1. SH Avatar SH
  2. Untitled project
  3. MailServer
  4. Issues

Relay open

Issue #469 closed
Riccardo Pomato created an issue

I cannot close the open relay on free container version. I am under spam attach and cannot stop it. I think it's a bug because the relay is closed and no one is permitted to send email by my server.

Comments (13)

  2. Riccardo Pomato reporter

    I am using Azure Kubernetes Service (AKS). This is the yaml file I used to deploy it.

    apiVersion: v1 kind: Service metadata: labels: app: mailserver name: mailserver spec: type: LoadBalancer ports: - name: pop3 port: 110 protocol: TCP - name: http port: 80 protocol: TCP - name: https port: 443 protocol: TCP - name: imap-ssl port: 993 protocol: TCP - name: smtp port: 25 protocol: TCP - name: smtp-client port: 587 protocol: TCP selector: app: mailserver

    apiVersion: apps/v1beta1 kind: StatefulSet metadata: name: mailserver spec: serviceName: "mailserver" replicas: 1 template: metadata: labels: app: mailserver spec: containers: - name: mailserver image: analogic/poste.io resources: requests: cpu: "1" memory: "1000Mi" volumeMounts: - name: mail-data mountPath: /data livenessProbe: tcpSocket: port: 80 initialDelaySeconds: 900 timeoutSeconds: 1 periodSeconds: 300 failureThreshold: 10 volumeClaimTemplates: - metadata: name: mail-data annotations: volume.beta.kubernetes.io/storage-class: default spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 40Gi

  3. SH repo owner

    I am not familiar with azure kubernates but these situations happend almost always when there is source IP manipulation. If incoming connection masks yourself as localhost connection or connection from IP which is relayed by settings than poste can't work properly.

    Far best for docker is network mode = host where there is no interception of user-land proxy or iptables nating. You should look into kubernates manual, it seems that it is not unknown "issue" https://github.com/Azure/ACS/issues/8

  5. Leandro Freire

    Okay, this seems to be my problem too, so what exactly happens to me, maybe some Haraka exploit is allowing this? I do not know ... I use docker swarm + portainer with traefik in front for port 80 and bind to other doors, works fine except for those emails sent to, I do not know who or where #488

  6. Riccardo Pomato reporter

    Yes exactly, I have the same problem and I think the issue is related to open relay. It looks it's closed but when you check with some online tool it shows it's open. I am looking for haraka to change something but cannot find anything. And another thing I would like to fix is the answer of haraka smt server. I would like to change the answer, I don't want show the name and the private IP outside my organization.

  7. SH repo owner

    Can you please paste some file from data/log/delivery/conn/../../... or send it to me to info@analogic.cz?

  9. Riccardo Pomato reporter

    @mrleandrofs we are running in the same issue. I suspect is not a misconfiguration but it's about an image issue...may be a bug. I like this project but if they don't fix the issue asap I will give up, I have been banned already from several mail provider :-( I am thinking to build my own docker image using ubuntu and postfix.

  14. Log in to comment
Assignee
Type
bug
Priority
major
Status
closed
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!