Miscellaneous first checks
Affected Component(s)
ClamAV
What happened and when does this occur?
When running a fresh container (no old mounted folders or files), the container crashes with the error:
[[ INF ]] Fixing Amavis permissions
[[ TASKS ]] Cleaning up disabled ClamAV
rm: cannot remove '/etc/logrotate.d/clamav-*': No such file or directory
rm: cannot remove '/etc/cron.d/clamav-freshclam': No such file or directory
[ FATAL ] Failed to remove ClamAV configuration
[ ERROR ] Shutting down..
### What did you expect to happen?
```Markdown
The container should start normally
How do we replicate the issue?
Just run the container using the settings below.
DMS version
v10.2.0 (edge)
How much RAM is available to DMS explicitly?
less than 2GB
How many CPU cores are available?
less than 1 Core
Is DMS running in a virtualized environment?
... a virtual private server (VPS) (with virtual CPU cores)
What operating system is DMS running on?
Linux
What instruction set architecture is DMS running on?
x86_64 / AMD64
I/O - Persistent memory
What container orchestration tool are you using?
Docker Compose
Docker version
Docker version 20.10.8, build 3967b7d
Docker Compose version
docker-compose version 1.29.2, build 5becea4c
The output of uname -a
Linux srv02 5.4.0-84-generic #94-Ubuntu SMP Thu Aug 26 20:27:37 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Important environment variables
DMS_DEBUG=1
[email protected]
SSL_TYPE=manual
SSL_CERT_PATH=/etc/ssl/pki/mail.MYDOMAIN.com.crt
SSL_KEY_PATH=/etc/ssl/pki/mail.MYDOMAIN.com.key
ENABLE_LDAP=1
LDAP_START_TLS=yes
LDAP_SERVER_HOST=dc1.internal.MYDOMAIN.com
LDAP_SEARCH_BASE=dc=internal,dc=MYDOMAIN,dc=com
LDAP_BIND_DN=cn=Administrator,cn=users,dc=internal,dc=MYDOMAIN,dc=com
LDAP_BIND_PW=Ch@ngeMe
# Specifies how ldap should be asked for users.
LDAP_QUERY_FILTER_USER=(&(objectclass=person)(mail=%s))
# Specifies how ldap should be asked for groups.
LDAP_QUERY_FILTER_GROUP=(|)
# Specifies how ldap should be asked for aliases.
LDAP_QUERY_FILTER_ALIAS=(|)
# Specifies how ldap should be asked for domains.
LDAP_QUERY_FILTER_DOMAIN=(mail=*@%s)
DOVECOT_TLS=yes
DOVECOT_USER_FILTER=(&(objectclass=person)(sAMAccountName=%n))
DOVECOT_USER_ATTRS==uid=%{ldap:uidNumber},=gid=6000,=home=/var/mail/%Ln,=mail=maildir:~/Maildir
DOVECOT_PASS_ATTRS=sAMAccountName=user,userPassword=password
DOVECOT_AUTH_BIND=yes
ENABLE_SASLAUTHD=1
SASLAUTHD_MECHANISMS=ldap
SASLAUTHD_LDAP_SERVER=dc1.internal.MYDOMAIN.com
SASLAUTHD_LDAP_BIND_DN=cn=Administrator,cn=users,dc=internal,dc=MYDOMAIN,dc=com
SASLAUTHD_LDAP_SEARCH_BASE=dc=internal,dc=MYDOMAIN,dc=com
SASLAUTHD_LDAP_FILTER=(&(sAMAccountName=%U)(objectClass=person))
SASLAUTHD_LDAP_START_TLS=yes
SASLAUTHD_LDAP_TLS_CHECK_PEER=yes
SASLAUTHD_LDAP_TLS_CACERT_FILE=/etc/ssl/self-signed-pki/pki/ca.crtRelevant log output
[[ INF ]] Fixing Amavis permissions
[[ TASKS ]] Cleaning up disabled ClamAV
rm: cannot remove '/etc/logrotate.d/clamav-*': No such file or directory
rm: cannot remove '/etc/cron.d/clamav-freshclam': No such file or directory
[ FATAL ] Failed to remove ClamAV configuration
[ ERROR ] Shutting down..
