[Support] Poste.io Free version


Recommended Posts

All PHP commands from this container are suddenly giving "Bus Error". This started yesterday.

It's currently sending me an error mail roughly every 30 minutes because of the cronjob trying to execute `/usr/lib/php/sessionclean`.

 

If I open the container console and run "php" or even just "php -v" I also get "Bus Error".

 

EDIT: Having rebooted the entire Unraid server seems to have fixed it. Not sure what was going on, rebuilding the container didn't fix it. No disks are out of space, no other containers had issues. 

Edited by xorinzor
Link to comment
On 1/16/2020 at 4:00 AM, xorinzor said:

All PHP commands from this container are suddenly giving "Bus Error". This started yesterday.

It's currently sending me an error mail roughly every 30 minutes because of the cronjob trying to execute `/usr/lib/php/sessionclean`.

 

If I open the container console and run "php" or even just "php -v" I also get "Bus Error".

 

EDIT: Having rebooted the entire Unraid server seems to have fixed it. Not sure what was going on, rebuilding the container didn't fix it. No disks are out of space, no other containers had issues. 

You should run a memtest.  A bus error is when a program (any program) attempts to access a memory location that isn't divisible by 4.  For an interpreted language such as PHP, a bus error from an executing script is impossible unless it came from the originating interpreter (ie: PHP itself)

  • Like 1
Link to comment
  • 2 months later...

Once in a while I receive the following mail from my poste.io docker.

 

subject: 
Cron <root@mail> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )

Message: 
/etc/cron.daily/logrotate:
pkill: cannot allocate 4611686018427387903 bytes

Does anybody have any clue why?

Link to comment
  • 2 months later...

Hi there,
I'm attempting to set up this container for the first time. I am getting a port in use error (Starting the docker container) on `443` I believe because I am running letsencrypt.

Error starting userland proxy: listen tcp 0.0.0.0:443: bind: address already in use.

 

 

Edit: I just set an explicit https port the way I would with other containers and that seems to be working for serving the admin UI at least.


 

Edited by paperblankets
Potential solution found.
Link to comment
  • 4 weeks later...
On 3/30/2020 at 6:48 PM, capino said:

Once in a while I receive the following mail from my poste.io docker.

 


subject: 
Cron <root@mail> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )

Message: 
/etc/cron.daily/logrotate:
pkill: cannot allocate 4611686018427387903 bytes

Does anybody have any clue why?

 

Can't tell you why, but I'm having the exact some issue... exact same number and everything. It's working fine, just get that email every day for the past while.

 

root@mail:/etc/cron.daily# logrotate /etc/logrotate.conf 
pkill: cannot allocate 4611686018427387903 bytes

 

Link to comment
8 minutes ago, kharntiitar said:

 

Can't tell you why, but I'm having the exact some issue... exact same number and everything. It's working fine, just get that email every day for the past while.

 


root@mail:/etc/cron.daily# logrotate /etc/logrotate.conf 
pkill: cannot allocate 4611686018427387903 bytes

 

A very short time after this, I rebooted the container, and ran the logrotate again. This time I got a bunch of errors for items in /var/log:

 

" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

I changed permissions on those folders to 755, and chowned to root, and it all started working, no errors. On reboot though, it reclaims the folders and errors come back. I tried rolling the docker back 2 months, and then 2 years, but same issue.

 

Might look at editing the "su" config for it.

Link to comment

@paperblankets I got mine solved, hopefully you can too.

 

I installed a second docker, which worked fine, then had a look at the file structure, the permissions were very different, one by one I chmod'd every single file and directory in /var/log for poste's docker. I now get no errors at all, even after reboot.

 

Running Version 2.2.21 Free.

 

Hope it helps.

Link to comment
  • 3 months later...
On 10/22/2019 at 5:31 AM, aterfax said:

For users who want the letsencrypt in Poste IO working but are already using a letsencrypt docker, all you need to do is share the .well-known folders between your Poste IO and letsencrypt docker i.e. in the Poste IO docker config:

image.png.4862db97996c5f5977f151808390ee98.png

 

Hi,

 

How come your POste.io config is so drastically different from mine?

17E1B4FB-33AC-499C-B4A0-D8CA532E6B90.thumb.jpg.e796e5cfc1c9d291e2f935043837481c.jpg

 

Link to comment

 

I can't create valid certificates using Poste.io's built in function (within web GUI). I don't know how to set up either of the two to work together. Any help? 

 

I'm using Poste.io docker and I also have Letsencrypt docker for cloud and other stuff.  I couldn't find premade certificate file in UNRAID->apps->letsencrypt->nginx-> proxy-confs. 

