Docker not sending emails

I am trying to get passbolt up and running in a local network. I don’t want to make my server accessible from a public IP, instead, I can access it using the local IP and connecting to a VPN that I have up and running that exposes the local network.

To get passbolt up and running I have followed the docker installation guide. The system works fine and I can add users using the docker command, also users can log in add passwords, etc, etc. So far so good!

However, we have realized that emails are not being sent. We realized when I was trying to recover an account.

Here is how I launch the docker:

docker run --name passbolt \
--net passbolt_network \
-p 443:443 -p 80:80 \
-e DATASOURCES_DEFAULT_HOST=mariadb \
-e DATASOURCES_DEFAULT_PASSWORD=mariadbpassword \
-e DATASOURCES_DEFAULT_USERNAME=mariadbusername \
-e DATASOURCES_DEFAULT_DATABASE=passbolt_db \
-e APP_FULL_BASE_URL=https://192.168.8.241 \
-e EMAIL_DEFAULT_FROM=myemail@myemailserver.com \
-e EMAIL_TRANSPORT_DEFAULT_HOST=smtp.myemailserver.es \
-e EMAIL_TRANSPORT_DEFAULT_PORT=587 \
-e EMAIL_TRANSPORT_DEFAULT_TLS=true \
-e EMAIL_TRANSPORT_DEFUALT_USERNAME=myemail@myemailserver.com \
-e EMAIL_TRANSPORT_DEFAULT_PASSWORD=mypassword \
passbolt/passbolt:latest

Here is the healthcheck su -s /bin/bash -c "./bin/cake passbolt healthcheck" www-data

Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/persistent/myapp_cake_core_translations_default_en__u_s): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]

Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/persistent/myapp_cake_core_translations_default_en__u_s): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]

Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/models/myapp_cake_model_default_organization_settings): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]

Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/models/myapp_cake_model_default_organization_settings): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]

Warning Error: _cake_model_ cache was unable to write 'default_organization_settings' to Cake\Cache\SimpleCacheEngine cache in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Cache.php, line 306]

Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/persistent/myapp_cake_core_translations_cake_console_en__u_s): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]

Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/persistent/myapp_cake_core_translations_cake_console_en__u_s): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]


     ____                  __          ____  
    / __ \____  _____ ____/ /_  ____  / / /_ 
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/ 
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /    
 /_/    \__,_/____/____/_.___/\____/_/\__/   

 Open source password manager for teams
---------------------------------------------------------------
 Healthcheck shell       
---------------------------------------------------------------

 Environment

 [PASS] PHP version 7.3.21.
 [PASS] PCRE compiled with unicode support.
 [FAIL] The temporary directory and its content are not writable.
  [HELP] Ensure the temporary directory and its content are writable by the webserver user.
  [HELP] you can try:
  [HELP] sudo chown -R www-data:www-data /var/www/passbolt/tmp/
  [HELP] sudo chmod 775 $(find /var/www/passbolt/tmp/ -type d)
  [HELP] sudo chmod 664 $(find /var/www/passbolt/tmp/ -type f)
 [PASS] The public image directory and its content are writable.
 [PASS] The logs directory and its content are writable.
 [PASS] GD or Imagick extension is installed.
 [PASS] Intl extension is installed.
 [PASS] Mbstring extension is installed.

 Config files

 [PASS] The application config file is present
 [WARN] The passbolt config file is missing in /var/www/passbolt/config/
  [HELP] Copy /var/www/passbolt/config/passbolt.php.default to /var/www/passbolt/config/passbolt.php
  [HELP] The passbolt config file is not required if passbolt is configured with environment variables

 Core config

 [PASS] Debug mode is off.
 [PASS] Cache is working.
 [PASS] Unique value set for security.salt
 [PASS] Full base url is set to https://192.168.8.241
 [PASS] App.fullBaseUrl validation OK.
 [FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
  [HELP] Check that the domain name is correct in config/passbolt.php
  [HELP] Check the network settings

 SSL Certificate

 [FAIL] SSL peer certificate does not validate
 [FAIL] Hostname does not match when validating certificates.
 [WARN] Using a self-signed certificate
  [HELP] cURL Error (28) Connection timed out after 30001 milliseconds

 Database

 [PASS] The application is able to connect to the database
 [PASS] 23 tables found
 [PASS] Some default content is present
 [PASS] The database schema up to date.

