Roots Discourse

Cron mails with wrong recipient

Hi,
from my DO Servers i get emails for cron tasks. But they are sent to a weird address.

The Emails are sent to: root@info@…
Our Domainprovider forwards these emails and they look like this:

Von: root@asuran.udag.de (Cron Daemon)
Betreff: Cron root@ubuntu-2gb-nyc3-01-PRODUCTION-mycasaincuba test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
Datum: 7. August 2017 um 08:54:03 MESZ
An: root@asuran.udag.de

/etc/cron.daily/logrotate:
error: error running shared postrotate script for '/var/log/nginx/*.log '
run-parts: /etc/cron.daily/logrotate exited with return code 1

Here is a log of their mailserver:

2017-06-20 08:29:52 smtp01 9DEC23A6: 9DEC23A6: removed
2017-06-20 08:29:52 smtp01 9DEC23A6: 9DEC23A6: to=info@mycasaincuba.com, relay=smx00.udag.de[62.146.106.132]:25, delay=12, delays=1.3/0/0.02/10, dsn=2.0.0, status=sent (250 OK id=1dNCfV-00050d-U9)
2017-06-20 08:29:41 smtp01 9DEC23A6: 9DEC23A6: from=<root@info@mycasaincuba.com>, size=886, nrcpt=1 (queue active)
2017-06-20 08:29:41 smtp01 9DEC23A6: 9DEC23A6: message-id=<>
2017-06-20 08:29:40 smtp01 9DEC23A6: 9DEC23A6: client=unknown[104.236.225.X], sasl_method=XCLIENT, sasl_username=mycasaincuba-com-0001

2017-06-20 08:29:52 anubis 66150834FA: 66150834FA: removed
2017-06-20 08:29:52 anubis 66150834FA: 66150834FA: to=mycasaincuba-com-0001@mail.udag.de, orig_to=info@mycasaincuba.com, relay=10.5.2.20[10.5.2.20]:25, delay=0.04, delays=0.01/0/0/0.02, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 6A26F4E09)
2017-06-20 08:29:52 anubis 66150834FA: 66150834FA: from=SRS1+CCvP=anubis.udag.de=+2ppV=5Z=info@udag.de, size=2486, nrcpt=1 (queue active)
2017-06-20 08:29:52 anubis 66150834FA: 66150834FA: message-id=20170620062952.66150834FA@anubis.udag.de
2017-06-20 08:29:52 anubis 66150834FA: warning: 66150834FA: multi-valued sender_canonical_maps entry for “root@info”@mycasaincuba.com
2017-06-20 08:29:52 anubis 66150834FA: 66150834FA: client=exspamix-01.udag.de[62.146.106.X]

My mail.yml seems to be fine.

mailhog_install_ssmtp: no
mail_admin: info@mycasaincuba.com
mail_hostname: mycasaincuba.com
mail_smtp_server: smtp.udag.de:25
mail_user: mycasaincuba-com-0001
mail_password: “{{ vault_mail_password }}” # Define this in group_vars/staging/vault.yml

Does the cron task use the mail_admin address or the Wordpress Default admin email? And why is the root@ prepended?

Thanks for any help

1 Like

The same thing is happening to me with a new website that I have recently created.
I have at least 7 other sites on DO and 2 of them are using the same version of Trellis/Bedrock that I have used for this one but I am not getting emails from those.

Sorry I am unable to give you an answer but I hope some one can help us :slight_smile:

Was this ever figured out?

My cron from address is just “root (Cron Daemon)” and they all go into spam/junk folder.

Thanks,
Josh

1 Like

No, I’m afraid not. This was my first project with Cron Daemon

By default some system daemons, like cron send email from the hostname like this: root@mydroplet-ubuntu-s-1cpu-1gb-nyc3. To avoid blocked or spammed messages, configure sSMTP “revaliases” in trellis/roles/ssmtp/defaults/main.yml:

ssmtp_package: ssmtp
ssmtp_auth_method: LOGIN
ssmtp_from_override: 'Yes'
ssmtp_start_tls: 'Yes'
ssmtp_tls: 'Yes'
ssmtp_revaliases:
  - user: root
    from: root@example.com
    smtp_server: "{{ mail_smtp_server }}"
  - user: "{{ admin_user }}"
    from: admin@example.com
    smtp_server: "{{ mail_smtp_server }}"
  - user: "{{ web_user }}"
    from: web@example.com
    smtp_server: "{{ mail_smtp_server }}"

and deploy the mail tasks:

ansible-playbook server.yml -e env=production -K --tags mail

I’m not sure if the -K flag, which prompts for sudo password, is necessary. (UPDATE, it’s not).

This will populate a /etc/ssmtp/revaliases a file on the server.

