Click Tracking IP Problem

[aniket-singh]

I have installed Postal server on postal.mozget.me & i wanted to track postal emails but failed to do so.

Hosting provider - Microsoft Azure
RAM - 7GB
Server - Ubuntu
Ip - 52.237.75.66
Secondary Ip - 52.237.75.84 As you stated in the Documentation

I created an "A" Type with host track.mail.mozget.me and ip 52.237.75.84 but it doesn't seem to work.

I also created a CNAE with host click.mozget.me and ALIAS track.mail.mozget.me.

Maybe i'm not getting how to add that secondary ip to my Main Virtual Machine.

I'm aslo confused, Do i have to open PORT 5010 and 5011? as you stated "To facilitate the logging & redirection, Postal runs a separate web server process that listens on ports 5010 (for HTTP) and 5011 (for HTTPS). "

I even enabled the fast server with these detail

fast_server:
  enabled: true
  bind_address: 52.237.75.84

Now in the /etc/nginx/sites-enabled/default i added these details

server {
    listen [::]:80;
    listen 52.237.75.84:80; 
    server_name postal.mozget.me;
    return 301 https://$host$request_uri;

    # Redirect non-https traffic to https
    # if ($scheme != "https") {
    #     return 301 https://$host$request_uri;
    # } # managed by Certbot

}

server {
    listen [::]:443 ssl;
    listen 52.237.75.84:443 ssl;
    root /opt/postal/app/public;
    server_name postal.mozget.me;
ssl_certificate /etc/letsencrypt/live/postal.mozget.me/fullchain.pem; 
ssl_certificate_key /etc/letsencrypt/live/postal.mozget.me/privkey.pem; 

Please Let me know where I'm Wrong, Or you can have access to my server and have a look

[willpower232]

I think the configuration is a little wrong, please remove the following lines listen [::]:80; and listen [::]:443 ssl; and change the IP address to 52.237.75.66.

Nginx is only for securing access to the admin web interface, the click tracking looks after itself.

[aniket-singh]

after changing the ip address to 52.237.75.66:80 and 52.237.75.66:443 in /etc/nginx/sites-enabled/default file. I'm Receiving an error

Restarting nginx (via systemctl): nginx.serviceJob for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.

Here is the details

-- Unit nginx.service has begun starting up.
Nov 23 11:35:28 MAIL nginx[72069]: nginx: [emerg] bind() to 52.237.75.66:80 fail [emerg] bind() to 52.237.75.66:80 failed (99: Cannot assign requested address) configuration file /etc/nginx/nginx.conf test failed

Nov 23 11:35:28 MAIL nginx[72069]: nginx: configuration file /etc/nginx/nginx.co
Nov 23 11:35:28 MAIL systemd[1]: nginx.service: Control process exited, code=exited service: Control process exited, code=exited status=1

Nov 23 11:35:28 MAIL systemd[1]: Failed to start A high performance web server a
-- Subject: Unit nginx.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit nginx.service has failed.
-- 
-- The result is failed.
Nov 23 11:35:28 MAIL systemd[1]: nginx.service: Unit entered failed state.
Nov 23 11:35:28 MAIL systemd[1]: nginx.service: Failed with result 'exit-code'.
Nov 23 11:35:28 MAIL sudo[72051]: pam_unix(sudo:session): session closed for use

After changing it to again 0.0.0.0:80 and 0.0.0.0:443, Server was able to start.

[willpower232]

Oh hang on I misread what you said

Now in the /etc/nginx/sites-enabled/default i added these details

You should remove those two server blocks, the only things in that file should be for the main app. After removing those blocks you should restart postal and use sudo netstat -lnp to confirm that the click tracking has managed to bind itself to the correct IP address.

