Re: [rt-users] RT mailgate

2017-02-13 Thread Thomas Bätzler 
Lorraine Johnson wrote:



*  I noticed that mails sent outside rt are not being delivered in the system. 
I think my RT- mailgate is not working.  Autopreply messages are also not being 
received.

*   

*  Kindly help if you have an  idea.

*   

*  thank you

 

You’ve got the function of rt-mailgate backwards – it’s only responsible for 
delivering mail to RT; not for sending it. There are many possible causes why 
mails supposedly sent by RT are not reaching their intended recipients.

 

Are you using the local mail system of the box you’re running RT on to deliver 
outgoing mail? If so, start by verifying that it is working as intended by 
sending mail from the command line. Check the local mail logs to see whether 
your mails are getting rejected. If your primary mail hub is on a different 
system and you’re using its mail domain, make sure that you’re not getting 
rejections because your RT box is not  listed as a trusted sender in your 
domain’s SPF policy.

 

 

MfG,

Thomas Bätzler

-- 

BRINGE Informationstechnik GmbH

Zur Seeplatte 12

D-76228 Karlsruhe

Germany

 

Fon: +49 721 94246-0

Fon: +49 171 5438457

Fax: +49 721 94246-66

Web: http://www.bringe.de/

 

Geschäftsführer: Dipl.-Ing. (FH) Martin Bringe

Ust.Id: DE812936645, HRB 108943 Mannheim



smime.p7s
Description: S/MIME cryptographic signature

[rt-users] RT mailgate

2017-02-13 Thread Lorraine Johnson 
Goodmorning all,

I noticed that mails sent outside rt are not being delivered in the system.
I think my RT- mailgate is not working.  Autopreply messages are also not
being received.

Kindly help if you have an  idea.

thank you

Re: [rt-users] rt-mailgate in lab environment stopped working

2017-02-07 Thread Cena, Stephen (ext. 300) 
Ok; I figured out what it is but I don't know why. 

"Time Management for System Administrators" - page 30 "Some general advice" - 
#7 - "The strangest problems often turn out to be misconfigured DNS."

If I use the IP address for the server versus the FQDN, tickets flow in 
perfectly. If I use the FQDN of the server, it breaks.

It's bizarre: DNS appears to be functioning properly  in the test environment, 
but clearly based on this discovery it isn't.

I'll consider this "solved" as this is more than likely my own d#mn fault.

Stephen Cena
Senior Systems Administrator 
Quality Vision International, Inc.
Phone: (585) 544-0450 x300
To notify helpdesk: http://helpdesk.ogp.qvii.com or email: hd-gene...@qvii.com
To report email issues: postmas...@qvii.com

[rt-users] rt-mailgate in lab environment stopped working

2017-02-07 Thread Cena, Stephen (ext. 300) 
Thomas - You are correct. It wouldn't be so bad if the RT site wasn't working. 
If I use the exact same address I use for the web server in the rt-mailgate 
scripts it fails. If I put that address into a web browser, I can use the 
system as expected. I'm trying to figure out what the "disconnect" is now 
between rt-mailgate and the server.


Well, that error message is pretty clear ? when fetchmail tries to spawn 
rt-mailgate, that process can?t connect to RT.

You should replace SERVER:80 in your fetchmailrc with the URL you?re using to 
connect  to RT in your browser.


HTH,

Thoomas

-- next part --

Re: [rt-users] rt-mailgate in lab environment stopped working

2017-02-03 Thread Thomas Bätzler 
Hi,

 

Stephen Cena asked:

*  I’ve been beating my head against this for days now and can’t figure this
out. I original had

*  (as much as possible) a clone of our production environment in a lab. I
reached a point

*  where I was forced to re-IP the lab environment which went well. Now,
rt-mailgate

*  simply doesn’t work. Outbound mail does work (postfix). If I use the
/etc/aliases file for

*  commands like I usually to, fetchmail attempts to contact an SMTP server
for local

*  delivery. If I actually embed the rt-mailgate command inside fetchmailrc
I now get

*  “http request failed: 500 can’t connect to SERVER:80. Web server logs may
have more

*  info”. I can’t find anything.

 

Well, that error message is pretty clear – when fetchmail tries to spawn
rt-mailgate, that process can’t connect to RT.

 

You should replace SERVER:80 in your fetchmailrc with the URL you’re using
to connect  to RT in your browser.

 

 

HTH,

Thoomas

 

 



smime.p7s
Description: S/MIME cryptographic signature

[rt-users] rt-mailgate in lab environment stopped working

2017-02-02 Thread Cena, Stephen (ext. 300) 
I've been beating my head against this for days now and can't figure this out. 
I original had (as much as possible) a clone of our production environment in a 
lab. I reached a point where I was forced to re-IP the lab environment which 
went well. Now, rt-mailgate simply doesn't work. Outbound mail does work 
(postfix). If I use the /etc/aliases file for commands like I usually to, 
fetchmail attempts to contact an SMTP server for local delivery. If I actually 
embed the rt-mailgate command inside fetchmailrc I now get "http request 
failed: 500 can't connect to SERVER:80. Web server logs may have more info". I 
can't find anything.

I've put in a new mail server to see if that was the issue, but I simply cannot 
get the lab server to pick up mail anymore. As far as I can tell, DNS is 
functioning properly. What am I missing?