 

It's really annoying since my iOS devices keep bringing up pop-up "invalid certificate". Even after clicking "cancel" the prompt just keeps coming back.

 

Error message emailed by post.io are:


59ECB74B-7D90-4929-A62A-71328C7EFD28.thumb.jpg.02638b1d7fdb3e06633c17cf32fefef0.jpg

 

I get another message (emailed) that says:

 

DAD01CEC-4E1D-498D-8783-A56672301B44.jpg.13bd06a55281c9738d2db8d6b47d469b.jpg

 

Does anyone have a simple solution on how to make this work?

 

Snapshots (images) of solutions are more helpful than textual explanations.

 

Link to comment
On 11/15/2020 at 6:05 PM, tmor2 said:

 

I can't create valid certificates using Poste.io's built in function (within web GUI). I don't know how to set up either of the two to work together. Any help? 

 

I'm using Poste.io docker and I also have Letsencrypt docker for cloud and other stuff.  I couldn't find premade certificate file in UNRAID->apps->letsencrypt->nginx-> proxy-confs. 

 

It's really annoying since my iOS devices keep bringing up pop-up "invalid certificate". Even after clicking "cancel" the prompt just keeps coming back.

 

Error message emailed by post.io are:


59ECB74B-7D90-4929-A62A-71328C7EFD28.thumb.jpg.02638b1d7fdb3e06633c17cf32fefef0.jpg

 

I get another message (emailed) that says:

 

DAD01CEC-4E1D-498D-8783-A56672301B44.jpg.13bd06a55281c9738d2db8d6b47d469b.jpg

 

Does anyone have a simple solution on how to make this work?

 

Snapshots (images) of solutions are more helpful than textual explanations.

 

EDIT: UPDATED MAY 2021!

I ended up mounting the default certificate files in the docker directly to the certificates from my letsencrypt docker:

To be explicit with my volume mounts for SSL working:

 

/data/ssl/server.crt → /mnt/user/appdata/letsencrypt/etc/letsencrypt/live/mailonlycert.DOMAIN.com/cert.pem
/data/ssl/ca.crt → /mnt/user/appdata/letsencrypt/etc/letsencrypt/live/mailonlycert.DOMAIN.com/chain.pem
/data/ssl/server.key → /mnt/user/appdata/letsencrypt/etc/letsencrypt/live/mailonlycert.DOMAIN.com/privkey.pem


I do not recall the exact details of why the above is optimal but I suspect that Poste is handling making it's own full chain cert which results in some cert mangling if you do give it your fullchain cert rather than each separately (various internal services inside the docker need different formats) - I believe that without the mounts as above the administration portal will be unable to log you in.

 

As I mentioned further up in this thread you can alternatively mount .well-known folders between your Poste IO and letsencrypt docker - this will not work if your domain has HSTS turned on with redirects to HTTPS (or this was the case with the version of letsencypt in the docker a while ago as it was reported here: https://bitbucket.org/analogic/mailserver/issues/749/lets-encrypt-errors-with-caprover )

 

Edited by aterfax
Update
Link to comment
  • 1 month later...
On 6/14/2019 at 6:58 PM, wierdbeard65 said:

Ok, after much digging as well as not a little hair-pulling, I now have it working.

If anyone else stumbles across this post and has the same problem, it seems that when you access the web interface using port 8280, it redirects the browser to use https on port 443, changing the location to be /webmail. I hadn't noticed the switch.... The Let's Encrypt challenge works on http on port 80. So, what I did was to set my reverse proxy to forward all http requests to mail.<mydomain> port 80 to https on my Unraid box and it was able to verify everything....

If you use a reverse proxy, which ports do you have to open up?

Link to comment
  • 3 weeks later...

I have another issue......

 

When I was logging into webui, I received error that local domain 10.10.20.x was blacklisted and I need to wait 2 days to release the block.

 

Are there suggestions on how to overcome that block?