[aniket-singh]

What Do you actually Mean by removing two blocks? Because if remove those two blocks nothing would be left behind

Here is the full configuration in that file

server {
listen 0.0.0.0:80;
server_name postal.mozget.me;
return 301 https://$host$request_uri;

# Redirect non-https traffic to https
# if ($scheme != "https") {
#     return 301 https://$host$request_uri;
    # } # managed by Certbot

}

server {
    listen 0.0.0.0:443 ssl;
    root /opt/postal/app/public;
    server_name postal.mozget.me;
ssl_certificate /etc/letsencrypt/live/postal.mozget.me/fullchain.pem; # managed$
ssl_certificate_key /etc/letsencrypt/live/postal.mozget.me/privkey.pem; # manag$

    # Generate using: openssl dhparam 4096 -out /etc/ssl/dhparam.pem
    # ssl_dhparam /etc/ssl/dhparam.pem;

    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
    ssl_prefer_server_ciphers on;
    ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA512:EECDH+E$

    location / {
       client_max_body_size 50M;
       try_files $uri $uri/index.html $uri.html @puma;
    }

    location /assets {
       add_header Cache-Control max-age=3600;
    }

    location @puma {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:5000;
    }

I tried removing the listen line from both of blocks and i restarted the postal and nginx successfully. Here is what i got after netstat -lnp

sudo netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1913/sshd       
tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      26411/[postal] web.
tcp        0      0 0.0.0.0:25672           0.0.0.0:*               LISTEN      10887/beam.smp  
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      11870/mysqld    
tcp        0      0 127.0.0.1:783           0.0.0.0:*               LISTEN      53539/spamassassin.
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      74212/nginx -g daem
tcp        0      0 0.0.0.0:4369            0.0.0.0:*               LISTEN      10981/epmd      
tcp6       0      0 :::22                   :::*                    LISTEN      1913/sshd       
tcp6       0      0 :::25                   :::*                    LISTEN      72832/[postal] smtp
tcp6       0      0 :::5672                 :::*                    LISTEN      10887/beam.smp  
tcp6       0      0 ::1:783                 :::*                    LISTEN      53539/spamassassin.
tcp6       0      0 :::4369                 :::*                    LISTEN      10981/epmd      
udp        0      0 0.0.0.0:68              0.0.0.0:*                           129768/dhclient 
udp        0      0 0.0.0.0:68              0.0.0.0:*                           129585/dhclient 
udp        0      0 0.0.0.0:68              0.0.0.0:*                           129467/dhclient 
udp        0      0 0.0.0.0:68              0.0.0.0:*                           127992/dhclient 
udp        0      0 0.0.0.0:68              0.0.0.0:*                           115956/dhclient 
udp        0      0 0.0.0.0:68              0.0.0.0:*                           115787/dhclient 
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     13567    1/init              /run/lvm/lvmpolld.socket
unix  2      [ ACC ]     STREAM     LISTENING     98657    26405/app)          /tmp/postal/pids/procodile.sock
unix  2      [ ACC ]     STREAM     LISTENING     85648    11870/mysqld        /var/run/mysqld/mysqld.sock
unix  2      [ ACC ]     STREAM     LISTENING     24466    2159/systemd        /run/user/1000/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     13489    1/init              /run/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     18616    1/init              /run/snapd.socket
unix  2      [ ACC ]     STREAM     LISTENING     18615    1/init              /var/lib/lxd/unix.socket
unix  2      [ ACC ]     STREAM     LISTENING     18618    1/init              /run/snapd-snap.socket
unix  2      [ ACC ]     STREAM     LISTENING     18620    1/init              /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     SEQPACKET  LISTENING     13501    1/init              /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     18288    1438/iscsid         @ISCSIADM_ABSTRACT_NAMESPACE
unix  2      [ ACC ]     STREAM     LISTENING     18623    1/init              /run/uuidd/request
unix  2      [ ACC ]     STREAM     LISTENING     19394    1580/nscd           /var/run/nscd/socket
unix  2      [ ACC ]     STREAM     LISTENING     18626    1/init              /run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     19396    1580/nscd           /var/run/.nscd_socket
unix  2      [ ACC ]     STREAM     LISTENING     13510    1/init              /run/systemd/journal/stdout
unix  2      [ ACC ]     STREAM     LISTENING     13562    1/init              /run/lvm/lvmetad.socket

[willpower232]

can you send your postal.yml (minus confidential information of course)

