Bookstack fails to send email through relay

Question

Bookstack fails to send email through relay

Closed this issue 9 days ago · 4 comments

KCKgithub commented 10 days ago

Attempted Debugging

I have read the debugging page

Searched GitHub Issues

I have searched GitHub for the issue.

Describe the Scenario

When sending a test email to an open, internal relay with no encryption, email fails to send.

Exact BookStack Version

v24.10.3

Log Content

Nothing pertaining to email failure in any log file. APP_DEBUG=true does not display errors.

/var/lib/nginx/logs
/app/www/storage/logs
/app/www/vendor/aws/aws-sdk-php/src/data/logs

Hosting Environment

Kubernetes v1.31.2+k3s1 using the image provided by linuxserver linuxserver/bookstack:latest
Container is able to resolve the mail relay.
There is no authentication or encryption required (or enabled) to use the relay. Strictly old-timey port 25 only.

I'm at a lost since this is about as simple as an email relay can get.

Details

apiVersion: apps/v1
kind: Deployment
metadata:
  name: bookstack-tech
  namespace: bookstack-tech
spec:
  replicas: 1
  selector:
    matchLabels:
      app: bookstack-tech
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: bookstack-tech
    spec:
      containers:

      - name: bookstack-tech
        image: linuxserver/bookstack:latest
        imagePullPolicy: Always
        env:
        - name: TZ
          value: America/Chicago
        - name: PUID
          value: "1000"
        - name: PGID
          value: "1000"
        - name: APP_URL
          value: "XXXXXXXX"
        - name: APP_KEY
          value: "XXXXXXXX"
        - name: DB_HOST
          value: "XXXXXXXX"
        - name: DB_PORT
          value: "3306"
        - name: DB_USERNAME
          value: "XXXXXXXX"
        - name: DB_PASSWORD
          value: "XXXXXXXX"
        - name: DB_DATABASE
          value: "XXXXXXXX"
        - name: MAIL_DRIVER
          value: "smtp"
        - name: MAIL_FROM_NAME
          value: "STUFF Admin"
        - name: MAIL_FROM
          value: "XXXXXXXXX"
        - name: MAIL_HOST
          value: 'mail.XXXX.XXX'
        - name: MAIL_PORT
          value: '25'
#        - name: APP_DEBUG
#          value: "false"
        ports:
          - containerPort: 6875
            protocol: TCP

        volumeMounts:
        - name: bookstack-tech-claim0
          mountPath: "/config"

      volumes:
        - name: bookstack-tech-claim0
          persistentVolumeClaim:
            claimName: bookstack-tech-claim0

I also tried editing the values in .env directly within the container, no change in behavior. I will include them in the spirt of being thorough.

# Mail system to use
# Can be 'smtp' or 'sendmail'
MAIL_DRIVER=smtp

# Mail sender details
MAIL_FROM_NAME="STUFF Admin"
MAIL_FROM=noreply@XXXX.com

# SMTP mail options
# These settings can be checked using the "Send a Test Email"
# feature found in the "Settings > Maintenance" area of the system.
# For more detailed documentation on mail options, refer to:
# https://www.bookstackapp.com/docs/admin/email-webhooks/#email-configuration
MAIL_HOST=mail.XXXX.com
MAIL_PORT=25
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_VERIFY_SSL=false

Answer 1 · 2024-12-16T01:58:49.000Z

I'll try to fix the formatting, `` code didn't work well.

Answer 2 · 2024-12-16T12:48:34.000Z

Hi @KCKgithub,
A couple of notes on this:

Even on port 25 with TLS disabled, The mail system in BookStack will attempt to upgrade and use TLS if advertised by the mail system. If TLS is announced as supported by the mail server, but it cannot handle it, then things will fail.

I also tried editing the values in .env directly

Keep in mind that the .env values may still be overidden by the container env options, since they take priority, so settings may not have been acting as you expect. If you want to see which settings BookStack is probably picking up, you can run the following against your instance: php artisan tinker --execute="dd(config('mail.mailers.smtp'))"

Answer 3 · 2024-12-16T13:13:02.000Z

Hi @KCKgithub, A couple of notes on this:

Even on port 25 with TLS disabled, The mail system in BookStack will attempt to upgrade and use TLS if advertised by the mail system. If TLS is announced as supported by the mail server, but it cannot handle it, then things will fail.

I also tried editing the values in .env directly

Keep in mind that the .env values may still be overidden by the container env options, since they take priority, so settings may not have been acting as you expect. If you want to see which settings BookStack is probably picking up, you can run the following against your instance: php artisan tinker --execute="dd(config('mail.mailers.smtp'))"

Thanks Dan!
This got me where I needed to get.
All working now.

For anyone that lands here through search.
If you are using postfix as a unencrypted email relay (port 25) you need to ensure that it is explicitly disabled in main.cf:

smtpd_tls_security_level = none

This will allow Bookstack to send emails using an internal relay and still allow Postfix to use TLS as a client to an email server clearing house (gmail.com in my case).

My Postfix is running in compatibility mode 3.6 FWIW.

php /app/www/artisan tinker --execute="dd(config('mail.mailers.smtp'))"
array:10 [
"transport" => "smtp"
"scheme" => null
"host" => "mail.yourdomain.com"
"port" => "25"
"username" => null
"password" => null
"verify_peer" => false
"timeout" => null
"local_domain" => null
"tls_required" => false
]

Thanks again!
KCK

Answer 4 · 2024-12-17T11:44:59.000Z

Good to hear things are working! I'll therefore close this off.