People having trouble creating accounts

I emailed the laser cutter safety training link that Lemons made to our meetup.com members who were active in the last 3 months, and two people have messaged me on Meetup to say that they had trouble creating accounts, and no people have RSVP’d on the post.

The messages say:

Hi Ruth,
I’m unable to add myself to the Laser Safety Training. I did click on the link and signed up for an account but the verification email still hasn’t been sent. Are you able to add me to the class?

and

Hi Ruth!
I would love to join the laser cutting class on friday. I forgot my noisebridge login though, how do I sign up?

What’s going on with account creation? Could it be related to not being able to reply via email, which has also been broken?

I tried to make a new account on mobile and then on desktop, and both times I got

We cannot detect if your account was created, please ensure you have cookies enabled.

and the account was not created. But this doesn’t seem like the same problem the people on meetup.com were having.

Did you ask them if they checked spam?

@lemons just signed up for Discuss last night in order to make his laser cutter class announcement. So… that worked.

This website is pretty wonky on mobile devices, too…

New user signups appear to still be broken.

I just tried signing up for a new test account (username “nobody”), and have received no confirmation email to activate my account. This isn’t an issue of spam filtering; I was looking at my mail logs as I was creating the account, and there was no attempt to connect to my mail server and delivery the message.

Note that other email related to this website is working fine. For example, username “mct” (from which I’m posting this message) is receiving email alerts for new messages as it should be.

Several of the people who showed up at the laser class on Friday said they weren’t able to create accounts, and said they had also checked their spam folder.

Ah! It finally came through. Appears to have been stuck in a queue for about 40 minutes:

Received: from discuss.noisebridge.info (unknown [172.93.55.252])
        by ln.iz.is (Postfix) with ESMTP id 6A01A3C24F
        for <nobody@netisland.net>; Tue, 23 Jul 2019 01:31:43 -0700 (PDT)
Received: from localhost.localdomain (unknown [172.17.0.7])
        by discuss.noisebridge.info (Postfix) with ESMTPA id 494731E07A
        for <nobody@netisland.net>; Tue, 23 Jul 2019 02:52:44 -0500 (CDT)

Ah hah… Thanks for reporting back about that. Do you know how to improve this?

Any updates on this? Someone else in the space is saying they never received an email either. Is it just a matter of attempting to sign up again?

Hey all,

Yesterday we had an emergency spam problem where our Postfix server could be used as an open relay :-\ – see https://discuss.noisebridge.info/t/what-is-using-so-much-disk-space-on-unicorn/1112/9 .

Temporary Remediation

I have stopped and disabled Postfix so that this very server (Unicorn, hosting *.noisebridge.info) would be unsuspended by our hosting provider, SSDNodes.com .

“Why I No Receive Email???”

In the past weeks, it probably took a long time for Discourse account confirmation emails to go out to people because ~millions of spam emails were being sent at the same time, filling up the queue (@mct seems to have had this problem, mentioned above).

If someone signed up for Discourse yesterday, then it is possible that their confirmation email was deleted by me along with ~84,000 spam messages; I deleted everything from the queue because 99.99%-100% of it was spam, but sorry for the inconvenience.

Our IP’s reputation has dropped significantly and so, in the weeks and months before the last few days, it is possible that entire domains/email providers were blocking any and all emails originating from our IP.

Next Steps

  1. Figure out which exact Discourse-related functionality the Postfix server has been used for (probably email replies that become Discourse posts, but any thing else?)

  2. If necessary for our desired functionality, re-enable Postfix (with $ sudo systemctl enable postfix) but only after securing port 2533, which currently gets sent to port 25 (see What is using so much disk space on Unicorn? ), which is the port Postfix was running on before I stopped and disabled it

Step #1 will be a lot easier if we figure out who needed 2533 open and why. (My goal is of course to determine a secure configuration, not to point fingers etc.)

I know who initially configured Discourse, but this person typically really knows their shit and so I doubt they would have left an SMTP relay open to the world.

Anyone remember who set up reply-to-Discourse-email-to-create-post? That should at least give us clues. /cc @James @tdfischer

1 Like

I globally disabled all email for now from discourse config, but i think this is unrelated to the relay issue, it was just causing errors.

I believe the full functionality originally set up for email is

  1. send out user confirms
  2. send out digests for users who haven’t been seen in some (definable) time frame.
  3. subscribe users to topics they have participated in
  4. receive "reply-to"s from 3 from said users
  5. the “Annouce” category sents to noisebridge-annouce.

I know so little about both mail/SMTP and docker as to only speculate, but dicourse is configured to use
expose 2533:25

My limited reading indicates that expose by itself doesn’t publish the port to the world so there must be some other place. Unless discourse handles that, and then publishes 2533. I’m digging through the launcher to figure out what happens and where.

apparently that is the case.

in /var/discourse/launcher:
image

I believe the ‘-p’ is publish

@elimisteve I dont know if the above is helpful to answer your questions.

Solved! :tada:

In /var/discourse/containers/mail-receiver.yml I changed

expose:
  - "2533:25"   # SMTP

to

expose:
  - "127.0.0.1:2533:25"   # SMTP

so that port 2533 would only be exposed to the (local)host, not the whole world. Then I ran

cd /var/discourse
sudo ./launcher rebuild mail-receiver

Then I re-enabled Postfix, aaaand… outgoing email should now work – and securely!

1 Like