Hello, I completed the install instructions for a relay on Debian 12 at https://chat.luddite.tools . I had a couple of hickups fixing #666 and #647 but otherwise all OK. DNS test is OK except for the CAA that doesn’t seem available at my provider (Hover). The homepage is served, but I still get 4 failing tests:
Those a look like they have the same cause, as they all seem to be something wrong with IMAP. Is there anything odd about your ‘dovecot-imapd’ package?
➜ scripts/cmdeploy status
chatmail domain: chat.luddite.tools
no privacy settings
UNIT LOAD ACTIVE SUB DESCRIPTION
acmetool-redirector.service loaded active running acmetool HTTP redirector
atd.service loaded active running Deferred execution scheduler
cron.service loaded active running Regular background program processing daemon
dbus.service loaded active running D-Bus System Message Bus
doveauth.service loaded active running Chatmail dict authentication proxy for dovecot
dovecot.service loaded active running Dovecot IMAP/POP3 email server
fcgiwrap.service loaded active running Simple CGI Server
filtermail-incoming.service loaded active running Incoming Chatmail Postfix before queue filter
filtermail.service loaded active running Outgoing Chatmail Postfix before queue filter
getty@tty1.service loaded active running Getty on tty1
iroh-relay.service loaded active running Iroh relay
lastlogin.service loaded active running Dict proxy for last-login tracking
nginx.service loaded active running A high performance web server and a reverse proxy server
opendkim.service loaded active running OpenDKIM Milter
postfix@-.service loaded active running Postfix Mail Transport Agent (instance -)
qemu-guest-agent.service loaded active running QEMU Guest Agent
serial-getty@ttyAMA0.service loaded active running Serial Getty on ttyAMA0
serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0
ssh.service loaded active running OpenBSD Secure Shell server
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running User Login Management
systemd-timesyncd.service loaded active running Network Time Synchronization
systemd-udevd.service loaded active running Rule-based Manager for Device Events and Files
turnserver.service loaded active running A wrapper for the TURN server
unattended-upgrades.service loaded active running Unattended Upgrades Shutdown
unbound.service loaded active running Unbound DNS server
user@0.service loaded active running User Manager for UID 0
Try looking at your journal for the filtermail-incoming service, do you see it logging errors and systemd keeps restarting it?
journalctl -u filtermail-incoming.service
If you see shenanigans related to that service, try re-running the deployment using the new release tag, 1.10.0, and it might fix your issue.
Cause: on a VPS delivered from some hosting providers, systemd-resolved is running and using port 53 (it’s a cloud-init design). The chatmail deployment needs port 53 for unbound instead. The typical way one resolves this:
Add a drop-in config to disable the port 53 stub resolver: # cat /etc/systemd/resolved.conf.d/disable-stub.conf [Resolve] DNSStubListener=no
Re-link /etc/resolv.conf to the real generated resolv.conf sitting in /run/system/resolv/
This is normally fine, however: the version of code for filtermail-incoming at that time was unable to read /etc/resolv.conf if it’s a symlink! (oh my). That code needed the file to be a regular file and nothing else. Bad systems engineering.
Since then, 2 things have happened - the filtermail code was upgraded (may have fixed this bug) but more importantly, the chatmail devs added a design pattern that handles the situation (they now stop systemd-resolvd, uninstall resolvconf, and write a regular /etc/resolv.conf by hand).
Re-deploying your instance with the latest tagged code may fix this problem if that’s what’s going wrong. As you might infer, it happened to me and I had to work through the failures.