thank you again!

  • Freeman@lemmy.pub
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I am having this issue as well today. Email was working fine in 0.17.4

    Noted some of the stuff I did here:

    https://github.com/LemmyNet/lemmy-ansible/issues/105

    Its worth noting that its not hitting postfix container at all. I setup logging to a file on the postfix container to test. The error, for me, is occuring within the lemmy container, before its ever passed to postfix.

    This is happening with account sign ups, comment notifications, and forgot password emails.

    • Sören@iusearchlinux.fyiOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I am using the default from the ansible config

      {
        # for more info about the config, check out the documentation
        # https://join-lemmy.org/docs/en/administration/configuration.html
      
        database: {
          host: postgres
          password: "{{ postgres_password }}"
        }
        hostname: "{{ domain }}"
        pictrs: {
          url: "http://pictrs:8080/"
          api_key: "{{ postgres_password }}"
        }
        email: {
          smtp_server: "postfix:25"
          smtp_from_address: "noreply@{{ domain }}"
          tls_type: "none"
        }
      }
      
      • Freeman@lemmy.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        This should be fine. see my other comment in the thread though, i think its occuring before it ever gets to postfix.