Stephen Cena
Senior Systems Administrator
Quality Vision International, Inc.
Phone: (585) 544-0450 x300
To notify helpdesk: http://helpdesk.ogp.qvii.com or email: 
hd-gene...@qvii.com
To report email issues: postmas...@qvii.com

Re: [rt-users] rt-mailgate issues with 4.2.12 (Use of uninitialized value $NewSubject)

2016-02-10 Thread Poulter, Dale 
All,

It appears that the problem is even more widespread.  The system will not 
accept any email.  The errors appear to point to missing subjects and from 
addresses but the process worked before the upgrade.  ANY help will be 
appreciated.  I am out of ideas.


-Dale

From: Poulter, Dale
Sent: Tuesday, February 09, 2016 12:41 PM
To: rt-users@lists.bestpractical.com
Subject: rt-mailgate issues with 4.2.12 (Use of uninitialized value $NewSubject)

We upgraded to 4.2.12 and everything looked ok.  However,  we are now unable to 
submit tickets via email using rt-mailgate. I have seen many posts but none of 
the proposed solutions seem to work.  We are using the same command as we did 
in 3.8.7 for sendmail .  Here is our setup.

Perl: 5.16.3
Rt-mailgate is using sendmail

testemail: "|/apps/rt4/bin/rt-mailgate  \
  --queue 'General' --action correspond \
  --url https://requesttracker.edu/ --no-verify-ssl"

In RT_SiteConfig.pm
Set($WebFallbackToRTLogin, "true");
Set($WebRemoteUserAutocreate, 1);


Error:
Command line  : not ok - Could not load a valid user

RT debug log; [20557] [Tue Feb  9 18:36:23 2016] [warning]: Use of 
uninitialized value $NewSubject in scalar chomp at 
/apps/rt4/sbin/../lib/RT/Interface/Email.pm line 1374. 
(/apps/rt4/sbin/../lib/RT/Interface/Email.pm:1374)
[20557] [Tue Feb  9 18:36:23 2016] [error]: Couldn't parse or find sender's 
address (/apps/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:74)
[20557] [Tue Feb  9 18:36:23 2016] [error]: Could not record email: Could not 
load a valid user (/apps/rt4/share/html/REST/1.0/NoAuth/mail-gateway:75)







--Dale

---
Dale Poulter
Coordinator, Search and Core Services
Library Digital Services
Vanderbilt University
419 21st Avenue South, Room 812
Nashville, TN  37203-2427
(615)343-5388
(615)207-9705 (cell)
dale.poul...@vanderbilt.edu


-
RT 4.4 and RTIR Training Sessions 
(http://bestpractical.com/services/training.html)
* Hamburg Germany — March 14 & 15, 2016

[rt-users] rt-mailgate issues with 4.2.12 (Use of uninitialized value $NewSubject)

2016-02-09 Thread Poulter, Dale 
We upgraded to 4.2.12 and everything looked ok.  However,  we are now unable to 
submit tickets via email using rt-mailgate. I have seen many posts but none of 
the proposed solutions seem to work.  We are using the same command as we did 
in 3.8.7 for sendmail .  Here is our setup.

Perl: 5.16.3
Rt-mailgate is using sendmail

testemail: "|/apps/rt4/bin/rt-mailgate  \
  --queue 'General' --action correspond \
  --url https://requesttracker.edu/ --no-verify-ssl"

In RT_SiteConfig.pm
Set($WebFallbackToRTLogin, "true");
Set($WebRemoteUserAutocreate, 1);


Error:
Command line  : not ok - Could not load a valid user

RT debug log; [20557] [Tue Feb  9 18:36:23 2016] [warning]: Use of 
uninitialized value $NewSubject in scalar chomp at 
/apps/rt4/sbin/../lib/RT/Interface/Email.pm line 1374. 
(/apps/rt4/sbin/../lib/RT/Interface/Email.pm:1374)
[20557] [Tue Feb  9 18:36:23 2016] [error]: Couldn't parse or find sender's 
address (/apps/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:74)
[20557] [Tue Feb  9 18:36:23 2016] [error]: Could not record email: Could not 
load a valid user (/apps/rt4/share/html/REST/1.0/NoAuth/mail-gateway:75)







--Dale

---
Dale Poulter
Coordinator, Search and Core Services
Library Digital Services
Vanderbilt University
419 21st Avenue South, Room 812
Nashville, TN  37203-2427
(615)343-5388
(615)207-9705 (cell)
dale.poul...@vanderbilt.edu


-
RT 4.4 and RTIR Training Sessions 
(http://bestpractical.com/services/training.html)
* Hamburg Germany — March 14 & 15, 2016

Re: [rt-users] rt-mailgate needs http for comment

2015-09-06 Thread Joseph D. Wagner 
Figured it out.  I created a catch-all address in virtusertable. Unknown 
to me, virtusertable gets processed before aliases, so it was hitting 
the catch-all and never made it to aliases.


Joseph D. Wagner

On 09/06/2015 12:13 PM, Alex Vandiver wrote:

On Sun, Sep 06, 2015 at 12:31:28AM -0700, Joseph D. Wagner wrote:

Here it is.  I left everything intact except the url.
[snip]

Those look fine.  Double-check that you have not multiply-defined
prc-staff elsewhere in aliases, and that you've run `newaliases`.
Short of that, my only suggestion is to turn on bug logging in your
MTA -- I can say with certainty that rt-mailgate doesn't deal
differently with correspond vs comment and http/https connections.
  - Alex

Re: [rt-users] rt-mailgate needs http for comment

2015-09-06 Thread Joseph D. Wagner 
Ok, I'm inching closer.  I found out that it works if I run it from the 
command line, but not when sendmail fires it off.  (This probably gave 
me the false sense that it worked by switching to HTTP.)