 

thx

 

Edited by tmor2
Link to comment
On 11/16/2020 at 7:14 PM, aterfax said:

I ended up mounting the default certificate files in the docker directly to the certificates from my letsencrypt docker:

image.thumb.png.ae052dc9f7e8208dfe3ff77f9cd1c20c.png

 

But as I mentioned further up in this thread you can also mount .well-known folders between your Poste IO and letsencrypt docker - this will not work if your domain has HSTS turned on with redirects to HTTPS (or this was the case with the version of letsencypt in the docker a while ago as it was reported here: https://bitbucket.org/analogic/mailserver/issues/749/lets-encrypt-errors-with-caprover )

  1. How did you add this:
    1. Is this, Variable, Path, Prot, Label or Device?
  2. What did you do in letsencrypt to issue certificate (I issue one for bitwarden, nextcloudetc)
    1. Did you add in "Sudomains": "mail"? (next to "nextcloud,sonnar,bitwarden...")
    2. Did you have to do anthing else on DNS provider (my MX record is enabeld)?
    3. Did you have to add .config file within letenscrypt? I see no existing template
  3. when I navigate to /etc/letsencrypt/live I don't see the 3 .pem files. Why?
    1. There is only etc/letsencrypt/live/nextcloud.MYDOMAIN.COM folder, but the folder is empty

 

???

 

 

Link to comment
On 1/24/2021 at 1:53 AM, tmor2 said:
  1. How did you add this:
    1. Is this, Variable, Path, Prot, Label or Device?
  2. What did you do in letsencrypt to issue certificate (I issue one for bitwarden, nextcloudetc)
    1. Did you add in "Sudomains": "mail"? (next to "nextcloud,sonnar,bitwarden...")
    2. Did you have to do anthing else on DNS provider (my MX record is enabeld)?
    3. Did you have to add .config file within letenscrypt? I see no existing template
  3. when I navigate to /etc/letsencrypt/live I don't see the 3 .pem files. Why?
    1. There is only etc/letsencrypt/live/nextcloud.MYDOMAIN.COM folder, but the folder is empty

 

???

 

 


1 - Yes these are paths.

 

2 - I added mail.domain.com - naturally you need to have setup your CNAME / MX records and forward ports in your router/network gateway to the Poste.io server. If you wish for the web GUI of poste.io also to be accessible externally you will also need to setup the correct reverse proxy with SWAG. I don't know what you mean by .config

3 - I blanked the folder in the screen shot as I do not want to share my domain name, but yes the subfolder with your domain name / subdomain name is where the PEM files should be if you have setup SWAG correctly to get SSL certificates. If you are lacking certificates you have probably got it setup incorrectly.

Link to comment
9 hours ago, aterfax said:


1 - Yes these are paths.

 

2 - I added mail.domain.com - naturally you need to have setup your CNAME / MX records and forward ports in your router/network gateway to the Poste.io server. If you wish for the web GUI of poste.io also to be accessible externally you will also need to setup the correct reverse proxy with SWAG. I don't know what you mean by .config

3 - I blanked the folder in the screen shot as I do not want to share my domain name, but yes the subfolder with your domain name / subdomain name is where the PEM files should be if you have setup SWAG correctly to get SSL certificates. If you are lacking certificates you have probably got it setup incorrectly.

 

The guide may pertain to Letsencrypt docker (which is not maintained any longer and has been migrated to SWAG docker).

 

Your screen shot has 4 lines, what is the FILE NAME (!) of the first path? Line ends with /liv....?????

I assume it's fullchain.pem???

 

But that needs not be true because there is also priv-fullchain-bundle.pem file.

 

 

Your screen shot (below) shows path to swag...as /mnt/user/appdata/letsencrypt/live/SUBDOMAIN.DOMAIN.COM/*.PEM

 

In swag, this directory is empty  -> if you SSH into it from Docker command line, it will be empty.

 

The keys are stored in following directory: /mnt/usr/appdata/swag/KEYS/letsencrypt/*.PEM

 

 

 

1756D3C4-4774-4C4B-9325-C992A5B1F740.jpg

Edited by tmor2
Link to comment
19 hours ago, tmor2 said:

 

The guide may pertain to Letsencrypt docker (which is not maintained any longer and has been migrated to SWAG docker).

 

Your screen shot has 4 lines, what is the FILE NAME (!) of the first path? Line ends with /liv....?????

I assume it's fullchain.pem???

 

But that needs not be true because there is also priv-fullchain-bundle.pem file.

 

 

Your screen shot (below) shows path to swag...as /mnt/user/appdata/letsencrypt/live/SUBDOMAIN.DOMAIN.COM/*.PEM

 

In swag, this directory is empty  -> if you SSH into it from Docker command line, it will be empty.

 

The keys are stored in following directory: /mnt/usr/appdata/swag/KEYS/letsencrypt/*.PEM

 

 

 

1756D3C4-4774-4C4B-9325-C992A5B1F740.jpg


You are familiar with the concept of the past I assume?

Edit: Here are the docs you need, your certificate files are not in the keys folder: https://certbot.eff.org/docs/using.html#where-are-my-certificates

Edited by aterfax
Link to comment
9 hours ago, aterfax said:


You are familiar with the concept of the past I assume?