[aniket-singh]

web:
  # The host that the management interface will be available on
  host: postal.mozget.me
  # The protocol that requests to the management interface should happen on
  protocol: https

fast_server:
  # This can be enabled to enable click & open tracking on emails. It is disabled by
  # default as it requires a separate static IP address on your server.
  enabled: true
  bind_address: 52.237.75.66

general:
  # This can be changed to allow messages to be sent from multiple IP addresses
  use_ip_pools: false

main_db:
  # Specify the connection details for your MySQL database
  host: 127.0.0.1
  username: *********
  password: ********
  database: postal

message_db:
  # Specify the connection details for your MySQL server that will be house the
  # message databases for mail servers.
  host: 127.0.0.1
  username: *******
  password: ********
  prefix: postal

rabbitmq:
  # Specify the connection details for your RabbitMQ server.
  host: 127.0.0.1
  username: ******
  password: *******
  vhost: /postal

dns:
  # Specifies the DNS record that you have configured. Refer to the documentation at
  # https://github.com/atech/postal/wiki/Domains-&-DNS-Configuration for further
  # information about these.
  mx_records:
    - mail.mozget.me
  smtp_server_hostname: mozget.me
  spf_include: spf.mail.mozget.me
  return_path: rp.mail.mozget.me
  route_domain: routes.mail.mozget.me
  track_domain: track.mail.mozget.me

smtp:
  # Specify an SMTP server that can be used to send messages from the Postal management
  # system to users. You can configure this to use a Postal mail server once the
  # your installation has been set up.
  host: mozget.me
  port: 25
  username: ********** # Complete when Postal is running and you can
  password: ********** # generate the credentials within the interface.
  from_name: Mozget
  from_address: market@mozget.me

rails:
  # This is generated automatically by the config initialization. It should be a random
  # string unique to your installation.
  secret_key: a38614a1a4c************79$

spamd:
  enabled: true
  host: 127.0.0.1
  port: 783

[willpower232]

fast_server > bind_address should be the IP address you want to use for click tracking and the other IP address should be used in the Nginx configuration to access the web interface on so make sure you have the addresses in the right place and restart the services and hopefully that should do the trick?

Also you can try running ip a to see what ip addresses your server has detected. I don't know azure but it might be that you only have internal IPs on the server and azure maps them to public IPs later.

[aniket-singh]

That's the real problem. I just don't know where to start from to add that secondary ip into main virtual machine.

[willpower232]

I suggest that you consult the azure documentation (unless someone who knows it is able to chime in) and come back later.

[zeeshanjamal16]

Follow this to add a new ip address in Microsoft Azure
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-multiple-ip-addresses-portal#coreadd
You have to add a new public ip address, not the private ip address.

After that make sure that the ip is attached to NIC in your VM. Type command ip a to check.

Use that ip to bind address for fast server.

fast_server:
  # This can be enabled to enable click & open tracking on emails. It is disabled by
  # default as it requires a separate static IP address on your server.
  enabled: true
  bind_address: YOUR_NEW_ATTACHED_IP

Restart postal server by sudo postal restart.

[aniket-singh]

Thanks for this Article, Now the IP is Working but when I'm opening that IP, It is showing the postal login page. Even the cname is also showing that login page. I think the listen parameter in /etc/nginx/sites-enabled/default is causing the hole problem. because the nginx server is confused which ip to handle and show the data.

Now the problem is if i add
listen 0.0.0.0:80 and listen 0.0.0.0:443 ssl;

the server redirects all request to postal login page

if i add the primary ip such as

listen 52.237.75.66:80; and listen 52.237.75.66:443 ssl;

the nginx server starts giving error and does not restart.

any other way to solve this problem?

[willpower232]

Can you share the results of ip a to see what IP addresses are on your server?

[aniket-singh]

Primary IP 52.237.75.66
Secondary New IP - 52.237.72.203

Here is the output of ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0d:3a:a3:a1:b0 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.4/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 10.0.0.7/24 brd 10.0.0.255 scope global secondary eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20d:3aff:fea3:a1b0/64 scope link 
       valid_lft forever preferred_lft forever

10.0.0.4 is Private IP of primary IP
10.0.0.7 is Private IP of secondary IP

Output of netstat -nlp | grep nginx

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      93242/nginx -g daem
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      93242/nginx -g daem

[willpower232]

So 10.0.0.4 is either equal to 52.237.75.66 or 52.237.72.203 with 10.0.0.7 equal to the other one.