I turned on debug level logging in RT.  It logged a bunch of stuff when 
run from the command line, but it didn't log anything when sendmail did it.


Joseph D. Wagner

Re: [rt-users] rt-mailgate needs http for comment

2015-09-06 Thread Alex Vandiver 
On Sun, Sep 06, 2015 at 12:31:28AM -0700, Joseph D. Wagner wrote:
> Here it is.  I left everything intact except the url.
> [snip]

Those look fine.  Double-check that you have not multiply-defined
prc-staff elsewhere in aliases, and that you've run `newaliases`.
Short of that, my only suggestion is to turn on bug logging in your
MTA -- I can say with certainty that rt-mailgate doesn't deal
differently with correspond vs comment and http/https connections.
 - Alex

Re: [rt-users] rt-mailgate needs http for comment

2015-09-06 Thread Joseph D. Wagner 

Here it is.  I left everything intact except the url.

prc:"|/usr/bin/rt-mailgate --queue 'Performance Review' 
--action correspond --url https://./rt";
prc-staff:  "|/usr/bin/rt-mailgate --queue 'Performance Review' 
--action comment--url https://./rt";


Joe

On 09/05/2015 11:32 PM, Alex Vandiver wrote:

On Sat, Sep 05, 2015 at 11:22:48PM -0700, Joseph D. Wagner wrote:

I had apache set to allow rt over https only.  Trying over http would fail.

rt-mailgate was working perfectly fine over https when using
"--action correspond".  However, when using "--action comment", it
fails saying it is unable to connect.

When I changed my apache configuration to allow http on local
connections, it started working.

I suspect there is some code in the comment path of rt-mailgate that
is forcing it over the http connection, rather than properly
deriving the connection from the url parameter.

Being new to rt, I am open to the possibility I misconfigured
something.  Is anyone else able to reproduce this?

I strongly suspect misconfiguration in your /etc/aliases.  The only
difference between correspond and comment paths is the value of a
query parameter that they POST:

 
https://github.com/bestpractical/rt/blob/stable/bin/rt-mailgate.in#L168-L170

Check to make sure that you have https:// on all of your aliases, and
that you've run newaliases (or equivalent) after updating them.
  - Alex

Re: [rt-users] rt-mailgate needs http for comment

2015-09-05 Thread Alex Vandiver 
On Sat, Sep 05, 2015 at 11:22:48PM -0700, Joseph D. Wagner wrote:
> I had apache set to allow rt over https only.  Trying over http would fail.
> 
> rt-mailgate was working perfectly fine over https when using
> "--action correspond".  However, when using "--action comment", it
> fails saying it is unable to connect.
>
> When I changed my apache configuration to allow http on local
> connections, it started working.
> 
> I suspect there is some code in the comment path of rt-mailgate that
> is forcing it over the http connection, rather than properly
> deriving the connection from the url parameter.
> 
> Being new to rt, I am open to the possibility I misconfigured
> something.  Is anyone else able to reproduce this?

I strongly suspect misconfiguration in your /etc/aliases.  The only
difference between correspond and comment paths is the value of a
query parameter that they POST:

https://github.com/bestpractical/rt/blob/stable/bin/rt-mailgate.in#L168-L170

Check to make sure that you have https:// on all of your aliases, and
that you've run newaliases (or equivalent) after updating them.
 - Alex

[rt-users] rt-mailgate needs http for comment

2015-09-05 Thread Joseph D. Wagner 

I had apache set to allow rt over https only.  Trying over http would fail.

rt-mailgate was working perfectly fine over https when using "--action 
correspond".  However, when using "--action comment", it fails saying it 
is unable to connect.


When I changed my apache configuration to allow http on local 
connections, it started working.


I suspect there is some code in the comment path of rt-mailgate that is 
forcing it over the http connection, rather than properly deriving the 
connection from the url parameter.


Being new to rt, I am open to the possibility I misconfigured 
something.  Is anyone else able to reproduce this?


Joseph D. Wagner

Re: [rt-users] rt-mailgate: Permission denied

2015-06-16 Thread Jeff Melton 

I figured this out. I was using this project as an opportunity to try out 
plenv, but used /root/.plenv to set global Perl. When we set /root +x, it 
started working. Now I just need to figure out how best to fix it long-term.

Thanks, all.

On Tue, Jun 16, 2015 at 12:39:15PM -0700, Aaron C. de Bruyn wrote:

AppArmor?  (Or is that just Ubuntu?)

Also, is the postfix process running in a chroot?
Check /etc/postfix/master.cf to see if the service that is doing the
rt-mailgate delivery has a 'y' in the chroot column.

-A

On Tue, Jun 16, 2015 at 12:29 PM, Jeff Melton  wrote:

It's Debian Wheezy. No SELinux in this case.


On Tue, Jun 16, 2015 at 09:25:02PM +0200, Joop wrote:


On 16-6-2015 17:33, Jeff Melton wrote:


I'm setting up a new RT server, and I'm having some trouble getting
rt-mailgate to accept email piped from postfix.
`Command output: local: fatal: execvp /opt/rt4/bin/rt-mailgate:
Permission denied`


You don't state which OS you're using but if you're using CentOS/Rhel
base/derived you could be facing a SELinux problem. Check
/var/log/messages /var/log/audit or see what happens if you run
setenforce 0.

