Self-hosted mail settings - Socket Exceptions?

I’ve recently set up my self-hosted eCloud instance and (with thanks from @smu44) I’ve got my file storage all working. The only thing left I haven’t managed to get working is self-hosted email.

I’m using Hetzner, and according to their networking settings,

Outgoing traffic to ports 25 and 465 are blocked by default on all Cloud Servers. Sending mails from servers is not possible for this reason.

I can request these to be unblocked at some point, but not immediately as my account is new I have to wait for a while, but I don’t think it’s this that’s causing me issues.

I can log into my RainLoop Webmail admin account and tinker with settings, but trying to actually access a mail account (presumably using the same login details I use to login to my eCloud / Nextcloud dashboard) just gives me an ‘Authentication Failed’ message.

My settings in the Rainloop Admin Panel are currently:

Does anyone have any idea what settings I need to update? Or if there are any bash commands I need to run to sort things out?

Hi,

For external access :
You definitively don’t need ports 25 & 465 (yes, there is a mapping for them in docker-compose.yml, but it’s useless).
Ports are : 993 for IMAP (reading your emails) & 587 for SMTP (sending emails).
You can retrieve all settings in an XML file using https://autoconfig.yourdomain.tld :wink:

But … this is only for external (through Internet) access to the mail server.


Accessing your emails with Rainloop is 100% internal to your server, from one Docker container to another.
Instead of using a email client from your PC, the client is running on your server, with a web interface to let us, poor humans, interact with email system :wink:

So, for the Rainloop mail client running on your server, the address for the email server is the Docker internal container name, you won’t need the domain name (which is to be used only for external -Internet- access) :

  • if you have a NC18 /e/ Cloud, it’s “eelomailserver”
  • if you have a recent NC20 /e/ Cloud, it’s “mailserver”
  • it is the container name for email container in /mnt/repo-base/docker-compose.yml

Filling your settings, exactly as below, should work :


(note the green test button)

For Sieve :

NB : Sieve is an essential component to move messages : for example, it allow system to move spam emails to “Spam” folder, and also allow users to make they own rules :


(here, I want to move all messages with specific subject to a specific folder, and mark them read)


I’m wondering why the Rainloop domain configuration hasn’t be done automatically for you by the install script …
Did you keep the output of install scripts ?
Can you check in your /mnt/repo-base/scripts/postinstall.sh that you have the necessary lines as in https://gitlab.e.foundation/e/infra/ecloud-selfhosting/-/blob/master/scripts/postinstall.sh ( lines 73 to 78) ?

1 Like

Also, while you’re in Ranloop admin please check the followings.

For Login, please check/enter your domain name (i.e. yourdomain.tld) :
image

If you want users to be able to use their contacts in Rainloop, you can also check this settings :

Thank you, although I’ve updated my settings and still get some errors:

I’m not too bothered about using RainLoop itself; I thought it was required but if it’s only a webclient then I’m happy ignoring it and just trying to get it working with an external client. I tried a couple of mail apps, using the IMAP settings through the autoconfig XML file you suggested and I get a similar problem: “Can’t contact server”, so there’s definitely something wrong. :confused:

I have 2FA setup, so in case some of this is due to me using incorrect credentials, I’ve tried with normal password and with the app token but still no luck.

Hmmmm … Weird !

Could you please :

  • post back your /mnt/repo-base/docker-compose.yml file (it should not contain any sensitive information)
  • run as root : cd /mnt/repo-base then source scripts/base/sh then docker-compose ps -a mailserver, then post back the result of the latest
    – if status “up”, please post back the output of docker container inspect mailserver (take care of passwords and domain). Then run docker network ls, locate the “default” network (may be something like “blabla_default”), then post back the result of docker network inspect blabla_default
    – if status not “up”, run docker container prune then docker-compose -d up and retry the docker-compose ps -a mailserver

At first glance, I don’t see anything weird.

Please allow me some time to compare finely and come back with further diagnostics.

I compared with my own server, couldn’t find any significant difference :frowning:

We may try to re-create the container from the original image (don’t worry, configuration & data will be kept) :

  • cd /mnt/repo-base
  • docker-compose -s rm mailserver <= this will stop mailserver, and remove container
  • docker image prune -a <= this will remove unused images (the mailserver one)
  • docker-compose -d up <= this will download the missing image (mailserver for instance), and fire up the missing container
  • docker-compose logs mailserver <= you may post back this, obfuscated, or send it to me privately if you prefer

A few words about Docker : you download images (kind of “templates”) and when you run them, Docker will create a container (run-able instance of the image). Container content may change, but not image.
That’s why we deleted the container, then the image (Docker won’t allow deleting the image when it has a container, of course).
A container may get some variables from host OS (the “environment” part), and some variable data may be stored outside the container, allowing then to be kept if the container is re-created (the “volumes” part).
As you have already seen, Docker has it’s own network, allowing container to talk without using the host’s network. If you want a container to be reachable from the outside, you have to explicitly describe it (the “ports” part).
Docker Compose comes on top of that, assembling several container (called “services” here) into a whole infrastructure.

1 Like

I forgot to mention : to send me a private message, click on my brainless avatar :smile_cat: then “Message”.
If you do that from this thread, message should have a appropriate subject.

Also, if you are interested in Docker commands, you can find the guide here : Reference documentation | Docker Documentation (command-line reference).

Whatever the problem was, removing the container and re-downloading it seemed to fix it!

Thank you, once again!

1 Like

Nice to read that ! :smile_cat:

You may also like to play with https://spam.yourdomain.tld and https://mail.yourdomain.tld :slight_smile:
If you forgot the credentials, just run /mnt/repo-base/scripts/show-info.sh.