There seems to be a step missing here, because even though the revaliases are configured on the server:

# Ansible managed
root:root@example.com:smtp.sendgrid.net:587
admin:admin@example.com:smtp.sendgrid.net:587
web:web@example.com:smtp.sendgrid.net:587

Mail is still sending with the server name:

Cron <root@example-ubuntu-s-1cpu-1gb-nyc3> cd /var/lib/letsencrypt && ./renew-certs.py && /usr/sbin/service nginx reload

I though maybe there is a sendmail or postfix service that needs to be restarted, but that doesn’t seem to be the case:

service --status-all
 [ - ]  acpid
 [ + ]  apparmor
 [ + ]  apport
 [ + ]  atd
 [ - ]  console-setup.sh
 [ + ]  cron
 [ - ]  cryptdisks
 [ - ]  cryptdisks-early
 [ + ]  dbus
 [ + ]  ebtables
 [ + ]  fail2ban
 [ + ]  ferm
 [ + ]  grub-common
 [ - ]  hwclock.sh
 [ - ]  irqbalance
 [ + ]  iscsid
 [ - ]  keyboard-setup.sh
 [ + ]  kmod
 [ - ]  lvm2
 [ + ]  lvm2-lvmetad
 [ + ]  lvm2-lvmpolld
 [ + ]  lxcfs
 [ - ]  lxd
 [ - ]  mdadm
 [ - ]  mdadm-waitidle
 [ + ]  memcached
 [ + ]  mysql
 [ + ]  nginx
 [ + ]  ntp
 [ - ]  open-iscsi
 [ - ]  open-vm-tools
 [ + ]  php7.3-fpm
 [ - ]  plymouth
 [ - ]  plymouth-log
 [ + ]  procps
 [ - ]  rsync
 [ + ]  rsyslog
 [ - ]  screen-cleanup
 [ + ]  ssh
 [ + ]  udev
 [ + ]  ufw
 [ + ]  unattended-upgrades
 [ - ]  uuidd

I think in this case I may need to restart the cron service, which would perhaps occur if the ansible command is updated to:

ansible-playbook server.yml -e env=production -K --tags mail,cron

(On the server it’s systemctl restart cron.)

Still struggling with cron email being rejected by my (gSuite managed) server.

Looks like correct config on /etc/ssmtp/ssmtp.conf:

root=me@my.org
AuthMethod=LOGIN
FromLineOverride=Yes
UseTLS=Yes
UseSTARTTLS=Yes
hostname=example.com
mailhub=smtp.sendgrid.net:587
AuthUser=apikey
AuthPass=SG.etcetc...

But cron is still sending emails without a from header: Cron <root@my-droplet-s-1vcpu-1gb-nyc1-01>.

Cron jobs are running as expected confirmed via: tail /var/log/syslog.

I’ve seen references on Stack Overflow to a MAILFROM config, which doesn’t seem to exist on Ubuntu 16.

Also found a crontest script that I haven’t quite figured out how to utilize yet.

Will keep poking at this and report back. Input, of course, welcome.

Hi @mZoo, I finally found a solution for CRON emails:

This an example of an email that CRON sends:

From: root (Cron Daemon)
To: web
Subject: Cron <web@model> cd /srv/www/model/current && wp core update --minor --quiet && wp core update-db --quiet
MIME-Version: 1.0...

Neither “From” nor “To” are valid emails and we need to fix the two.

STEP 1 - “To” email: We need to add a MAILTO in cron file. Add this task in trellis/roles/letsencrypt/tasks/main.yml:

- name: Setup MAILTO for cronjob for key generation
  cronvar:
    cron_file: letsencrypt-certificate-renewal
    name: MAILTO
    value: "{{ mail_admin }}"
    state: present

Note: I use mail_admin defined at trellis/group_vars/all/mail.yml to be notified, you can use other email address.

STEP 2 - “From” email: Cron also has a MAILFROM var but is not supported on ubuntu 18 :pensive:
The only solution I found it’s to override /usr/sbin/sendmail executable to perform a From: replacement. I have integrated it into trellis in the following way:

Add a template file trellis/roles/ssmtp/templates/sendmail.j2 with this content:

# {{ ansible_managed }}

sed "s/From: root (Cron Daemon)/From: Cron Daemon <cron@{{ mail_hostname }}>/" | /usr/sbin/ssmtp $*

Note: I use cron@{{ mail_hostname }} as email address, you can use other email address.

Add the task to override sedmail on trellis/roles/ssmtp/tasks/main.yml:

- name: sendmail override for CRON emails
  template:
    src: sendmail.j2
    dest: /usr/sbin/sendmail
    mode: 0777

Now, you need to provision your server again to apply changes.

I’d be happy to open an issue on trellis repo as @swalkinshaw pointed here but I’d like to get some feedback from other users first.

Great news.

Do you know if it’s supported on Ubuntu 20?

I look forward to giving this a spin. Thanks @pacotole.

I’m not sure but I don’t think so https://bugs.launchpad.net/ubuntu/+source/cron/+bug/1750051

Cool. So the workaround will remain relevant for longer. :slight_smile: