Emails not received after register

[rahulit1991]

Hello,
i am facing an issue after completely setup demo on virtual server. everything installed properly. but after register user i am not able to receive email in my mailbox. while debug logs of smtp pod, i see this errors.can you please help to resolve this error?

kubectl log -f demo-smtp-84b7b85ff6-p62q6

Size of off_t: 8
289 delivering 1jZD6i-00004e-Oj
289 R: dnslookup for rahul******@hotmail.com
290 T: remote_smtp for rahul*****@hotmail.com
288 LOG: smtp_connection MAIN
288 SMTP connection from 10-233-64-34.brig.default.svc.cluster.local (brig-bf8d7fcd5-5pbsx) [10.233.64.34] lost D=5s
287 Connecting to hotmail-com.olc.protection.outlook.com [104.47.14.33]:25 ... failed: Connection timed out (timeout=5m)
287 LOG: MAIN
287 H=hotmail-com.olc.protection.outlook.com [104.47.14.33] Connection timed out
290 Connecting to hotmail-com.olc.protection.outlook.com [104.47.59.161]:25 ... failed: Connection timed out (timeout=5m)
290 LOG: MAIN
290 H=hotmail-com.olc.protection.outlook.com [104.47.59.161] Connection timed out

appreciate for your help.

[lucendio]

Hi @rahulit1991,

The logs reading:

287 Connecting to hotmail-com.olc.protection.outlook.com [104.47.14.33]:25 ... failed: Connection timed out (timeout=5m)

Can you verify whether that server is reachable from within the cluster?

[rahulit1991]

yes. I perform ping and nslookup operation for both service: brig and smtp. its working. i setup demo on AWS EC2 instance. Also perform curl -i https://nginz-https./status
. and its working well. All security ports are open. If you can help me to how to debug this issue differently, then you are really appreciate. i perform all things that mention in installation documents.https://docs.wire.com/how-to/install/helm.html

[lucendio]

So, I assume that you adjusted values and secrets according to your setup? Could you pelase those files?

[rahulit1991]

Thanks for being helpful. i attached values and secrets files for wire server. let me know if i am wrong any place.
secrets.txt

values.txt

[lucendio]

You might need to adjust your DNS as described here. Though, it's a bit irritating to me that the connection to the receiving mail server times out. But this might just be a protective measurement since the sending mail server is not trusted by the receiving one.

[rahulit1991]

Thanks for your reply. not got success in above solution. now i leave this solution and try to implement SES. i set SES configuration in follwing place:

values.yaml:

useSES: true
    smtp:
        host: email-smtp.ap-south-1.amazonaws.com
        port: 587       
        connType: tls

secret.yaml

brig:
   secret:
      turn: 
         awsKeyId: "Access_key" 
         awsSecretKey: "Secret_key" 

when i apply configuration it through follwing error:

service: user error (AesonException "Error in $.emailSMS.email: parsing Brig.Options.EmailSMTPOpts(EmailSMTPOpts) failed, key "smtpEndpoint" not found")

i can see its smtp endpoint error. but i don't know where i should place SMTP Endpoint. your help is really appriciate.

[lucendio]

First of, if those are your actual AWS credentials, I highly recommend redact them from the comment or delete the comment entirely.

The error indicates that it's related to emailSMS, which has nothing to do with sending emails. Furthermore, in the values.yaml file useSES and smtp have to have the same indentation.

[rahulit1991]

its fake credentials and i removed it. yes both have same indentation.

[lucendio]

As I mentioned, please check the indentation and verify whether you need the emailSMS configuration.
In addition, the secrets.yaml has to contain a valid value for the password
Also, you may wanna have a look into this PR, which might be related.

[rahulit1991]

i go through above PR. but this not related to SES integration. its for gmail. Also due very less documentation from wire server community, i am not able to find any proper step for deploy SES Service. If you can help in this integration its really helpful.

[ramesh8830]

I followed below #264 and #265 to fix the smtp issues. Brig pod is getting failed went to crashloopbackoff status.

`Events:
Type Reason Age From Message

---

Normal Scheduled 4m22s default-scheduler Successfully assigned production/brig-69969b5bdc-ndn8b to kubenode02
Warning Unhealthy 3m29s (x5 over 4m9s) kubelet, kubenode02 Readiness probe failed: Get http://10.233.65.172:8080/i/status: dial tcp 10.233.65.172:8080: connect: connection refused
Normal Pulling 3m23s (x3 over 4m20s) kubelet, kubenode02 Pulling image "quay.io/wire/brig:latest"
Warning Unhealthy 3m23s (x6 over 4m13s) kubelet, kubenode02 Liveness probe failed: Get http://10.233.65.172:8080/i/status: dial tcp 10.233.65.172:8080: connect: connection refused
Normal Killing 3m23s (x2 over 3m53s) kubelet, kubenode02 Container brig failed liveness probe, will be restarted
Normal Pulled 3m22s (x3 over 4m16s) kubelet, kubenode02 Successfully pulled image "quay.io/wire/brig:latest"
Normal Created 3m22s (x3 over 4m16s) kubelet, kubenode02 Created container brig
Normal Started 3m22s (x3 over 4m15s) kubelet, kubenode02 Started container brig
`

[rahulit1991]