You need to use 10.0.0.4 and 10.0.0.7 in postal.yml and your nginx.

If you can't figure it out from your azure control panel, you can presumably just try one combination and see what happens.

[aniket-singh]

I added listen 0.0.0.0:80 as 10.0.0.4:80 and now the secondary ip is showing "The connection to the server was reset while the page was loading". and if put it as 10.0.0.7:80 then it shows postal login page.

[zeeshanjamal16]

Why are you listening on all ip interfaces when you have a primary ip assigned to redirect to your webui.
Your code

server {
listen 0.0.0.0:80;
server_name postal.mozget.me;
return 301 https://$host$request_uri;

# Redirect non-https traffic to https
# if ($scheme != "https") {
#     return 301 https://$host$request_uri;
    # } # managed by Certbot

}

server {
    listen 0.0.0.0:443 ssl;

Change 0.0.0.0 to your primary ip for both ports 80 and 443. Let it listen on ipv6 instead. Replace you nginx conf with this

server {
listen [::]:80;
listen 52.237.75.66:80;
server_name postal.mozget.me;
return 301 https://$host$request_uri;

server {
    listen [::]:443 ssl;
    listen 52.237.75.66:443 ssl;
    root /opt/postal/app/public;
    server_name postal.mozget.me;
ssl_certificate /etc/letsencrypt/live/postal.mozget.me/fullchain.pem; # managed$
ssl_certificate_key /etc/letsencrypt/live/postal.mozget.me/privkey.pem; # manag$

    # Generate using: openssl dhparam 4096 -out /etc/ssl/dhparam.pem
    # ssl_dhparam /etc/ssl/dhparam.pem;

    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
    ssl_prefer_server_ciphers on;
    ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA512:EECDH+E$

    location / {
       client_max_body_size 50M;
       try_files $uri $uri/index.html $uri.html @puma;
    }

    location /assets {
       add_header Cache-Control max-age=3600;
    }

    location @puma {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:5000;
    }

Make sure for an entry in /etc/hosts for
52.237.75.66 postal.mozget.me

Change the bind address for fast server to secondary public ip in postal.yml and make sure all dns records are configured properly.

[zeeshanjamal16]

You can disable ipv6 forwarding by entering this to the end of /etc/sysctl.conf

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Run sysctl -p after that.

[aniket-singh]

@zeeshanjamal16 That's the problem i Posted above that whenever i make nginx listen 52.237.75.66 or the secondary ip i get error saying

sudo /etc/init.d/nginx restart
[....] Restarting nginx (via systemctl): nginx.serviceJob for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
 failed!

I have already posted that error in above post.

& whenever i added private ip in listen, it didn't gave me any error.

[aniket-singh]

Reference of Ip http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511461264/Screen_Shot_2017-11-23_at_11.49.11_PM_mlml5z.png

DNS Records
http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511461446/Screen_Shot_2017-11-23_at_11.53.42_PM_twtmjc.png

Nginx

http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511461509/Screen_Shot_2017-11-23_at_11.54.45_PM_lwokiw.png

http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511461578/Screen_Shot_2017-11-23_at_11.55.51_PM_s0bhra.png

With all these configuration i showed you, Now the connection of tracking domain is being reset by server

http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511461666/Screen_Shot_2017-11-23_at_11.57.29_PM_yf1eay.png

[willpower232]

You need to use 10.0.0.4 and 10.0.0.7 in postal.yml and your nginx.

Your server is only aware of those two IP addresses so you can't use the other two in your configuration.

Make nginx listen on 10.0.0.7 and set the fast_server > bind_address to 10.0.0.4, restart everything and see if thats sorted you.

[willpower232]

Sorry I didn't see your screenshots, have you tried setting up some click tracking domains in Postal?

[aniket-singh]

Yeah check it here. http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511462050/Screen_Shot_2017-11-24_at_12.03.49_AM_mthcet.png

The connection is being reset

[zeeshanjamal16]

Can you share your nginx error logs?