Edit: Here are the docs you need, your certificate files are not in the keys folder: https://certbot.eff.org/docs/using.html#where-are-my-certificates

 

Thanks,

 

I understand what you are saying, and I read this page, however it does not reference SWAG docker, which is what I am using.

I cannot reference such a user guide because I am interested in what works in practice, and not on paper (webpage).

 

What happens in practice is following:

  1. Upon generation of certificates (when swag docker is restarted), the content in the following folder /mnt/usr/appdata/swag/KEYS/letsencrypt/  disappears (is deleted by swag docker) and then new files appear, namely all certificates newly issued. The certificates in that folder have timestamp that is few seconds older than when swag docker was restarted.
    1. In other words this statement from your refernce is simply NOT true:
      1. /etc/letsencrypt/archive and /etc/letsencrypt/keys contain all previous keys and certificates, while /etc/letsencrypt/live symlinks to the latest versions.
        1. /etc/letsencrypt/keys does not contain all previous keys, because I verified this ( looked at exitigng keys frst, then restarted swag server, and the new keys in this folder were definitvly different (along with file time stamp being newer). There were no traces at all from "old" certificates.. This may be how swag docker is implemented.
  2.  Folder /mnt/user/appdata/letsencrypt/live/ has certificates only for cloud.mydomain.com....but for not other subdomains or other domains.
  3. When I point Poste.io to folder  /mnt/usr/appdata/swag/KEYS/letsencrypt/, Poste.io correctly restarts, there are no more warnings on iOS/Mac devices such as "the identity of the server yyz.com cannot be verifiied....". The aforementioned error was occurring for all 3 mail domains, for over 1 year on all of my devices.

 

So if your solutions works for you great (using  Letsencrypt docker), but my solution works for me (using swag docker), as evidenced by resolution of the problem that prompted me to post to begin with,  and might work for others using swag docker and poste.io.

 

 

95E4CF72-B5ED-4626-9106-E4E89D147B29.jpg

Edited by tmor2
Link to comment
11 hours ago, tmor2 said:

In other words this statement from your refernce is simply NOT true


The SWAG docker uses certbot........  https://github.com/linuxserver/docker-swag/blob/master/Dockerfile

/mnt/usr/appdata/swag/KEYS/letsencrypt/ is a symlink - due to the way docker mounts things you are better avoiding trying to mount anything symlinked as the appropriate file pathing must exist in the container. If you mount the symlink it will point at things that do not exist within a given container which is why the method 1 below required you to mount the entire config folder - a bad practice.

Mounting a symlink of a cert directly will work, but mounting directly from /mnt/usr/appdata/swag/KEYS/letsencrypt/ will almost certainly break the minute you attempt to get multiple certs for more than one domain.

You appear to be talking about generating a single certificate with multiple subdomains.... this is going to generate only one certificate and one folder it sits in.

Feel free to make an issue on their Github if you are so convinced that you know their container better than they do:

https://github.com/linuxserver/docker-swag/issues

 

You can argue the toss about how you should correctly mount things - but you really should be doing method 2.
https://hub.docker.com/r/linuxserver/swag

 

 

Quote

Using certs in other containers
 

This container includes auto-generated pfx and private-fullchain-bundle pem certs that are needed by other apps like Emby and Znc.

To use these certs in other containers, do either of the following:
 

1 (Easier) Mount the container's config folder in other containers (ie. -v /path-to-le-config:/le-ssl) and in the other containers, use the cert location /le-ssl/keys/letsencrypt/

2:  (More secure) Mount the SWAG folder etc that resides under /config in other containers (ie. -v /path-to-le-config/etc:/le-ssl) and in the other containers, use the cert location /le-ssl/letsencrypt/live/<your.domain.url>/ (This is more secure because the first method shares the entire SWAG config folder with other containers, including the www files, whereas the second method only shares the ssl certs)
 

These certs include:

1: cert.pem, chain.pem, fullchain.pem and privkey.pem, which are generated by Certbot and used by nginx and various other apps

2: privkey.pfx, a format supported by Microsoft and commonly used by dotnet apps such as Emby Server (no password)

3: priv-fullchain-bundle.pem, a pem cert that bundles the private key and the fullchain, used by apps like ZNC

 


I am not using the letsencrypt docker, I am using swag which is a meaningless distinction since they are the same project with a different name due to copyright issues. You do not really appear to be reading anything linked properly nor understanding anything fully. 

I'm not continuing with this dialogue.

Edited by aterfax
Link to comment
  • 3 weeks later...

