Self-Service Emails Not Being Sent

We do not host email on UCS, so I do not have the Mail Server package installed. I have UCS configured to use a relayhost as a mail server, as per the documentation. The relayhost is an Amazon SES server on port 587. I can send emails successfully with the following command from the command line:

echo “Test” | mail -s “Testmail” person@domain.com

In addition, I successfully receive error notifications from Nagios. Everything appears to function properly. However port 25 is NOT open on the server, whether at localhost or externally. I do not see port 25 when running Netstat or Nmap. I do see ports 587 and 465 open.

When creating a new user with the “Invite user via email” option enabled, the system attempts to send out an email, but fails with the following error in the log file:

27.01.21 15:51:28.270  univention-self-service-invitation ( INFO    ) : Found trigger for user tiffany
27.01.21 15:51:28.273  univention-self-service-invitation ( INFO    ) : Sending token to tiffany
27.01.21 15:51:28.508  DEBUG_INIT
27.01.21 15:51:28.845  MODULE      ( PROCESS ) : Loading python module.
27.01.21 15:51:28.958  MODULE      ( PROCESS ) : Imported python module.
27.01.21 15:51:28.958  MODULE      ( PROCESS ) : Module instance created.
27.01.21 15:51:28.958  MODULE      ( PROCESS ) : Module socket initialized.
27.01.21 15:51:28.979  MODULE      ( PROCESS ) : Setting user LDAP DN <sanitized>
27.01.21 15:51:28.979  MODULE      ( PROCESS ) : Setting auth type to None
27.01.21 15:51:28.979  MODULE      ( PROCESS ) : Initializing module.
27.01.21 15:51:28.988  MODULE      ( PROCESS ) : get_plugins(): Plugin class 'SendWithExternal' for sending method 'None' is disabled.
27.01.21 15:51:28.991  MODULE      ( PROCESS ) : get_plugins(): Loaded sending plugin class 'SendEmail' for sending method 'email'.
27.01.21 15:51:28.993  MODULE      ( PROCESS ) : get_plugins(): Loaded sending plugin class 'VerifyEmail' for sending method 'verify_email'.
27.01.21 15:51:28.998  MODULE      ( PROCESS ) : get_plugins(): Plugin class 'SendSMS' for sending method 'mobile' is disabled.
27.01.21 15:51:28.998  MODULE      ( PROCESS ) : get_plugins(): plugin class 'VerifyEmail' for sending method 'verify_email': udm_property: 'PasswordRecoveryEmailVerified' token_length: '64'
27.01.21 15:51:28.998  MODULE      ( PROCESS ) : get_plugins(): plugin class 'SendEmail' for sending method 'email': udm_property: 'PasswordRecoveryEmail' token_length: '64'
27.01.21 15:51:29.075  MODULE      ( ERROR   ) : Unknown error: Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/passwordreset/__init__.py", line 976, in _call_send_msg_plugin
    plugin.send()
  File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/passwordreset/sending/send_email.py", line 121, in send
    smtp = smtplib.SMTP(self.server)
  File "/usr/lib/python2.7/smtplib.py", line 256, in __init__
    (code, msg) = self.connect(host, port)
  File "/usr/lib/python2.7/smtplib.py", line 316, in connect
    self.sock = self._get_socket(host, port, self.timeout)
  File "/usr/lib/python2.7/smtplib.py", line 291, in _get_socket
    return socket.create_connection((host, port), timeout)
  File "/usr/lib/python2.7/socket.py", line 575, in create_connection
    raise err
error: [Errno 111] Connection refused