Regards,

Joop

Re: [rt-users] rt-mailgate: Permission denied

2015-06-16 Thread Jeff Melton 

It is chrooted, but when I s/-/n for all the chrooted processes in master.cf 
and restarted postfix, it didn't make any difference. I just swapped the 
original master.cf back in.

I'll update to add that my aliases were quoted incorrectly to begin with, and 
having changed that, the full error output now reads:

Command died with status 126: "/opt/rt4/bin/rt-mailgate --queue 'Network 
Support' --action correspond --url http://rt.ifworld.com";. Command output: sh: 1: 
/opt/rt4/bin/rt-mailgate: Permission denied

On Tue, Jun 16, 2015 at 12:39:15PM -0700, Aaron C. de Bruyn wrote:

AppArmor?  (Or is that just Ubuntu?)

Also, is the postfix process running in a chroot?
Check /etc/postfix/master.cf to see if the service that is doing the
rt-mailgate delivery has a 'y' in the chroot column.

-A

On Tue, Jun 16, 2015 at 12:29 PM, Jeff Melton  wrote:

It's Debian Wheezy. No SELinux in this case.


On Tue, Jun 16, 2015 at 09:25:02PM +0200, Joop wrote:


On 16-6-2015 17:33, Jeff Melton wrote:


I'm setting up a new RT server, and I'm having some trouble getting
rt-mailgate to accept email piped from postfix.
`Command output: local: fatal: execvp /opt/rt4/bin/rt-mailgate:
Permission denied`


You don't state which OS you're using but if you're using CentOS/Rhel
base/derived you could be facing a SELinux problem. Check
/var/log/messages /var/log/audit or see what happens if you run
setenforce 0.

Regards,

Joop

Re: [rt-users] rt-mailgate: Permission denied

2015-06-16 Thread Aaron C. de Bruyn 
AppArmor?  (Or is that just Ubuntu?)

Also, is the postfix process running in a chroot?
Check /etc/postfix/master.cf to see if the service that is doing the
rt-mailgate delivery has a 'y' in the chroot column.

-A

On Tue, Jun 16, 2015 at 12:29 PM, Jeff Melton  wrote:
> It's Debian Wheezy. No SELinux in this case.
>
>
> On Tue, Jun 16, 2015 at 09:25:02PM +0200, Joop wrote:
>>
>> On 16-6-2015 17:33, Jeff Melton wrote:
>>>
>>> I'm setting up a new RT server, and I'm having some trouble getting
>>> rt-mailgate to accept email piped from postfix.
>>> `Command output: local: fatal: execvp /opt/rt4/bin/rt-mailgate:
>>> Permission denied`
>>>
>> You don't state which OS you're using but if you're using CentOS/Rhel
>> base/derived you could be facing a SELinux problem. Check
>> /var/log/messages /var/log/audit or see what happens if you run
>> setenforce 0.
>>
>> Regards,
>>
>> Joop
>>
>

Re: [rt-users] rt-mailgate: Permission denied

2015-06-16 Thread Jeff Melton 

It's Debian Wheezy. No SELinux in this case.

On Tue, Jun 16, 2015 at 09:25:02PM +0200, Joop wrote:

On 16-6-2015 17:33, Jeff Melton wrote:

I'm setting up a new RT server, and I'm having some trouble getting
rt-mailgate to accept email piped from postfix.
`Command output: local: fatal: execvp /opt/rt4/bin/rt-mailgate:
Permission denied`


You don't state which OS you're using but if you're using CentOS/Rhel
base/derived you could be facing a SELinux problem. Check
/var/log/messages /var/log/audit or see what happens if you run
setenforce 0.

Regards,

Joop

Re: [rt-users] rt-mailgate: Permission denied

2015-06-16 Thread Joop 
On 16-6-2015 17:33, Jeff Melton wrote:
> I'm setting up a new RT server, and I'm having some trouble getting
> rt-mailgate to accept email piped from postfix.
> `Command output: local: fatal: execvp /opt/rt4/bin/rt-mailgate:
> Permission denied`
>
You don't state which OS you're using but if you're using CentOS/Rhel
base/derived you could be facing a SELinux problem. Check
/var/log/messages /var/log/audit or see what happens if you run
setenforce 0.

Regards,

Joop

Re: [rt-users] rt-mailgate: Permission denied

2015-06-16 Thread Jeff Melton 

On Tue, Jun 16, 2015 at 11:54:52AM -0400, Matt Brennan wrote:

On my system, the application is world executable. I don't recall if that's
the default or I changed it. I'm sure someone here will say that's a bad
idea, security wise.

At a minimum, it needs to be executable by whatever user ID postfix is
running as. If you want to lock down the executable, you'd need to check
what user ID you have postfix running as and set the group to one which
contains that user ID (you'd also need to make sure it's group executable).


Thanks! The whole of /opt/rt4 is 755 right now, with everything executed by 
root. The postfix master process is owned by root; qmgr and pickup are owned by 
postfix. /opt/rt4 is root:www-data right now, but I've tried it root:root as 
well. I've tried adding the postfix user to the root and www-data groups, and 
that has no effect.



