Cannot run Chatmail relay

Chatmail relay version: 1.6.0

Expected behavior

Running chatmail relay.

Actual behavior

An error:

debian@29756:~/relay$ scripts/cmdeploy run
[ssh] login to deltachat.kz
root@deltachat.kz's password:
Collecting initial DNS settings..............
[$ pyinfra --ssh-user root deltachat.kz /home/debian/relay/cmdeploy/src/cmdeploy/deploy.py -y]
--> Loading config...
--> Loading inventory...
--> Connecting to hosts...
[deltachat.kz] SSH error (No authentication methods available)
--> Disconnecting from hosts...
--> pyinfra error: No hosts remaining!
Deploy failed
debian@29756:~/relay$

SSH root works correctly, I can login via $ ssh root@deltachat.kz.

What do I do wrong and how to fix the issue?

Well, I needed to do these to deploy the relay:

$ ssh-keygen -t ed25519 -C "deploy"
$ ssh-copy-id root@deltachat.kz
$ hostnamectl set-hostname deltachat.kz

Then add to /etc/hosts 127.0.1.1 deltachat.kz

nano /etc/postfix/main.cf

Replace myhostname = 29756 to myhostname = deltachat.kz.

dpkg --configure postfix

Then I needed to delete added OpenSUSE-mirror from /etc/apt/source.list and install dovecat-core, because for some reason the package from OpenSUSE-mirror was incorrect.
And now my relay works, but I cannot text anyone.
I launched ~/relay$ scripts/cmdeploy dns

Output:

debian@29756:~/relay$ scripts/cmdeploy dns
[ssh] login to deltachat.kz
Collecting initial DNS settings..............
Check expected zone file entries..............................................
Please set required DNS entries at your DNS provider:
deltachat.kz.                   MX 10 deltachat.kz.
_mta-sts.deltachat.kz.          TXT "v=STSv1; id=202506100614\"
opendkim._domainkey.deltachat.kz. TXT "v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp/EkIBqaMfE/E5qNKPtSSsE0TtFi1+HI0HbJukku7/nSGaF5JleBTC9c0KAWCr+pzWsrX44RBDzoB2STf9FuncI9TV8TrVS/mpE/A4LO+rDIV8MCIoeT0LCHnZhgjTgBfpE7a9zbTYKl+/WjXWxEnDP7rcX7rTzpijSnePXbTXEFON8yg1/gcA7ViYt62zGiHA" "02cpYn3iUn5sgxwFdsnjVD76vse11ut2b6ufvYyd8HF7ZZgFQlrCTiSloYOKMbPRcLz24mqcBY1UbgnTihczIQC0KawO0XgzV8pwWIQh45n6tMx2Jwfyy0JRFT1c+U0a26hRCC4YCtj9IlTZbEwIDAQAB;s=email;t=s"
If the DKIM entry above does not work with your DNS provider, you can try this one:
opendkim._domainkey.deltachat.kz. TXT "v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp/EkIBqaMfE/E5qNKPtSSsE0TtFi1+HI0HbJukku7/nSGaF5JleBTC9c0KAWCr+pzWsrX44RBDzoB2STf9FuncI9TV8TrVS/mpE/A4LO+rDIV8MCIoeT0LCHnZhgjTgBfpE7a9zbTYKl+/WjXWxEnDP7rcX7rTzpijSnePXbTXEFON8yg1/gcA7ViYt62zGiHA02cpYn3iUn5sgxwFdsnjVD76vse11ut2b6ufvYyd8HF7ZZgFQlrCTiSloYOKMbPRcLz24mqcBY1UbgnTihczIQC0KawO0XgzV8pwWIQh45n6tMx2Jwfyy0JRFT1c+U0a26hRCC4YCtj9IlTZbEwIDAQAB;s=email;t=s"
WARNING: these recommended DNS entries are not set:
deltachat.kz.                   TXT "v=spf1 a ~all"
_dmarc.deltachat.kz.            TXT "v=DMARC1;p=reject;adkim=s;aspf=s"
deltachat.kz.                   CAA 0 issue "letsencrypt.org;accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/2455227502"
_adsp._domainkey.deltachat.kz.  TXT "dkim=discardable"
_submission._tcp.deltachat.kz.  SRV 0 1 587 deltachat.kz.
_submissions._tcp.deltachat.kz. SRV 0 1 465 deltachat.kz.
_imap._tcp.deltachat.kz.        SRV 0 1 143 deltachat.kz.
_imaps._tcp.deltachat.kz.       SRV 0 1 993 deltachat.kz.
debian@29756:~/relay$

It’s really great to see people setting up Chat Mail Relays in their own countries — it’s heartwarming.
Now there’s https://deltachat.kz in Kazakhstan, and in Russia — my own https://deltachat.ru

Interestingly, the Polish server @mailchat.pl somehow allows users to create accounts with a custom name when setting up a profile — just like a classic email address with @mailchat.pl added at the end.
I’m really curious how they managed to do that. I’d love to set up something like this too!

Well, it works, but I cannot send a message or get a one with nine.testrun.org, but I can communicate with my disroot deltachat account. It’s strange.

To be honest, the chat mail relay Federation works every other time, but somewhere it doesn’t work at all. No one can answer me, as if they are hiding something. The federation only works for the domain testrun.org otherwise, everything is closed. I was wrong to say recently that everything was working, but not everything is working. Well, if that’s what the creators of the repeater want, let them. It’s strange that the guys who raise their servers don’t understand why the federation is working or not. I tried to contact the provided mehl cloud contacts, but Secure Join does not work even inside the server. Wrote @r10s, also silence. In general, the guys react strangely.

Strange! What happens when federation doesn’t work? Are the messages silently not delivered or does DC report a delivery error?

Does the script for testing chatmail deployments which @WofWca suggested report no errors?

As I have tested with deltachat.kz, when you try to add a someone by the QR or the i.delta.chat link, you’ll get the “Establishing guaranteed end-to-end encryption, please wait…” message, and then, after ~5 seconds, “The contact must be online to proceed. This process will continue automatically in background”.

1 Like

First comes the key exchange “Establishing guaranteed end-to-end encryption, please wait…” as @WofWca said, after 5 seconds, “The contact must be online to continue. This process will automatically continue in the background.” Naturally, nothing happens on the other side, no incoming requests. It is possible to send an email, but without successfully transferring the key, sending will be without encryption, and such sending is prohibited in chat mail relay. I have performed a cmdeploy test, here is a screenshot.

1 Like

There would be at least some documentation. But alas, we only have this page. relay/README.md at main · chatmail/relay · GitHub

In general, dear colleagues, I have come to the point. Having received no response from anyone, I looked through the log and found that I had no DKIM record on my server. I ran the scripts/cmdeploy dns script, it knocked out several missing DNS records on my domain. Naturally, I entered all the records and the federation started working at full capacity. That is, it turns out that in order for the federation to work with all chat mail relay servers, each administrator needs to enter all DNS records provided by the scripts/cmdeploy dns command. The problem has been found and solved.

1 Like