 GPG Configuration

 [PASS] PHP GPG Module is installed and loaded.
 [PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
 [PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
 [FAIL] The server gpg key is not set
  [HELP] Create a key, export it and add the fingerprint to config/passbolt.php
  [HELP] See. https://www.passbolt.com/help/tech/install#toc_gpg
 [PASS] The public key file is defined in config/passbolt.php and readable.
 [PASS] The private key file is defined in config/passbolt.php and readable.
 [FAIL] The server key fingerprint doesn't match the one defined in config/passbolt.php.
  [HELP] Double check the key fingerprint, example: 
  [HELP] sudo su -s /bin/bash -c "gpg --list-keys --fingerprint --home /home/www-data/.gnupg" www-data | grep -i -B 2 'SERVER_KEY_EMAIL'
  [HELP] SERVER_KEY_EMAIL: The email you used when you generated the server key.
  [HELP] See. https://www.passbolt.com/help/tech/install#toc_gpg
 [FAIL] The server public key defined in the config/passbolt.php (or environment variables) is not in the keyring
  [HELP] Import the private server key in the keyring of the webserver user.
  [HELP] you can try:
  [HELP] sudo su -s /bin/bash -c "gpg --home /home/www-data/.gnupg --import /var/www/passbolt/config/gpg/serverkey_private.asc" www-data
 [FAIL] The server key does not have a valid email id.
  [HELP] Edit or generate another key with a valid email id.

 Application configuration

 [PASS] Using latest passbolt version (2.13.5).
 [PASS] Passbolt is configured to force SSL use.
 [PASS] App.fullBaseUrl is set to HTTPS.
 [PASS] Selenium API endpoints are disabled.
 [PASS] Search engine robots are told not to index content.
 [PASS] Registration is closed, only administrators can add users.
 [PASS] Serving the compiled version of the javascript app
 [PASS] All email notifications will be sent.

  8 error(s) found. Hang in there!

Here is what I get when I try to send a test email ./bin/cake passbolt send_test_email

     ____                  __          ____  
    / __ \____  _____ ____/ /_  ____  / / /_ 
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/ 
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /    
 /_/    \__,_/____/____/_.___/\____/_/\__/   

 Open source password manager for teams
---------------------------------------------------------------
 Debug email shell
---------------------------------------------------------------

Email configuration
---------------------------------------------------------------
Host: smtp.myemailserver.es
Port: 587
Username: 
Password: *********
TLS: true

Sending email from: myemail@myemailserver.com
Sending email to: doesnotexist@passboltdummydomain.com
---------------------------------------------------------------

Trace
[220] kundenserver.de (mreue011) Nemesis ESMTP Service ready
> EHLO localhost
[250] kundenserver.de Hello localhost [PUBLIC.IP.OF.MYROUTER]
[250] 8BITMIME
[250] AUTH LOGIN PLAIN
[250] SIZE 140000000
[250] STARTTLS
> STARTTLS
[220] OK
> EHLO localhost
[250] kundenserver.de Hello localhost [PUBLIC.IP.OF.MYROUTER]
[250] 8BITMIME
[250] AUTH LOGIN PLAIN
[250] SIZE 140000000

A test email could not be sent.
Error: SMTP Error: 530 Authentication required

Any ideas/hints on how to solve this issue?

I have gone through some of the forums claiming similar issues without success. here is a list of what I have tried already:

Checklist
[x ] I have read intro post: About the Installation Issues category
[ x] I have read the tutorials, help and searched for similar issues
[ ] I provide relevant information about my server (component names and versions, etc.)
[x ] I provide a copy of my logs and healthcheck
[x ] I describe the steps I have taken to trouble shoot the problem
[x ] I describe the steps on how to reproduce the issue

Hi @apalomer,

Can you confirm your email server is using TLS? There are subtle configuration differences depending if the provider uses TLS, SSL or none of them. You can check https://help.passbolt.com/configure/email/setup

What looks weird is those permission denied messages. Those are not suppossed to happen, have you changed any permissions on the docker image/ built your own docker image?

I have the same email configured as an alias in gmail so I can send emails using this account from my gmail and I have checked the TLS option when I configured and it works, so I assume the credentials and tls options are right.
I have looked into the email/setup that you shared and it only says to put the environmental variables as I showed in my docker run command.

I haven’t been able to reproduce your issue.

For my tests I have been using the default https://github.com/passbolt/passbolt_docker/blob/master/docker-compose.yml

I have edited the env/passbolt.env file adding the following env variables:

EMAIL_TRANSPORT_DEFAULT_HOST=smtp.gmail.com EMAIL_TRANSPORT_DEFAULT_PASSWORD=__PASS__ EMAIL_TRANSPORT_DEFAULT_USERNAME=__USERNAME__ EMAIL_TRANSPORT_DEFAULT_PORT=587 EMAIL_TRANSPORT_DEFAULT_TLS=true
But after all my tests I just realized you have a typo in your env variables:

-e EMAIL_TRANSPORT_DEFUALT_USERNAME=myemail@myemailserver.com \

I think that is the problem :sweat_smile:

OMG! My dislexia is very bad… thank you very much, ./bin/cake passbolt send_test_email --recipient=myemail@mydomain.com just worked fine now!

2 Likes

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.