Friday, 22 May 2020

Day 67 of self-isolation - email problems

Email problems

Life goes on. And version 32 of Fedora linux is now available. So I've downloaded it and burned it to DVD. and then I started to upgrade my servers from 31 to 32.

And my email stopped working.

I have a fairly complicated email system, because I run my own mail servers, also have aol and gmail addresses, and use a homebrew despamming system, all of which works very well. Until it stopped working.

The way it works is, on my own server I run a program called "fetchmail" which talks to each of my mail servers, and to gmail, and aol, and whatever else, and collect the mail to itself, then sorts it into spam and not-spam (and other categories), and then I can read the mail using a text-only mail reader (text only means I don't have to worry about possible html or javascript traps in incoming email. I use alpine, which is a clone of pine, and I've been using that for 25 years. The only drawback is when I phone someone for tech support of something, and they send me an email and tell me to click on a link. Which I can't do. I think everyone assumes that everyone else is using a web-based mail reader. No - nearly everyone is, but not me.

Fetchmail wasn't fetching from my mail server.

Initially, the only clue I had was that I wasn't getting any email. And that's pretty much impossible, I get several emails per hour (mostly spam), so obviously there was a blockage somewhere in my systems. So I checked my main mail server, and the mail was getting as far as that, but then the thing that grabbed it (called fetchmail) wasn't grabbing. And the only thing that I'd changed was, of course, the linux upgrade.

So first, I logged into th email server, and deleted all the obvious spam, because I knew that it would clog up if I unblocked whatever was the probem. I got the outstanding email down to 25 messages.

Then I ran

env LC_ALL=C fetchmail -vvv  --nodetach --nosyslog

What that does, is show me the messages from fetchmail as it goes about trying to fetch mail, and it was immediately clear that it didn't like the SSL security certificate that it found on dovecot (which is the program that runs on the mail server that lets fetchmail fetch the messages). So I looked that the dovecot configuration file for the mail server, and the certificate it referenced, was the one that fetchmail didn't like. That's probably because I installed it five years ago, and it's well out of date.

But I use to make all my security certs (a few dozen of them!), and I already have a good and valid cert. All I had to do was copy that to the mail server, tell dovecot where it was, restart dovecot, and the mail started to flow again.

Then I did the same for all my other mail servers, and changed the cert update system so that the mail servers would be automatically updated when I update the cert.

And now my email system works again.


  1. Ironic that you built a whole mail system to deal with spam and the first comment on this post is spam :D I know it's not your host/system but still ironic.

  2. And it's a good demonstration of the need for an anti-spam system!

  3. I did look through some of the approach/tools you outlined. I don't mind using gmail as my main aggregator where it pulls from different pop accounts. It does a decent job on filtering - over aggressive in some cases. Thanks for sharing what you use.