Module/mail1/list-user-mailboxes - Error

I try to setup a Mail-Relay an get this error:

Traceback (most recent call last):
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/urllib3/connectionpool.py”, line 787, in urlopen
response = self._make_request(
^^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/urllib3/connectionpool.py”, line 534, in _make_request
response = conn.getresponse()
^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/urllib3/connection.py”, line 565, in getresponse
httplib_response = super().getresponse()
^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3.11/http/client.py”, line 1374, in getresponse
response.begin()
File “/usr/lib/python3.11/http/client.py”, line 318, in begin
version, status, reason = self._read_status()
^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3.11/http/client.py”, line 287, in _read_status
raise RemoteDisconnected(“Remote end closed connection without”
http.client.RemoteDisconnected: Remote end closed connection without response

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/requests/adapters.py”, line 644, in send
resp = conn.urlopen(
^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/urllib3/connectionpool.py”, line 841, in urlopen
retries = retries.increment(
^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/urllib3/util/retry.py”, line 474, in increment
raise reraise(type(error), error, _stacktrace)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/urllib3/util/util.py”, line 38, in reraise
raise value.with_traceback(tb)
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/urllib3/connectionpool.py”, line 787, in urlopen
response = self._make_request(
^^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/urllib3/connectionpool.py”, line 534, in _make_request
response = conn.getresponse()
^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/urllib3/connection.py”, line 565, in getresponse
httplib_response = super().getresponse()
^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3.11/http/client.py”, line 1374, in getresponse
response.begin()
File “/usr/lib/python3.11/http/client.py”, line 318, in begin
version, status, reason = self._read_status()
^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3.11/http/client.py”, line 287, in _read_status
raise RemoteDisconnected(“Remote end closed connection without”
urllib3.exceptions.ProtocolError: (‘Connection aborted.’, RemoteDisconnected(‘Remote end closed connection without response’))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/home/mail1/.config/actions/list-user-mailboxes/10list_user_mailboxes”, line 16, in
rusers = mail.doveadm_query(“user”, {“userMask”:“*”})
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/home/mail1/.config/pypkg/mail.py”, line 275, in doveadm_query
oresp = requests.post(f"http://127.0.0.1:{dport}/doveadm/v1", json=req, headers={“Authorization”: "X-Dovecot-API " + atok}).json()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/requests/api.py”, line 115, in post
return request(“post”, url, data=data, json=json, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/requests/api.py”, line 59, in request
return session.request(method=method, url=url, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/requests/sessions.py”, line 589, in request
resp = self.send(prep, **send_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/requests/sessions.py”, line 703, in send
r = adapter.send(request, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/local/agent/pyenv/lib/python3.11/site-packages/requests/adapters.py”, line 659, in send
raise ConnectionError(err, request=request)
requests.exceptions.ConnectionError: (‘Connection aborted.’, RemoteDisconnected(‘Remote end closed connection without response’))

Let’s try the command on CLI:

api-cli run module/mail1/list-user-mailboxes

Are the services running?

[root@myserver ~]# runagent -m mail1 podman ps
CONTAINER ID  IMAGE                                  COMMAND     CREATED     STATUS      PORTS       NAMES
ef25575cd4c9  ghcr.io/nethserver/mail-clamav:1.7.4               2 days ago  Up 2 days               clamav
8d282beb1fcb  ghcr.io/nethserver/mail-rspamd:1.7.4               2 days ago  Up 2 days               rspamd
e3b75d395811  ghcr.io/nethserver/mail-postfix:1.7.4              2 days ago  Up 2 days               postfix
ebb459858280  ghcr.io/nethserver/mail-dovecot:1.7.4              2 days ago  Up 2 days               dovecot

root@apps:/home/support# api-cli run module/mail1/list-user-mailboxes
Traceback (most recent call last):
File “/home/mail1/.config/actions/list-user-mailboxes/10list_user_mailboxes”, line 16, in
rusers = mail.doveadm_query(“user”, {“userMask”:“*”})
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/home/mail1/.config/pypkg/mail.py”, line 277, in doveadm_query
raise DoveadmError(oresp)
mail.DoveadmError: [[‘error’, {‘type’: ‘exitCode’, ‘exitCode’: 65}, ‘user’]]
“”

Maybe related:

Do you use external Windows AD?

Does following command work?

runagent -m mail1 podman exec dovecot doveadm user -u administrator

Yes

root@apps:/home/support# runagent -m mail1 podman exec dovecot doveadm user -u administrator
Error: auth-master: userdb lookup(administrator): Auth USER lookup failed
Error: userdb lookup failed for administrator

I tried to reproduce the issue but here it works with an external Windows server 2025 AD.

Does it work to get the domain users? (adapt “ad.testdomain.com” to your AD domain)

api-cli run cluster/list-domain-users --data '{"domain":"ad.testdomain.com"}'

Maybe administrator is disabled or deleted? You may retry it with an existing enabled user.

{“users”: [{“user”: “Administrator”, “display_name”: “”, “locked”: false, “password_expiration”: -1, “expired”: false, “mail”: “”, “must_change”: false},

{“user”: “Gast”, “display_name”: “”, “locked”: true, “password_expiration”: -1, “expired”: false, “mail”: “”, “must_change”: true},

{“user”: “adminx”, “display_name”: “adminx”, “locked”: false, “password_expiration”: -1, “expired”: false, “mail”: “”, “must_change”: false},

{“user”: “apps”, “display_name”: “apps”, “locked”: false, “password_expiration”: -1, “expired”: false, “mail”: “”, “must_change”: false},

Does it help to use different ports for the LDAP connection to the Windows server?

Does it work when using a usermask?

runagent -m mail1 podman exec dovecot doveadm user -u "*"

Or does it work for another specific user?

runagent -m mail1 podman exec dovecot doveadm user -u adminx

Did you try to setup Relay rules or just IP-based relay?

Error: auth-master: userdb list: Request timed out
Fatal: user listing failed

Error: auth-master: userdb lookup(adminf): Auth USER lookup failed
Error: userdb lookup failed for adminx

Please try to add a new external user domain using a different port as explained here or here.

grafik1826×1659 54.1 KB

I can see the users and groups of the Windows Domain:

grafik295×184 2.07 KB

but I can test to use it with TLS…

Even if you can see the users, there could be problems with listing the user mailboxes.

It’s also explained in the manual:

Port: Specify the TCP port number of the remote LDAP service. Standard values are 389 for LDAP and 636 for LDAPS. However, with Active Directory, certain applications like Mail [2] may require setting LDAP port 3268 or LDAPS port 3269. This is because they do not support “LDAP subordinate referrals”.

Cool looks good, I used 3268… I will test it tomorrow in detail, thank you very much markus!