How to make sending mail from phoenix application through local postfix install work

igor · May 28, 2019, 6:21pm

Hello everyone, I can’t make my phoenix application send emails using postfix installed on the same VPS.
The result of command
postconf -n
looks like this:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 2
inet_interfaces = loopback-only
inet_protocols = all
mailbox_size_limit = 0
milter_default_action = accept
milter_protocol = 6
mydestination =
myhostname = mytestdomain.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
non_smtpd_milters = $smtpd_milters
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_milters = local:/opendkim/opendkim.sock
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual

When I give the command to send email in the console like this:
echo "This is the body of the email" | mail -s "This is the subject" mymailaddress@gmail.com
I get the email in my mailbox, everything works as expected, I also see the postfix work by looking into it’s log:
sudo tail -f /var/log/mail.log

May 28 16:14:31 mytestdomain postfix/pickup[28788]: 6E8445DC28: uid=1000 from=<testuser@mytestdomain.com>
May 28 16:14:31 mytestdomain postfix/cleanup[30829]: 6E8445DC28: message-id=<20190528161431.6E8445DC28@mytestdomain.eu>
May 28 16:14:31 mytestdomain postfix/qmgr[6445]: 6E8445DC28: from=<testuser@mytestdomain.com>, size=399, nrcpt=1 (queue active)
May 28 16:14:31 mytestdomain postfix/smtp[30831]: connect to gmail-smtp-in.l.google.com[2a00:1450:400c:c00::1a]:25: Network is unreachable
May 28 16:14:31 mytestdomain postfix/smtp[30831]: 6E8445DC28: to=<testuser@gmail.com>, relay=gmail-smtp-in.l.google.com[64.233.184.24]:25, delay=0.43, delays=0.02/0.01/0.17/0.24, dsn=2.0.0, status=sent (250 2.0.0 OK  1559060071 n7si2302256wmc.53 - gsmtp)
May 28 16:14:31 mytestdomain postfix/qmgr[6445]: 6E8445DC28: removed

But emails from my phoenix application are not sent, there is nothing in the postfix log and nothing in my mailbox. My config looks like this:

# Configures the mailer
config :jp, JpWeb.Mailer,
  adapter: Swoosh.Adapters.SMTP,
  relay: "mytestdomain.com",
  ssl: false,
  tls: :always,
  port: 1025,
  retries: 2,
  no_mx_lookup: false

I tried with ssl: true first but then I found the topic on this forum where it was recommended to set it to false, so I did it but it didn’t help. Also I tried to set port to 25 but with no result.
The email is sent like this:
JpWeb.SpecialistRequestEmail.specialist_request_email(id, url, email, phone, name) |> JpWeb.Mailer.deliver
and the function specialist_request_email looks like this:

defmodule JpWeb.SpecialistRequestEmail do
  import Swoosh.Email

  def specialist_request_email(specialist_id, url, email, phone, name) do
    new()
    |> to({"MyTestDomain administrator", "testuser@gmail.com"})
    |> from({"Notifications system", "notifications@mytestdomain.com"})
    |> subject("New specialist request")
    |> html_body("<h1>Specialist request details</h1><div>Name: #{name}</div><div>Phone: #{phone}</div><div>E-mail: #{email}</div><div><a href=\"#{url}\">Specialist ##{specialist_id}#</a></div>")
    |> text_body("Specialist request details\nName: #{name}, Phone: #{phone}, E-mail: #{email}, Specialist Id: #{specialist_id}, Link: #{url}")
  end
end

In my mix.exs file I added dependencies:

      {:swoosh, "~> 0.23"},
      {:gen_smtp, "~> 0.13"},

And added them to extra_applications (should I?):

  def application do
    [
      mod: {Jp.Application, []},
      extra_applications: [:swoosh, :gen_smtp]
    ]
  end

What do I miss?

alexiss · May 28, 2019, 6:42pm

what following

JpWeb.SpecialistRequestEmail.specialist_request_email(id, url, email, phone, name)
|> JpWeb.Mailer.deliver
|> IO.inspect

gives?

igor · May 28, 2019, 7:35pm

{:error, {:retries_exceeded, {:network_failure, ‘mytestdomain.com’, {:error, :econnrefused}}}}

alexiss · May 28, 2019, 7:39pm

The problem is not with elixir or swoosh. You need to configure your infrastructure correctly.