Other relevant information
**(do NOT miss number 2 below)**
1. Find the **Docker-Compose** file below:
version: '3.9'
services:
mailserver:
container_name: mailserver
image: docker.io/mailserver/docker-mailserver:edge # TODO change the TAG to 10.2.0 when released.
hostname: mail
domainname: ${PUBLIC_DOMAIN_NAME}
# dns: 1.1.1.1
# To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks.
# More information about the mailserver ports:
# https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/
networks:
- internal01
ports:
- "25:25"
- "143:143"
- "587:587"
- "993:993"
volumes:
- mailserver-data:/var/mail/
- mailserver-state:/var/mail-state/
- mailserver-logs:/var/log/mail/
- mailserver-config:/tmp/docker-mailserver/
- /etc/localtime:/etc/localtime:ro
- publicly-trusted-pki:/etc/ssl/pki/:ro
restart: always
stop_grace_period: 1m
cap_add: [ "NET_ADMIN", "SYS_PTRACE" ]
env_file:
- mailserver/mailserver.env
environment:
# The following variables will be passed from the .env (if exist) to override the variables in mailserver.env.
- DMS_DEBUG
- POSTMASTER_ADDRESS
- SSL_TYPE
- SSL_CERT_PATH
- SSL_KEY_PATH
- ENABLE_LDAP
- LDAP_START_TLS
- LDAP_SERVER_HOST
- LDAP_SEARCH_BASE
- LDAP_BIND_DN
- LDAP_BIND_PW
- LDAP_QUERY_FILTER_USER
- LDAP_QUERY_FILTER_GROUP
- LDAP_QUERY_FILTER_ALIAS
- LDAP_QUERY_FILTER_DOMAIN
- DOVECOT_TLS
- DOVECOT_USER_FILTER
- DOVECOT_USER_ATTRS
- DOVECOT_PASS_ATTRS
- DOVECOT_AUTH_BIND
- ENABLE_SASLAUTHD
- SASLAUTHD_MECHANISMS
- SASLAUTHD_LDAP_SERVER
- SASLAUTHD_LDAP_BIND_DN
- SASLAUTHD_LDAP_SEARCH_BASE
- SASLAUTHD_LDAP_FILTER
- SASLAUTHD_LDAP_START_TLS
- SASLAUTHD_LDAP_TLS_CHECK_PEER
- SASLAUTHD_LDAP_TLS_CACERT_FILE
volumes:
mailserver-data:
mailserver-state:
mailserver-logs:
mailserver-config:
internal01 network and the volume of the public key are defined in another docker-compose.yml file. But this should not be an issue.
2. Make sure the container does not validate the CA in the ldap.conf file, as is seems that there is an issue here (the certificate seems to be refused even if it is valid). In simple words, execute the following on the host and this will do the job:
docker exec mailserver sh -c 'echo "TLS_REQCERT never" > /etc/ldap/ldap.conf'
What level of experience do you have with Docker and mail servers?
Trust me, I'm a (computer) engineer! [expert]
Code of conduct
Improvements to this form?
No response
Miscellaneous first checks
Affected Component(s)
ClamAV
What happened and when does this occur?
How do we replicate the issue?
DMS version
v10.2.0 (edge)
How much RAM is available to DMS explicitly?
less than 2GB
How many CPU cores are available?
less than 1 Core
Is DMS running in a virtualized environment?
... a virtual private server (VPS) (with virtual CPU cores)
What operating system is DMS running on?
Linux
What instruction set architecture is DMS running on?
x86_64 / AMD64
I/O - Persistent memory
What container orchestration tool are you using?
Docker Compose
Docker version
Docker version 20.10.8, build 3967b7d
Docker Compose version
docker-compose version 1.29.2, build 5becea4c
The output of
uname -aLinux srv02 5.4.0-84-generic #94-Ubuntu SMP Thu Aug 26 20:27:37 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Important environment variables
Relevant log output
Other relevant information
What level of experience do you have with Docker and mail servers?
Trust me, I'm a (computer) engineer! [expert]
Code of conduct
Improvements to this form?
No response