Above solution not help to work with SES integration. i tried #264 and #265 solution but no luck. Also i see useSES option in values. i set it true but still its not working: i set following for SES configuration:

value.yaml

useSES: true
aws:
      sesEndpoint: https://email-smtp.ap-south-1.amazonaws.com
      region: "ap-south-1"

secret.yaml

brig:
      secrets:
           smtpPassword: dummypassword
           zAuth:
                   publicKeys: "key"
                   privateKeys: "key"
           turn:
                   secret: "key"
            awskeyId: "access key"
            awsSecretKey: "secret key"

Error:
service: user error (AesonException "Error in $.emailSMS.email: parsing Brig.Options.EmailSMTPOpts(EmailSMTPOpts) failed, key \"smtpEndpoint\" not found")

please help me how to resolve this issue. As i can't find any specific documents to set SES service properly. i did this configuration from ref mention in : wire-server-deploy/charts/brig/values.yaml

[lucendio]

The error might be a bit misleading and its root cause is hidden in Brig's code. Due to how the configuration is parsed provided by the configmap, it complains about SMTP configuration even though the AWS configuration is the part that is actually not complete. You have to provide aws.sesQueue in values.yaml, too - aside from sesEndpoint.

[rahulit1991]

thanks. i have figure same in configmap.yaml. and already update sesQueue as well. now my brig pod is running properly. but when i try to send email i face this error. which is unknown for me.

kubectl logs -f brig-79dbf8c7bc-527c5

{"request":"bcf6552e8b74bb54ec86443e66bbff1b","msgs":["E","GeneralError (TransportError (HttpExceptionRequest Request {\n host = \"email-smtp.ap-south-1.amazonaws.com\"\n port = 465\n secure = True\n requestHeaders = [(\"Host\",\"email-smtp.ap-south-1.amazonaws.com\"),(\"X-Amz-Date\",\"20200518T114919Z\"),(\"X-Amz-Content-SHA256\",\"65e793fab203ec8cd5efd4958569864b31b73169e0625a7a19c32c85612ff043\"),(\"Content-Type\",\"application/x-www-form-urlencoded; charset=utf-8\"),(\"Authorization\",\"<REDACTED>\")]\n path = \"/\"\n queryString = \"\"\n method = \"POST\"\n proxy = Nothing\n rawBody = False\n redirectCount = 0\n responseTimeout = ResponseTimeoutMicro 70000000\n requestVersion = HTTP/1.1\n}\n (

InvalidStatusLine "220 email-smtp.amazonaws.com ESMTP SimpleEmailService-d-805223ET2 TuHHmTPX1cvRfJEDDCf6

i tried following scenario with different port like this:
sesEndpoint: https://email-smtp.ap-south-1.amazonaws.com:465 ---> same error
sesEndpoint: https://email-smtp.ap-south-1.amazonaws.com:587 ---> same error
sesEndpoint: email-smtp.ap-south-1.amazonaws.com:587 ----> pod not able start

where we can define port for SES in values.yaml? i see configmap.yaml and and brig deployment file but SES port is not mention anywhere.

i think i am near to resolve this issue. but not able to get anything from this error. your help is really appreciate for me.

[lucendio]

Have you tried this without the port? Since it is https, the port is most probably 443, as defined by the protocol itself. Aside from that, I recommend to have a look into the AWS SES documentation.

[rahulit1991]

yes i check with https as well. i face certificate varification error:

`{"request":"f4c7167d7a1caf382d104fdd55c2639f","msgs":["E","GeneralError (TransportError (HttpExceptionRequest Request {\n host = "email-smtp.ap-south-1.amazonaws.com"\n port = 443\n secure = True\n requestHeaders = [("Host","email-smtp.ap-south-1.amazonaws.com"),("X-Amz-Date","20200518T135333Z"),("X-Amz-Content-SHA256","8189d7658bd4933664f5bb2dc6c7416d23a4895d833804104bd218a53fe2d98b"),("Content-Type","application/x-www-form-urlencoded; charset=utf-8"),("Authorization","")]\n path = "/"\n queryString = ""\n method = "POST"\n proxy = Nothing\n rawBody = False\n redirectCount = 0\n responseTimeout = ResponseTimeoutMicro 70000000\n requestVersion = HTTP/1.1\n}\n

(InternalException ProtocolError "error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

i highlight an error for both comments. i don't think this is issue from SES service.its an issue with wire server unable to process request with SES over 443. As i test there is no any blocking for port 443 in cluster.

[rahulit1991]

@lucendio can you please me to resolve this error.

for sesEndpoint: https://email-smtp.ap-south-1.amazonaws.com, i face this error

(InternalException ProtocolError "error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

for sesEndpoint: https://email-smtp.ap-south-1.amazonaws.com:465, i face this error

InvalidStatusLine "220 email-smtp.amazonaws.com ESMTP SimpleEmailService-d-805223ET2 TuHHmTPX1cvRfJEDDCf6

[lucendio]

Hi @rahulit1991,

1. Can you try the API HTTPS endpoint instead of the SMTP endpoint (see docs)?
2. configure a mail client CLI on one of the nodes and try to connect to SES and send a mail

If non if this helps, please create another issue. Thank you.

[ramesh8830]

Hi @ramesh8830,

1. Can you try the API HTTPS endpoint instead of the SMTP endpoint (see docs)?
2. configure a mail client CLI on one of the nodes and try to connect to SES and send a mail

If non if this helps, please create another issue. Thank you.

I am using demo-smtp chart and not using SES