Mailcow-dockerized: Quarantine not working at all.
Prior to placing the issue, please check following: (fill out each checkbox with an X once done)
- [X] I understand, that not following or deleting the below instructions, will result in immediate closing and deletion of my issue.
- [X] I have understood that answers are voluntary and community-driven, and not commercial support.
- [X] I have verified that my issue has not been already answered in the past. I also checked previous issues.
Description of the bug: Quarantine does not function as expected, no notifications and not held in quarantine queue. The emails are only rejected. No blacklist in reject rules that would bypass quarantine.
Docker container logs of affected containers:
php-fpm-mailcow_1 | [03-Nov-2020 11:42:15] WARNING: [pool system-worker] child 36 said into stderr: "NOTICE: PHP message: RCPT RESOVLER: http pipe: query [email protected] as username from mailbox"
php-fpm-mailcow_1 | [03-Nov-2020 11:42:15] WARNING: [pool system-worker] child 36 said into stderr: "NOTICE: PHP message: RCPT RESOVLER: http pipe: mailbox found: [email protected]"
php-fpm-mailcow_1 | [03-Nov-2020 11:42:15] WARNING: [pool system-worker] child 36 said into stderr: "NOTICE: PHP message: RCPT RESOVLER: http pipe: goto array count on loop #1 is 0"
php-fpm-mailcow_1 | [03-Nov-2020 11:42:15] WARNING: [pool system-worker] child 36 said into stderr: "NOTICE: PHP message: QUARANTINE: quarantine pipe: processing quarantine message for rcpt [email protected]"
php-fpm-mailcow_1 | [03-Nov-2020 11:42:15] WARNING: [pool system-worker] child 36 said into stderr: "NOTICE: PHP message: QUARANTINE: SQLSTATE[23000]: Integrity constraint violation: 4025 CONSTRAINT `quarantine.fuzzy_hashes` failed for `mailcow`.`quarantine`"
php-fpm-mailcow_1 | 172.22.1.11 - 03/Nov/2020:11:42:15 +0300 "POST /pipe.php" 503
rspamd-mailcow_1 | 2020-11-03 11:42:15 #42(normal) <22a600>; lua; metadata_exporter.lua:284: got unexpected http status: 503
rspamd-mailcow_1 | 2020-11-03 11:42:15 #42(normal) <22a600>; task; rspamd_task_write_log: id: <[email protected]>, qid: <78982622B9>, ip: 192.195.xx.xx, from: <[email protected]>, (default: T (reject): [23.46/15.00] [R_DKIM_REJECT(8.00){icontactmail4.com:s=default;},URIBL_BLACK(7.50){qnrf.org:email;},FORGED_W_BAD_POLICY(3.00){},BAD_REP_POLICIES(2.00){},FORGED_RECIPIENTS(2.00){m:[email protected];s:[email protected];},NEURAL_HAM_SHORT(-2.00){-1.000;},HFILTER_URL_ONLY(1.24){0.56741756447927;},HFILTER_HELO_IP_A(1.00){email2.com;},POLICY_FAILURE(1.00){},RCVD_IN_DNSWL_MED(-0.20){192.195.xx.xx:from;},MIME_GOOD(-0.10){text/plain;},IP_REPUTATION_SPAM(0.03){asn: 29384(0.00), country: QA(0.01), ip: 192.195.xx.xx(0.00);},HAS_LIST_UNSUB(-0.01){},MX_GOOD(-0.01){},ARC_NA(0.00){},ARC_SIGNED(0.00){helali.me:s=dkim:i=1;},ASN(0.00){asn:29384, ipnet:192.195.88.0/21, country:QA;},DKIM_TRACE(0.00){icontactmail4.com:-;},DMARC_NA(0.00){qnrf.org;},FORGED_SENDER(0.00){[email protected];[email protected];},FROM_HAS_DN(0.00){},FROM_NEQ_ENVFROM(0.00){[email protected];[email protected];},HAS_REPLYTO(0.00){[email protected];},MIME_TRACE(0.00){0:+;},RCPT_COUNT_ONE(0.00){1;},RCPT_MAILCOW_DOMAIN(0.00){helali.me;},RCVD_COUNT_FIVE(0.00){5;},RCVD_TLS_LAST(0.00){},REPLYTO_ADDR_EQ_FROM(0.00){},R_SPF_ALLOW(0.00){+a:tamuq-proofpoint-agent2.email2.com;},TO_DN_ALL(0.00){}]), len: 10794, time: 7696.675ms, dns req: 66, digest: <ba5eb1d70e97e500b6726d20613fd9ff>, rcpts: <[email protected]>, mime_rcpts: <[email protected]>
md5-128cdd96e54ce6e6a134eba348223b35
git diff origin/master
diff --git a/data/assets/ssl-example/cert.pem b/data/assets/ssl-example/cert.pem
index 96d16bec..fb4654e0 100644
--- a/data/assets/ssl-example/cert.pem
+++ b/data/assets/ssl-example/cert.pem
md5-7da7c814e327782bc3f409297a950d7f
Chain INPUT (policy ACCEPT 1526K packets, 1598M bytes)
pkts bytes target prot opt in out source destination
3795K 4257M MAILCOW all -- * * 0.0.0.0/0 0.0.0.0/0
524K 131M ACCEPT tcp -- * * 127.0.0.1 0.0.0.0/0 tcp dpt:32400
344 19044 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:32400
3662 1441K ACCEPT tcp -- * * 127.0.0.1 0.0.0.0/0 tcp dpt:1337
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1337
0 0 ACCEPT tcp -- * * 127.0.0.1 0.0.0.0/0 tcp dpt:19000
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:19000
166K 32M ACCEPT tcp -- * * 127.0.0.1 0.0.0.0/0 tcp dpt:6081
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6081
0 0 ACCEPT tcp -- * * 127.0.0.1 0.0.0.0/0 tcp dpt:6306
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6306
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
8630K 6598M MAILCOW all -- * * 0.0.0.0/0 0.0.0.0/0
8632K 6599M DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0
8632K 6599M DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0
2950K 1511M ACCEPT all -- * br-mailcow 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