[aniket-singh]

2017/11/23 07:46:32 [crit] 130400#130400: *531 SSL_do_handshake() failed (SSL: error:10067066:elliptic curve routines:ec_GFp_simple_oct2point:invalid encoding error:1408B010:SSL routines:ssl3_get_client_key_exchange:EC lib) while SSL handshaking, client: 95.85.33.89, server: 0.0.0.0:443
2017/11/23 11:35:28 [emerg] 72069#72069: bind() to 52.237.75.66:80 failed (99: Cannot assign requested address)
2017/11/23 11:44:27 [emerg] 72760#72760: bind() to 52.237.75.66:80 failed (99: Cannot assign requested address)
2017/11/23 11:44:35 [emerg] 72861#72861: bind() to 52.237.75.66:80 failed (99: Cannot assign requested address)
2017/11/23 12:01:32 [warn] 74195#74195: conflicting server name "postal.mozget.me" on 0.0.0.0:80, ignored
2017/11/23 12:01:32 [warn] 74209#74209: conflicting server name "postal.mozget.me" on 0.0.0.0:80, ignored
2017/11/23 14:21:56 [warn] 83177#83177: conflicting server name "postal.mozget.me" on 0.0.0.0:80, ignored
2017/11/23 14:21:57 [warn] 83182#83182: conflicting server name "postal.mozget.me" on 0.0.0.0:80, ignored
2017/11/23 14:21:57 [notice] 83182#83182: signal process started
2017/11/23 16:17:06 [warn] 91041#91041: conflicting server name "postal.mozget.me" on 0.0.0.0:80, ignored
2017/11/23 16:17:06 [warn] 91056#91056: conflicting server name "postal.mozget.me" on 0.0.0.0:80, ignored
2017/11/23 16:27:29 [notice] 91851#91851: signal process started
2017/11/23 16:32:07 [emerg] 92188#92188: bind() to 52.237.75.66:80 failed (99: Cannot assign requested address)
2017/11/23 16:34:22 [warn] 92384#92384: conflicting server name "postal.mozget.me" on 52.237.75.66:80, ignored
2017/11/23 16:34:22 [emerg] 92384#92384: bind() to 52.237.75.66:80 failed (99: Cannot assign requested address)
2017/11/23 16:34:59 [warn] 92474#92474: conflicting server name "postal.mozget.me" on 0.0.0.0:80, ignored
2017/11/23 16:34:59 [warn] 92487#92487: conflicting server name "postal.mozget.me" on 0.0.0.0:80, ignored
2017/11/23 16:37:34 [emerg] 92689#92689: bind() to 52.237.72.203:80 failed (99: Cannot assign requested address)
2017/11/23 17:07:00 [notice] 94725#94725: signal process started
2017/11/23 18:12:31 [emerg] 100262#100262: bind() to 52.237.75.66:80 failed (99: Cannot assign requested address)

[willpower232]

nginx isn't the problem, the issue is the click tracking server which doesn't use nginx.

Can you do another netstat and postal status?

[aniket-singh]

Here is the postal status. http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511463544/Screen_Shot_2017-11-24_at_12.28.18_AM_z6r9i8.png

& netstat

http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511463713/Screen_Shot_2017-11-24_at_12.31.00_AM_j9nzty.png

http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511463713/Screen_Shot_2017-11-24_at_12.31.00_AM_j9nzty.png
http://res.cloudinary.com/cb1f716b3e979937/image/upload/v1511463716/Screen_Shot_2017-11-24_at_12.31.14_AM_yfqriw.png

[zeeshanjamal16]

It look like the problem with azure. On Amazon EC2/Azure, default they force for private ips. Can you please add following line in /etc/sysctl.conf.
net.ipv4.ip_nonlocal_bind = 1
and then run sysctl -p

And after that listen on public ip instead of private and restart nginx.
I had once got this nginx error when I was setting on EC2 due to private network.

[zeeshanjamal16]

Can you also try by changing your smtp_server_hostname to mail.mozget.me instead of mozget.me after doing nonlocal_bind on ipv4.

[aniket-singh]

I have done everything you said, now the postal isn't working!

[willpower232]

Those changes aren't necessary so I would reverse them if I were you.

The click tracking should appear on the netstat list but it doesn't look lilke 10.0.0.7 is on the list. Can you try undoing the above and restarting the server?