Firstly, make sure you have a correct DNS resolution: nslookup mytestdomain.com, secondary check that you have opened port 1025 on that IP address - telnet mytestdomain.com 1025

igor · May 28, 2019, 8:04pm

nslookup mytestdomain.com

Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   mytestdomain.com
Address: 127.0.1.1


telnet mytestdomain.com 1025
Trying 127.0.1.1...
telnet: Unable to connect to remote host: Connection refused
telnet mytestdomain.com 25
Trying 127.0.1.1...
telnet: Unable to connect to remote host: Connection refused

I have ufw installed and it’s status:

sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
Nginx Full                 ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)
Nginx Full (v6)            ALLOW       Anywhere (v6)

All this postfix configuration is new to me, can you tell me what port is it listening 1025 or 25 (or other)? There is no such line in the /etc/postfix/main.cf

NobbZ · May 28, 2019, 8:11pm

127.0.1.1 usually is your local computer, connected via the loopback interface. Are you sure you have started and configured an SMTP deamon?

Does something listen on port 1025? netstat -lnpt should shed some light.

igor · May 28, 2019, 8:15pm

netstat -lnpt
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:4369            0.0.0.0:*               LISTEN      1372/epmd
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:42775           0.0.0.0:*               LISTEN      32189/jp.sh
tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN      -
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      -
tcp6       0      0 :::80                   :::*                    LISTEN      -
tcp6       0      0 :::4369                 :::*                    LISTEN      1372/epmd
tcp6       0      0 :::22                   :::*                    LISTEN      -
tcp6       0      0 ::1:5432                :::*                    LISTEN      -
tcp6       0      0 ::1:25                  :::*                    LISTEN      -
tcp6       0      0 :::4000                 :::*                    LISTEN      32189/jp.sh

alexiss · May 28, 2019, 8:18pm

try to change your config to:

config :jp, JpWeb.Mailer,
  adapter: Swoosh.Adapters.SMTP,
  relay: "mytestdomain.com",
  ssl: false,
  tls: :always,
  port: 25, # <-----
  retries: 2,
  no_mx_lookup: false

alexiss · May 28, 2019, 8:21pm

Also you need to allow loopback in ufw - I don’t know how to do it in ufw. Something like this.

UPD Or just disable it for testing for a while

NobbZ · May 28, 2019, 8:23pm

It’s bound ::1, not to 127.0.1.1, it won’t accept connections to the latter, target IP has to be corrected as well then.

alexiss · May 28, 2019, 8:27pm

Ah, yes - looks like DNS gives incorrect 127.0.1.1 - it should resolve mytestdomain.com to 127.0.0.1.

@igor give as output of cat /etc/hosts

Or if you configure mytestdomain.com zone on this server - correct the IP to 127.0.0.1

igor · May 28, 2019, 8:33pm

 sudo cat /etc/hosts

127.0.0.1    localhost
127.0.1.1    mytestdomain.com

# The following lines are desirable for IPv6 capable hosts
::1          localhost ip6-localhost ip6-loopback
ff02::1      ip6-allnodes
ff02::2      ip6-allrouters

it seems there is at least one error…

alexiss · May 28, 2019, 8:35pm

change this to 127.0.0.1 mytestdomain.com, change port to 25 in config and temporary disable ufw. You should have telnet mytestdomain.com 25 to be connected after that and then try to run elixir again

igor · May 28, 2019, 8:54pm

So I’ve changed /etc/hosts to correct IP 127.0.0.1
Added a rule for the ufw to allow 25 port: sudo ufw allow 25/tcp
and in my application config I’ve set the port: 25

And the email was sent, I’ve got it in my mailbox (though in spam).
First of all big thank you, guys for your help!
I still have a couple of questions:
In the postfix’s log there is quietness, no mention of the sent email, why is that?
And the second question is it dangerous to open 25 port? According to lines in my postfix config:

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

Is it safe config?

alexiss · May 28, 2019, 8:59pm

You are always welcome!

regarding port 25 - looks good, but I recommend to ask this question on postfix forum ))

UPD You can leave this port without any restrictions if you disable any connection from outside to port 25 in ufw. Allow just tcp from-to 127.0.0.0/24

UPD 2 Of course, you also should allow outgoing connections to any address to port 25 if you want to send a real emails

igor · May 28, 2019, 9:04pm

Well, the first question is not relevant, it’s just the ssh session was expired so the log was not updated.

igor · May 28, 2019, 9:20pm

Thanks, Alexey!
I’ve done:

sudo ufw delete allow 25/tcp
sudo ufw allow from 127.0.0.1 to any port 25

Tried to send email and everything worked.

hauleth · May 28, 2019, 11:14pm

Just random question - why use Postfix at all?

igor · May 29, 2019, 5:12am

@hauleth, as I said, I lack of experience in this, I’ve read that Postfix is the most popular smtp server for linux, is there a better software for linux you are pointing to?
I know about third party services but they are not free and what are the benefits of using them? Which one is better and why?

NobbZ · May 29, 2019, 5:22am

The most important reason is, that the IP of your host from which you send your emails is not “trusted”, and it will take a lot of time to build up necessary reputation to not get flagged as SPAM everywhere. This is especially true if you send a lot of mails at once, eg. Newsletters.