141K 8801K DOCKER all -- * br-mailcow 0.0.0.0/0 0.0.0.0/0
166K 81M ACCEPT all -- br-mailcow !br-mailcow 0.0.0.0/0 0.0.0.0/0
133K 8350K ACCEPT all -- br-mailcow br-mailcow 0.0.0.0/0 0.0.0.0/0
52 29330 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
10 500 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
89 9072 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
9075K 11G ACCEPT all -- * br-3ddd0769c6f6 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
14337 860K DOCKER all -- * br-3ddd0769c6f6 0.0.0.0/0 0.0.0.0/0
3804K 837M ACCEPT all -- br-3ddd0769c6f6 !br-3ddd0769c6f6 0.0.0.0/0 0.0.0.0/0
14337 860K ACCEPT all -- br-3ddd0769c6f6 br-3ddd0769c6f6 0.0.0.0/0 0.0.0.0/0
1296K 4695M ACCEPT all -- eth0 wg0 0.0.0.0/0 0.0.0.0/0
1956K 238M ACCEPT all -- wg0 * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 1787K packets, 1693M bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (3 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- !br-3ddd0769c6f6 br-3ddd0769c6f6 0.0.0.0/0 172.18.0.2 tcp dpt:443
10 500 ACCEPT tcp -- !docker0 docker0 0.0.0.0/0 172.17.0.2 tcp dpt:80
0 0 ACCEPT tcp -- !br-3ddd0769c6f6 br-3ddd0769c6f6 0.0.0.0/0 172.18.0.3 tcp dpt:3306
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.249 tcp dpt:6379
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.4 tcp dpt:8983
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.8 tcp dpt:3306
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.11 tcp dpt:8443
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.11 tcp dpt:8080
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:12345
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:4190
1 40 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:995
8 408 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:993
13 672 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:143
2 100 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:110
2849 171K ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.10 tcp dpt:587
18 968 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.10 tcp dpt:465
24 1348 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.10 tcp dpt:25
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
166K 81M DOCKER-ISOLATION-STAGE-2 all -- br-mailcow !br-mailcow 0.0.0.0/0 0.0.0.0/0
89 9072 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
3804K 837M DOCKER-ISOLATION-STAGE-2 all -- br-3ddd0769c6f6 !br-3ddd0769c6f6 0.0.0.0/0 0.0.0.0/0
26M 22G RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (3 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * br-mailcow 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * br-3ddd0769c6f6 0.0.0.0/0 0.0.0.0/0
4223K 942M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
26M 22G RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain MAILCOW (2 references)
pkts bytes target prot opt in out source destination
md5-3cf4cf5435b300b0255124424843ee51
docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254
151.101.193.69
151.101.129.69
151.101.65.69
151.101.1.69
SkanderHelali
All 5 comments
Updated, error is now:
php-fpm-mailcow_1 | [03-Nov-2020 12:47:28] WARNING: [pool system-worker] child 39 said into stderr: "NOTICE: PHP message: RCPT RESOVLER: http pipe: query [email protected] as username from mailbox"
php-fpm-mailcow_1 | [03-Nov-2020 12:47:28] WARNING: [pool system-worker] child 39 said into stderr: "NOTICE: PHP message: RCPT RESOVLER: http pipe: mailbox found: [email protected]"
php-fpm-mailcow_1 | [03-Nov-2020 12:47:28] WARNING: [pool system-worker] child 39 said into stderr: "NOTICE: PHP message: RCPT RESOVLER: http pipe: goto array count on loop #1 is 0"
php-fpm-mailcow_1 | [03-Nov-2020 12:47:28] WARNING: [pool system-worker] child 39 said into stderr: "NOTICE: PHP message: QUARANTINE: quarantine pipe: processing quarantine message for rcpt [email protected]"
php-fpm-mailcow_1 | [03-Nov-2020 12:47:28] WARNING: [pool system-worker] child 39 said into stderr: "NOTICE: PHP message: QUARANTINE: SQLSTATE[42S22]: Column not found: 1054 Unknown column 'type' in 'field list'"
SkanderHelali
on 3 Nov 2020
Update the db schema. Update your mailcow completely.
andryyy
on 3 Nov 2020
Oh my, sorry, forgot to push the db schema update...
git fetch
git checkout origin/master data/web/inc/init_db.inc.php
Open the UI afterwards.
andryyy
on 3 Nov 2020
👍1
Excellent, thank you. Quarantine works perfectly now. :)
SkanderHelali
on 3 Nov 2020
Thanks for the report and sorry for the delay... I forgot about that yesterday when it first came up.
andryyy
on 3 Nov 2020
❤2
Was this page helpful?
0 / 5 - 0 ratings
Related issues
bonanza123
路
3Comments
Adorfer
路
3Comments
mritzmann
路
3Comments
pgollor
路
3Comments
poldixd
路
3Comments
Most helpful comment
Thanks for the report and sorry for the delay... I forgot about that yesterday when it first came up.