[aniket-singh]

Okay Done, I have reversed the settings we did

[zeeshanjamal16]

Please reverse the changes. Let me match once it with my configuration. It is most likely DNS issue.

[aniket-singh]

If you want access to server you can have it

[zeeshanjamal16]

Here is my dns settings according to your domain in postal.yml

dns:
  mx_records:
    - mail.mozget.me
  smtp_server_hostname: mail.mozget.me
  spf_include: spf.mail.mozget.me
  return_path: rp.mail.mozget.me
  route_domain: routes.mail.mozget.me
  track_domain: track.mail.mozget.me
  dkim_identifier: postal
  domain_verify_prefix: postal-verification
  custom_return_path_prefix: psrp

In DNS panel, main settings are:

rp.mail.mozget.me -> Primary IP
track.mail.mozget.me -> Secondary IP
click.mail.mozget.me -> Secondary IP
click -> CNAME of track.mail.mozget.me
psrp -> CNAME of rp.mail.mozget.me
routes.mail.mozget.me -> MX of mx.mail.mozget.me

[aniket-singh]

Still No Luck., connection is being reset on track.mail.example.me and click.example.me

[hadifarnoud]

I have kind of a same issue. I fixed nginx 0.0.0.0 problem. I am using a different IP for tracking. the web interface IP is the same as SMTP one.

root@smtp-server ~ # sudo netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 78.47.223.2:443       0.0.0.0:*               LISTEN      5863/nginx -g daemo
tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      1984/[postal] web.1
tcp        0      0 0.0.0.0:25672           0.0.0.0:*               LISTEN      1480/beam
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1836/mysqld
tcp        0      0 127.0.0.1:783           0.0.0.0:*               LISTEN      32206/spamassassin.
tcp        0      0 78.47.223.2:80        0.0.0.0:*               LISTEN      5863/nginx -g daemo
tcp        0      0 0.0.0.0:4369            0.0.0.0:*               LISTEN      1718/epmd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1451/sshd
tcp6       0      0 :::25                   :::*                    LISTEN      6113/[postal] smtp.
tcp6       0      0 :::5672                 :::*                    LISTEN      1480/beam
tcp6       0      0 ::1:783                 :::*                    LISTEN      32206/spamassassin.
tcp6       0      0 :::4369                 :::*                    LISTEN      1718/epmd
tcp6       0      0 :::22                   :::*                    LISTEN      1451/sshd
udp        0      0 138.201.116.6:60001    0.0.0.0:*                           30690/mosh-server
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1166/dhclient
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     459868   30628/systemd       /run/user/0/systemd/private
unix  2      [ ACC ]     SEQPACKET  LISTENING     8835     1/init              /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     8661     1/init              /run/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     8669     1/init              /run/lvm/lvmetad.socket
unix  2      [ ACC ]     STREAM     LISTENING     8670     1/init              /run/systemd/journal/stdout
unix  2      [ ACC ]     STREAM     LISTENING     8833     1/init              /run/lvm/lvmpolld.socket
unix  2      [ ACC ]     STREAM     LISTENING     9117     1/init              /run/systemd/fsck.progress
unix  2      [ ACC ]     STREAM     LISTENING     12515    1/init              /var/lib/lxd/unix.socket
unix  2      [ ACC ]     STREAM     LISTENING     12605    1404/iscsid         @ISCSIADM_ABSTRACT_NAMESPACE
unix  2      [ ACC ]     STREAM     LISTENING     12511    1/init              /run/uuidd/request
unix  2      [ ACC ]     STREAM     LISTENING     16041    1978/app)           /tmp/postal/pids/procodile.sock
unix  2      [ ACC ]     STREAM     LISTENING     12512    1/init              /run/snapd.socket
unix  2      [ ACC ]     STREAM     LISTENING     12506    1/init              /run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     12513    1/init              /run/snapd-snap.socket
unix  2      [ ACC ]     STREAM     LISTENING     12514    1/init              /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     15744    1836/mysqld         /var/run/mysqld/mysqld.sock

web:
  # The host that the management interface will be available on
  host: kamva-email.com
  # The protocol that requests to the management interface should happen on
  protocol: https

fast_server:
  # This can be enabled to enable click & open tracking on emails. It is disabled by
  # default as it requires a separate static IP address on your server.
  enabled: true
  bind_address:
    - 138.201.116.6
    - 2a1:4f8:1c17:5d80:138:201:116:62

root@smtp-server ~ # postal status
Procodile Version   1.0.18
Application Root    /opt/postal/app
Supervisor PID      1978
Started             2018-06-12 08:40:49 +0200