Hi,

 

I'm in need of some help with poste.io container.

I can receive emails from e.g @gmail.com but I can't send any emails. They are stuck in the queue.

 

I've tried to read the logs but couldn't find anything and my DNS records (MX, DKIM, SFP) looks Ok. Also I've googled for around 8h now and I can't find anything.

 

Anyone have any idé?

 

Thanks!

Link to comment
  • 4 weeks later...
On 3/7/2018 at 11:22 PM, gxs said:

I can't enter the web interface screen. Port 8280 (webui port) only forwards me to  https://myserver/admin/install/server. The problem is that this then shows my unraid interface.

Adding the port like https://myserver:8280/admin/install/server or even changing it to http doesn't do anything.

 

Is there anything I'm missing?

 

Did you find a solution for this? I am having the same problem.

Link to comment

Noticed I can view messages but I can not longer delete messages. Here's the log files (logs on a recreation so time stamps are a bit off) and a screenshot.

 

==> mail.log <==

Mar 19 11:10:22 ce466793ae2b dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=192.168.55.11, lip=127.0.0.1, mpid=14851, TLS, session=<LugE9OW9toLAqDcL>

Mar 19 11:10:22 ce466793ae2b dovecot: imap([email protected])<14851><LugE9OW9toLAqDcL>: Error: Mailbox INBOX: link(/data/domains/mymailserver.info/xaositek/Maildir/cur/1615003435.M382342P32606.3b20f19fac1b,S=6950,W=7251:2,S, /data/domains/mymailserver.info/xaositek/Maildir/.Trash/tmp/1616170222.M693717P14851.ce466793ae2b) failed: Function not implemented

Mar 19 11:10:22 ce466793ae2b dovecot: imap([email protected])<14851><LugE9OW9toLAqDcL>: Logged out in=155 out=1173 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0

Mar 19 11:10:22 ce466793ae2b dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=192.168.55.11, lip=127.0.0.1, mpid=14856, TLS, session=<It0F9OW9uILAqDcL>

Mar 19 11:10:22 ce466793ae2b dovecot: imap([email protected])<14856><It0F9OW9uILAqDcL>: Logged out in=318 out=4258 deleted=0 expunged=0 trashed=0 hdr_count=6 hdr_bytes=1802 body_count=0 body_bytes=0

 

==> mail.warn <==

Mar 19 11:10:22 ce466793ae2b dovecot: imap([email protected])<14851><LugE9OW9toLAqDcL>: Error: Mailbox INBOX: link(/data/domains/mymailserver.info/xaositek/Maildir/cur/1615003435.M382342P32606.3b20f19fac1b,S=6950,W=7251:2,S, /data/domains/mymailserver.info/xaositek/Maildir/.Trash/tmp/1616170222.M693717P14851.ce466793ae2b) failed: Function not implemented

 

==> syslog <==

Mar 19 11:10:22 ce466793ae2b dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=192.168.55.11, lip=127.0.0.1, mpid=14851, TLS, session=<LugE9OW9toLAqDcL>

Mar 19 11:10:22 ce466793ae2b dovecot: imap([email protected])<14851><LugE9OW9toLAqDcL>: Error: Mailbox INBOX: link(/data/domains/mymailserver.info/xaositek/Maildir/cur/1615003435.M382342P32606.3b20f19fac1b,S=6950,W=7251:2,S, /data/domains/mymailserver.info/xaositek/Maildir/.Trash/tmp/1616170222.M693717P14851.ce466793ae2b) failed: Function not implemented

Mar 19 11:10:22 ce466793ae2b dovecot: imap([email protected])<14851><LugE9OW9toLAqDcL>: Logged out in=155 out=1173 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0

Mar 19 11:10:22 ce466793ae2b dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=192.168.55.11, lip=127.0.0.1, mpid=14856, TLS, session=<It0F9OW9uILAqDcL>

Mar 19 11:10:22 ce466793ae2b dovecot: imap([email protected])<14856><It0F9OW9uILAqDcL>: Logged out in=318 out=4258 deleted=0 expunged=0 trashed=0 hdr_count=6 hdr_bytes=1802 body_count=0 body_bytes=0

error_screen.png

Link to comment
  • 2 weeks later...

Hello,

 

I have been able to get to the admin login page. What I failing to comprehend is the login credentials that I must use and how to set about creating those.

I think it may all be in vein because the PTR for my static ip shows my ISP. I have added a PTR on my cloudflared but I dont see that working out. Might have to call my ISP and beg but first, how in the binaries do I get access to my own site. I feel so noob.

Please help.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.