On Tue, Jun 16, 2015 at 11:33 AM, Jeff Melton  wrote:


I'm setting up a new RT server, and I'm having some trouble getting
rt-mailgate to accept email piped from postfix.
`Command output: local: fatal: execvp /opt/rt4/bin/rt-mailgate:
Permission denied`

Best I can tell, it's likely to be a permissions issue. What owner, group
and mode should RT be using? Are there any other gotchas I need to be
looking at? (I've configured role, group and user permissions in the RT
GUI.)

JM

Re: [rt-users] rt-mailgate: Permission denied

2015-06-16 Thread Matt Brennan 
On my system, the application is world executable. I don't recall if that's
the default or I changed it. I'm sure someone here will say that's a bad
idea, security wise.

At a minimum, it needs to be executable by whatever user ID postfix is
running as. If you want to lock down the executable, you'd need to check
what user ID you have postfix running as and set the group to one which
contains that user ID (you'd also need to make sure it's group executable).


On Tue, Jun 16, 2015 at 11:33 AM, Jeff Melton  wrote:

> I'm setting up a new RT server, and I'm having some trouble getting
> rt-mailgate to accept email piped from postfix.
> `Command output: local: fatal: execvp /opt/rt4/bin/rt-mailgate:
> Permission denied`
>
> Best I can tell, it's likely to be a permissions issue. What owner, group
> and mode should RT be using? Are there any other gotchas I need to be
> looking at? (I've configured role, group and user permissions in the RT
> GUI.)
>
> JM
>

[rt-users] rt-mailgate: Permission denied

2015-06-16 Thread Jeff Melton 
I'm setting up a new RT server, and I'm having some trouble getting rt-mailgate to accept email piped from postfix. 


`Command output: local: fatal: execvp /opt/rt4/bin/rt-mailgate: 
Permission denied`

Best I can tell, it's likely to be a permissions issue. What owner, group and 
mode should RT be using? Are there any other gotchas I need to be looking at? 
(I've configured role, group and user permissions in the RT GUI.)

JM

Re: [rt-users] rt-mailgate ignoring --no-verify-ssl?

2015-05-01 Thread Aaron C. de Bruyn 
Fixed it.  Apparently --no-verify-ssl only deals with the hostname on
the certificate.

I added the following to the 'use' section at the top of rt-mailgate:

use IO::Socket::SSL;

and then in the get_useragent function, I added the following ssl_opts line:

$ua->ssl_opts( SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE );

Now my legitimately signed wildcard cert (*.mydomain.tld) doesn't
error out because of a bad hostname, or an untrusted cert in the
middle of the chain.

-A



On Wed, Apr 29, 2015 at 9:01 PM, Aaron C. de Bruyn  wrote:
> Mailgate has been driving me nuts.  I downloaded 4.2.10 and set it up
> on a bright, shiny new server.
>
> I'm running fetchmail on my RT box using the following to send tickets to RT:
>
> poll mail.mydomain.tld with protocol pop3
>username engineering password -redacted- mda
> "/opt/rt4/bin/rt-mailgate --no-verify-ssl --queue engineering --action
> correspond --url https://tickets.mydomain.tld --debug"
>
> Fetchmail complains about the MDA erroring out.  Increasing fetchmail
> debugging shows:
>
> fetchmail: about to deliver with: /opt/rt4/bin/rt-mailgate
> --no-verify-ssl --queue engineering --action correspond --url
> https://tickets.mydomain.tld/ --debug
> #***/opt/rt4/bin/rt-mailgate: temp file is '/tmp/Ax6Or2dgc1/23FBulXCfc'
> /opt/rt4/bin/rt-mailgate: connecting to
> https://tickets.mydomain.tld//REST/1.0/NoAuth/mail-gateway
> HTTP request failed: 500 Can't connect to tickets.mydomain.tld:443
> (certificate verify failed). Your webserver logs may have more
> information or there may be a network problem.
>
> /opt/rt4/bin/rt-mailgate: undefined server error
> fetchmail: MDA returned nonzero status 75
>  not flushed
> fetchmail: POP3> QUIT
>
>
> I even get an SSL error when running from the command line:
>
> root@tickets:/opt# /opt/rt4/bin/rt-mailgate --no-verify-ssl --queue
> engineering --action correspond --url https://tickets.mydomain.tld/
> --debug
> test 
> /opt/rt4/bin/rt-mailgate: temp file is '/tmp/9vlYhx9C9X/kI4IQo0RRw'
> /opt/rt4/bin/rt-mailgate: connecting to
> https://tickets.mydomain.tld//REST/1.0/NoAuth/mail-gateway
> HTTP request failed: 500 Can't connect to tickets.mydomain.tld:443
> (certificate verify failed). Your webserver logs may have more
> information or there may be a network problem.
>
> /opt/rt4/bin/rt-mailgate: undefined server error
> root@tickets:/opt#
>
> It's acting like it's ignoring --no-verify-ssl.
>
> Am I missing something?
>
> Thanks,
>
> -A

[rt-users] rt-mailgate ignoring --no-verify-ssl?

2015-04-29 Thread Aaron C. de Bruyn 
Mailgate has been driving me nuts.  I downloaded 4.2.10 and set it up
on a bright, shiny new server.