 * fast.7 is not running (Failed)

|| web
|| Quantity            1
|| Command             bundle exec puma -C config/puma.rb
|| Respawning          5 every 3600 seconds
|| Restart mode        usr1
|| Log path            none specified
|| Address/Port        none
|| => web.1            Running      12/06/2018   pid:1984     respawns:0      port:-        tag:-

|| fast
|| Quantity            1
|| Command             bundle exec rake postal:fast_server
|| Respawning          5 every 3600 seconds
|| Restart mode        term-start
|| Log path            none specified
|| Address/Port        none
|| => fast.7           Failed       12:57        pid:6193     respawns:5      port:-        tag:-

|| worker
|| Quantity            1
|| Command             bundle exec ruby script/worker.rb
|| Respawning          5 every 3600 seconds
|| Restart mode        start-term
|| Log path            none specified
|| Address/Port        none
|| => worker.7         Running      12:56        pid:6109     respawns:0      port:-        tag:-

|| cron
|| Quantity            1
|| Command             bundle exec rake postal:cron
|| Respawning          5 every 3600 seconds
|| Restart mode        term-start
|| Log path            none specified
|| Address/Port        none
|| => cron.7           Running      12:56        pid:6122     respawns:0      port:-        tag:-

|| smtp
|| Quantity            1
|| Command             bundle exec rake postal:smtp_server
|| Respawning          5 every 3600 seconds
|| Restart mode        usr1
|| Log path            none specified
|| Address/Port        none
|| => smtp.1           Running      12:56        pid:6113     respawns:0      port:-        tag:-

|| requeuer
|| Quantity            1
|| Command             bundle exec rake postal:requeuer
|| Respawning          5 every 3600 seconds
|| Restart mode        term-start
|| Log path            none specified
|| Address/Port        none
|| => requeuer.7       Running      12:56        pid:6123     respawns:0      port:-        tag:-

I did set tracking domain in UI. neither the tracking domain config in postal.yml nor the tracking domain I set in UI work. both of them fail to load. there is also no process running on port 5010

when I do try to setup ssl in UI, the fast process will fail after that and stays as failed. I have to restart postal to get it running again. that's probably another issue.

|| fast
|| Quantity            1
|| Command             bundle exec rake postal:fast_server
|| Respawning          5 every 3600 seconds
|| Restart mode        term-start
|| Log path            none specified
|| Address/Port        none
|| => fast.7           Failed       12:57        pid:6193     respawns:5      port:-        tag:-

[willpower232]

Can you run ip a to verify which IP addresses the server can actually use?

[hadifarnoud]

root@smtp-server ~ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 96:00:00:0a:51:c2 brd ff:ff:ff:ff:ff:ff
    inet 138.201.116.6/32 brd 138.201.116.6 scope global eth0
       valid_lft forever preferred_lft forever
    inet 78.47.223.2/32 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 2a1:4f8:1c17:5d80::1/64 scope global deprecated
       valid_lft forever preferred_lft 0sec
    inet6 fe80::9400:ff:fe0a:51c2/64 scope link
       valid_lft forever preferred_lft forever

[willpower232]

You'll see that the IPv6 address you're trying to use has been marked "deprecated" so I'd try taking it out of the Postal config file and see if that helps.

If it does, you should troubleshoot with your server provider to verify that the IPv6 connection is fully working before trying to use Postal with it.

[hadifarnoud]

@willpower232 I didn't have the IPv6 at first. Thought this might help fixing the issue.

I removed it and still doesn't work

[willpower232]

In which case, I'd suggest going through the logs, locating an error message and opening a new issue with it.

[hadifarnoud]

will do. can you tell me where would be logs for fast server? is this the only log I should check?