[Building Sakai] mailarchive / james rejected email notices not being sent
Kevin Carruth
kcarruth at virginia.edu
Mon Jan 30 10:35:59 PST 2012
We've recently noticed that when incoming emails are rejected by sakai,
the original senders are not being notified by sakai's internal mailer.
We're seeing this in two cases:
1) a user sends mail to a site for which he does not have permission
2) a user sends mail to a non-existent (bogus) site email address
In case #1, tomcat logs an exception like this:
==========
2012-01-09 11:18:28,630 INFO Spool Thread #9
org.sakaiproject.james.SakaiMailet - : mail rejected: from:
kcarruth at gmail.com not authorized for site: mdstfaculty
==========
In case #2, the log shows something like this:
==========
2012-01-09 11:20:14,477 INFO Spool Thread #6
org.sakaiproject.james.SakaiMailet - <4F0B13BD.2080606 at virginia.edu> :
mail rejected: org.sakaiproject.exception.IdUnusedException id=bogus-address
==========
In either case, the user who sent the message sees nothing in response,
no indication that something went wrong. James does seem to create
rejection emails but then for some reason doesn't send them. Pairs of
files are created in
/usr/local/tomcat/webapps/sakai-mailarchive-james/apps/james/var/mail/address-error
One file will be named "<identifier>.Repository.FileObjectStore", and
the other "<identifier>.Repository.FileStreamStore". For example, I just
generated a pair by sending to a bogus address:
4D61696C313332373432373733363435372D32333437.Repository.FileObjectStore
4D61696C313332373432373733363435372D32333437.Repository.FileStreamStore
The 'FileStreamStore' file is a simple copy of the email sent, with
headers and whatnot. The 'FileObjectStore' file is a binary file but
when I read it, I can see some strings that would suggest its intent to
be a rejection reply to the message sent in.
I found https://jira.sakaiproject.org/browse/SAK-19841 , which suggests
that this functionality changed in 2.6 to prevent spam relaying, and a
user suggests a possible 'fix' by registering the machine's actual IP
address (instead of the default 127.0.0.1 that's already there) in a
mailarchive config.xml file under "RemoteAddrNotInNetwork", but that
hasn't worked for us. It's also been suggested using
"authorizedAddresses" config in the same xml file, but that hasn't
worked either. We've tried both specific IP addresses and wildcard
catch-alls.
Has anyone had any success re-enabling these sorts of notifications in
another manner, and if so, how?
Thanks,
Kevin @ UVa
More information about the sakai-dev
mailing list