I'm running fetchmail on my RT box using the following to send tickets to RT:

poll mail.mydomain.tld with protocol pop3
   username engineering password -redacted- mda
"/opt/rt4/bin/rt-mailgate --no-verify-ssl --queue engineering --action
correspond --url https://tickets.mydomain.tld --debug"

Fetchmail complains about the MDA erroring out.  Increasing fetchmail
debugging shows:

fetchmail: about to deliver with: /opt/rt4/bin/rt-mailgate
--no-verify-ssl --queue engineering --action correspond --url
https://tickets.mydomain.tld/ --debug
#***/opt/rt4/bin/rt-mailgate: temp file is '/tmp/Ax6Or2dgc1/23FBulXCfc'
/opt/rt4/bin/rt-mailgate: connecting to
https://tickets.mydomain.tld//REST/1.0/NoAuth/mail-gateway
HTTP request failed: 500 Can't connect to tickets.mydomain.tld:443
(certificate verify failed). Your webserver logs may have more
information or there may be a network problem.

/opt/rt4/bin/rt-mailgate: undefined server error
fetchmail: MDA returned nonzero status 75
 not flushed
fetchmail: POP3> QUIT


I even get an SSL error when running from the command line:

root@tickets:/opt# /opt/rt4/bin/rt-mailgate --no-verify-ssl --queue
engineering --action correspond --url https://tickets.mydomain.tld/
--debug
test 
/opt/rt4/bin/rt-mailgate: temp file is '/tmp/9vlYhx9C9X/kI4IQo0RRw'
/opt/rt4/bin/rt-mailgate: connecting to
https://tickets.mydomain.tld//REST/1.0/NoAuth/mail-gateway
HTTP request failed: 500 Can't connect to tickets.mydomain.tld:443
(certificate verify failed). Your webserver logs may have more
information or there may be a network problem.

/opt/rt4/bin/rt-mailgate: undefined server error
root@tickets:/opt#

It's acting like it's ignoring --no-verify-ssl.

Am I missing something?

Thanks,

-A

Re: [rt-users] RT-Mailgate timeout error after upgrade to 4.2.6

2014-08-11 Thread Kevin Falcone 
On Wed, Aug 06, 2014 at 09:44:40PM +, Richards, Matthew E ERDC-RDE-CERL-IL 
wrote:
> > If you're going to the localhost, I'm not actually sure why you're
> > involving SSL, but that's a separate issue.
> 
> Actually, that was the issue. You're right, there's no need to use SSL
> with localhost. We have a rewrite from 80 to 443 for all interfaces
> and it always forces us to use https. I guess we could have created a
> non-SSL site just for localhost. The DoD has its own root CA that we
> added in a ca_file, but I think it's very slow and was causing the
> timeouts. I changed the rt-mailgate get_useragent to "$ua-
> >ssl_opts(SSL_verify_mode => 'SSL_VERIFY_NONE');" and that solved the
> issue. It's a temporary fix until we create a locahost:80 binding. I
> don't like maintaining custom source. Thanks for all the help.

If you don't want to verify, why not just use the flag?

$ ./bin/rt-mailgate --help | grep verify
   "--ca-file" or "--no-verify-ssl", below.
   authority that should be used to verify the website's SSL certificate.
   preferentially use this option over "--no-verify-ssl", as it will
"--no-verify-ssl"

-kevin


pgpEGC686EGKR.pgp
Description: PGP signature
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] RT-Mailgate timeout error after upgrade to 4.2.6

2014-08-06 Thread Richards, Matthew E ERDC-RDE-CERL-IL 
> If you're going to the localhost, I'm not actually sure why you're
> involving SSL, but that's a separate issue.

Actually, that was the issue.  You're right, there's no need to use SSL with 
localhost.  We have a rewrite from 80 to 443 for all interfaces and it always 
forces us to use https.  I guess we could have created a non-SSL site just for 
localhost.  The DoD has its own root CA that we added in a ca_file, but I think 
it's very slow and was causing the timeouts.  I changed the rt-mailgate 
get_useragent to "$ua->ssl_opts(SSL_verify_mode => 'SSL_VERIFY_NONE');" and 
that solved the issue.  It's a temporary fix until we create a locahost:80 
binding.  I don't like maintaining custom source.  Thanks for all the help.

Matt
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] RT-Mailgate timeout error after upgrade to 4.2.6

2014-08-06 Thread Kevin Falcone 
On Mon, Aug 04, 2014 at 08:29:02PM +, Richards, Matthew E ERDC-RDE-CERL-IL 
wrote:
> 443 is listening on localhost. As you suggested, we tried curl from
> the localhost with both the FQDN and localhost URLs. We had limited
> success (without any message content), but it still fails with rt-
> mailgate. I suspect we need some content to test it further with curl.
> Do you have a sample curl command line with post params for testing?

Just run rt-mailgate by hand, handing it a correctly formatted
message and the --debug setting. If it works sporadically, you have some
serious problem with your webserver config.

If you're going to the localhost, I'm not actually sure why you're
involving SSL, but that's a separate issue.

-kevin



pgpY5fR35cHTa.pgp
Description: PGP signature
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] RT-Mailgate timeout error after upgrade to 4.2.6

2014-08-04 Thread Richards, Matthew E ERDC-RDE-CERL-IL 
Hi Kevin,

Thank you for the reply.  

>  Are you actually listening with SSL on localhost?  Is your webserver
>  configured to listen and allow that through to RT?