27.01.21 15:51:29.075  MODULE      ( ERROR   ) : send_token(): Error sending token with via 'email' to 'tiffany'.
27.01.21 15:51:29.078  MODULE      ( PROCESS ) : Error sending token: [Errno 111] Connection refused
27.01.21 15:51:29.081  univention-self-service-invitation ( ERROR   ) : Failed sending invitation for user tiffany
Traceback (most recent call last):
  File "/usr/lib/univention-self-service-master/univention-self-service-invitation", line 113, in check_trigger
    self.umc_client.umc_command(self.umc_path, dict(username=user, method='email'))
  File "/usr/lib/python2.7/dist-packages/univention/lib/umc.py", line 444, in umc_command
    return self.request('POST', 'command/%s' % (path,), data, headers)
  File "/usr/lib/python2.7/dist-packages/univention/lib/umc.py", line 524, in request
    return self.send(request)
  File "/usr/lib/python2.7/dist-packages/univention/lib/umc.py", line 553, in send
    raise HTTPError(request, response, self.hostname)
InternalServerError: 500 on <sanitized> (command/passwordreset/send_token): {u'status': 500, u'message': u'Error sending token: [Errno 111] Connection refused', u'traceback': None, u'location': u'https://<sanitized>/univention/command'}
27.01.21 15:51:29.081  univention-self-service-invitation ( ERROR   ) : Got exception!
Traceback (most recent call last):
  File "/usr/lib/univention-self-service-master/univention-self-service-invitation", line 129, in <module>
    inv.check_trigger()
  File "/usr/lib/univention-self-service-master/univention-self-service-invitation", line 123, in check_trigger
    six.reraise(*exc_info)
  File "/usr/lib/univention-self-service-master/univention-self-service-invitation", line 113, in check_trigger
    self.umc_client.umc_command(self.umc_path, dict(username=user, method='email'))
  File "/usr/lib/python2.7/dist-packages/univention/lib/umc.py", line 444, in umc_command
    return self.request('POST', 'command/%s' % (path,), data, headers)
  File "/usr/lib/python2.7/dist-packages/univention/lib/umc.py", line 524, in request
    return self.send(request)
  File "/usr/lib/python2.7/dist-packages/univention/lib/umc.py", line 553, in send
    raise HTTPError(request, response, self.hostname)
InternalServerError: 500 on <sanitized> (command/passwordreset/send_token): {u'status': 500, u'message': u'Error sending token: [Errno 111] Connection refused', u'traceback': None, u'location': u'https://<sanitized>/univention/command'}
27.01.21 15:51:33.287  MAIN        ( WARN    ) : Shutting down all open connections
27.01.21 15:51:33.287  MAIN        ( WARN    ) : Shutting down all open connections

This repeats about every minute until I delete the user that it’s trying to send a token to. What I’m gathering from this is that send_email.py fails because it can’t connect to self.server at self.connect(host,port) which is presumably localhost:25, which doesn’t exist.

How do I fix this? I don’t understand why postfix isn’t listening to port 25 at localhost, that’s baffling. It doesn’t seem like I should have to install an entire email server package to open up that port.

update: I just noticed that /etc/postfix/master.cf has a blank space where “smtp” should be. The very first line is:

          inet  n       -       n       -       -       smtpd

(there’s nothing in front of “inet”, it’s just blank space).

I could fix this by adding the entire smtp line to the template override, but why is that line being auto-generated that way by UCS? I’d much rather fix whatever’s wrong than impose an override that will cause me headaches years from now.

Hello? Does anyone actually respond to these things?

Did you use a valid email-domain in the sender’s email address in the self service settings?

Most mailservers try to validate the email domain of sender’s address, which is noreply@<hostname>.<domainname>.intranet by default. This must be changed to noreply@<my_email_domain>.<tld>

Yes, and even if I hadn’t, the international network’s domain is also permitted on the relay mail server.

I’m not getting authentication issues and the mail is never making it to the postfix queue at all, the local postfix instance is refusing to allow the self-service scripts to connect at all.

I have two UCS-servers in use. ucs1 is my relay and sends outgoing mails to gmx as relay, ucs2 is new (with self service and sends mails via ucs1 to the recipient.

I did the following settings on my ucs2 server with self-service in the Univention registry:

Univention Registry:
mail/postfix/masquerade/domains
	\<emaildomain>.\<tld>
mail/postfix/myorigin
	\<ucs1>.\<emaildomain>.\<tld>
mail/relayauth
	yes
mail/relayhost
	[ip-of-ucs1]:25
mail/smtpport
	25

(the ip-address must be in brackets “[” and “]”)

and in `/etc/postfix/smtp_auth:

<ucs1.tld> <user>:<password>

(“user” must exist on ucs1)

on my ucs1 I added the IP of ucs2 in “mynetworks” f.e.

mail/postfix/mynetworks
	127.0.0.0/8 192.168.121.52/32 192.168.121.53/32