443 is listening on localhost.  As you suggested, we tried curl from the 
localhost with both the FQDN and localhost URLs.  We had limited success 
(without any message content), but it still fails with rt-mailgate.  I suspect 
we need some content to test it further with curl.  Do you have a sample curl 
command line with post params for testing?

user@rt:~$ curl -I 
https://rt.fully.qualified.domain.name/REST/1.0/NoAuth/mail-gateway
HTTP/1.1 200 OK
Date: Mon, 04 Aug 2014 17:09:29 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8

user@rt:~$ curl -I https://localhost/REST/1.0/NoAuth/mail-gateway
HTTP/1.1 200 OK
Date: Mon, 04 Aug 2014 17:10:29 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8

Running rt-mailgate with fetchmail:

2 messages for RTUSER at hostmaster.fully.qualified.domain.name (36925 octets).
fetchmail: POP3> LIST 1
fetchmail: POP3< +OK 1 34826
fetchmail: POP3> TOP 1 
fetchmail: POP3< +OK
reading message rtu...@hostmaster.fully.qualified.domain.name:1 of 2 (34826 
octets) 
#**.***..*.*.*.*.*.*.*.**.*.*.*.*.*.*.*.**.*.*.*.*.*.*.*.**.*.*.*.*.*.*.**.*.*.*.*.*/opt/rt4/bin/rt-mailgate:
 temp file is '/tmp/63WuokOupY/OIpKtEaLCc'
/opt/rt4/bin/rt-mailgate: connecting to https://rt.fully.qualified.domain.name 
/REST/1.0/NoAuth/mail-gateway
HTTP request failed: 500 Can't connect to rt.fully.qualified.domain.name:443. 
Your webserver logs may have more information or there may be a network problem.

/opt/rt4/bin/rt-mailgate: undefined server error
fetchmail: MDA returned nonzero status 75
 not flushed
fetchmail: POP3> LIST 2
fetchmail: POP3< +OK 2 2099
fetchmail: POP3> TOP 2 
fetchmail: POP3< +OK


Again, when we added some additional debugging messages and the actual error is:
LWP::Protocol::https::Socket: Timeout at /usr/share/perl5/LWP/Protocol/http.pm 
line 41.

-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] RT-Mailgate timeout error after upgrade to 4.2.6

2014-08-04 Thread Kevin Falcone 
On Thu, Jul 31, 2014 at 09:03:16PM +, Richards, Matthew E ERDC-RDE-CERL-IL 
wrote:
> I increased the timeout from 180 to 750 added extra debugging to the code to
> get more information.  I replaced our URL with localhost for security:

Are you actually listening with SSL on localhost?  Is your webserver
configured to listen and allow that through to RT?


> see an entry in the access.log.  Fiddler gives us the same error (504 - 
> Gateway
> Timeout Error).  If I execute consecutive posts very quickly in Fiddler, after
> about seven 504 errors, I finally get a string of 200 (success) responses and
> some entries in the rt.log file to indicate it couldn’t find a valid user
> (because I didn’t supply one).  If I let it set for a minute, I get the 504
> errors again.

Is fiddler running on the machine connecting to localhost or somewhere
else?  It's a much more relevant test to use something like curl to
connect to localhost with the same arguments as rt-mailgate.

rt-mailgate isn't doing anything complicated, and if RT isn't logging
anything in debug mode, then normally this means your webserver is
bound only to the external hostname.

-kevin


pgpSxy8xFKVHk.pgp
Description: PGP signature
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

[rt-users] RT-Mailgate timeout error after upgrade to 4.2.6

2014-07-31 Thread Richards, Matthew E ERDC-RDE-CERL-IL 
We are fighting an issue after updating RT from 4.2.3 to 4.2.6 and rt-mailgate. 
 We also updated our OS to Ubuntu 14.04.  Everything seems to be working in RT 
except rt-mailgate.  I've isolated it to an LWP::Protocol::https::Socket: 
Timeout error returned from the post to the RESTful service: my $r = $ua->post( 
$full_url, $post_params, Content_Type => 'form-data' );

I increased the timeout from 180 to 750 added extra debugging to the code to 
get more information.  I replaced our URL with localhost for security:

/opt/rt4/bin/rt-mailgate: connecting to 
https://localhost/REST/1.0/NoAuth/mail-gateway
ua->timeout: 750
ua->post full_url: https://localhost/REST/1.0/NoAuth/mail-gateway
ua->post post_params: HASH(0x149a6d0)
r->content : Can't connect to localhost:443

LWP::Protocol::https::Socket: Timeout at /usr/share/perl5/LWP/Protocol/http.pm 
line 41.

HTTP request failed: 500 Can't connect to localhost:443. Your webserver logs 
may have more information or there may be a network problem.

/opt/rt4/bin/rt-mailgate: undefined server error
fetchmail: MDA returned nonzero status 75
not flushed

There are no log entries in the apache error.log.  We have Set($LogToFile , 
'debug'); and did see one error that we corrected (a missing $RTAddressRegexp 
configuration).  There are no other errors in the rt.log file.   I don't even 
see an entry in the access.log.  Fiddler gives us the same error (504 - Gateway 
Timeout Error).  If I execute consecutive posts very quickly in Fiddler, after 
about seven 504 errors, I finally get a string of 200 (success) responses and 
some entries in the rt.log file to indicate it couldn't find a valid user 
(because I didn't supply one).  If I let it set for a minute, I get the 504 
errors again.

Thank you for any help,

Matthew E. Richards

-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] rt-mailgate error

2014-07-18 Thread Dan Mcqueen 
That was the tip I needed, I had a trailing /rt/, which was incorrect, on
on my mailgate --url

   Thanks!


On Fri, Jul 18, 2014 at 2:37 PM, Alex Vandiver 
wrote:

> On 07/18/2014 05:23 PM, Dan Mcqueen wrote:
> > Hi rt-users
> >
> > I am trying to install rt 4.2.6 and I am getting this error when I send
> > email to rt-mailgate.
> > I am using
> >
> >  centos 6.5
> >  postfix
> >  rt 4.2.6 with smime enabled
> >  https
> >
> > Can anyone help point me to what might be wrong?
>
> What aliases line are you using?  That is, how are you calling rt-mailgate?
>  - Alex
>
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] rt-mailgate error

2014-07-18 Thread Alex Vandiver 
On 07/18/2014 05:23 PM, Dan Mcqueen wrote:
> Hi rt-users
> 
> I am trying to install rt 4.2.6 and I am getting this error when I send
> email to rt-mailgate.
> I am using
> 
>  centos 6.5
>  postfix
>  rt 4.2.6 with smime enabled
>  https
> 
> Can anyone help point me to what might be wrong?

What aliases line are you using?  That is, how are you calling rt-mailgate?
 - Alex
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

[rt-users] rt-mailgate error

2014-07-18 Thread Dan Mcqueen 
Hi rt-users

I am trying to install rt 4.2.6 and I am getting this error when I send
email to rt-mailgate.
I am using

 centos 6.5
 postfix
 rt 4.2.6 with smime enabled
 https

Can anyone help point me to what might be wrong?

   Thanks,
-Dan

(temporary failure. Command output: RT server error.  The RT server which
handled your email did not behave as expected. It said:   
Login  
 window.RT = {}; RT.CurrentUser = {}; RT.Config  =
{"WebPath":"","MessageBoxRichTextHeight":200,"rtname":"rt-de.mars.com"};
RT.I18N = {}; RT.I18N.Catalog = {"quote_in_filename":"Filenames with double
quotes can not be uploaded."}; 
   
if (window.top !== window.self) { document.write = "";
window.top.location = window.self.location;  setTimeout(function(){
document.body.innerHTML = ""; }, 1);  window.self.onload =
function(){ document.body.innerHTML = ""; }; } 
  http://bestpractical.com";> RT for rt-de.mars.com
 Skip
Menu |  Not logged in.
   Login Login 4.2.6
   Username: Password:   jQuery(function(){ if (window.location.hash) {
var form = jQuery("form[name=login]"); form.attr('action',
form.attr('action') + '#' + window.location.hash.replace(/^#/, '')); }
});

 
  Time to display: 0.017673   »|« RT 4.2.6 Copyright 1996-2014 http://www.bestpractical.com?rt=4.2.6
">Best Practical Solutions,
LLC.Distributed under http://www.gnu.org/licenses/gpl-2.0.html";>version 2 of the GNU GPL.To inquire about support, training, custom development or licensing,
please contact mailto:sa...@bestpractical.com";>
sa...@bestpractical.com. )
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] RT-mailgate question

2014-07-08 Thread Yavor Marinov 
Thanks Alex - it worked.

ps: excuse my previous mail since i mistaken your name

BR

On 7/8/2014 2:01 PM, Alex Peters wrote:
> A list of useful template snippets can be found on the wiki:
>
> http://requesttracker.wikia.com/wiki/TemplateSnippets#People
>
> It seems that you would get the desired information by adding this to
> the appropriate templates:
>
> { $Transaction->CreatorObj->Name }
>
> In your case, you probably want to add this to the Admin
> Correspondence, Admin Comment and Transaction templates.
>
>
> On 8 July 2014 18:02, Yavor Marinov  > wrote:
>
> Thanks for your time Peter.
>
> Currently in the received mail i need to add the username which
> took action over the ticket, nothing more
>
>
> On 7/8/2014 3:26 AM, Alex Peters wrote:
>>
>> From your description, it seems that the managers are currently
>> watching the ticket as AdminCCs.
>>
>> Can you please give an example of the information that you need
>> in the emails that are sent to the managers?
>>
>> The emails already show the name and email address of the person
>> adding correspondence to the ticket.  Ticket owner information is
>> already emailed when owner change occurs.
>>
>> On 08/07/2014 1:03 am, "Yavor Marinov" > > wrote:
>>
>> hey guys,
>>
>> i have again (probably) silly question. Is there any chance
>> when using
>> RT web interface, when replying the rt-mailgate to attach the
>> username
>> who did the action. Now, when replying to a ticket, via email
>> we receive
>> only the actual information written by user plus link to the
>> ticket. I'm
>> asking this, because some of our managers don't want to
>> handle with RT's
>> web interface, but needs info who actually took action over
>> the ticket
>>
>> Thanks in advance
>>
>> --
>> RT Training - Boston, September 9-10
>> http://bestpractical.com/training
>>
>
>

-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] RT-mailgate question

2014-07-08 Thread Alex Peters 
A list of useful template snippets can be found on the wiki:

http://requesttracker.wikia.com/wiki/TemplateSnippets#People

It seems that you would get the desired information by adding this to the
appropriate templates:

{ $Transaction->CreatorObj->Name }


In your case, you probably want to add this to the Admin Correspondence,
Admin Comment and Transaction templates.


On 8 July 2014 18:02, Yavor Marinov  wrote:

>  Thanks for your time Peter.
>
> Currently in the received mail i need to add the username which took
> action over the ticket, nothing more
>
>
>  On 7/8/2014 3:26 AM, Alex Peters wrote:
>
> From your description, it seems that the managers are currently watching
> the ticket as AdminCCs.
>
> Can you please give an example of the information that you need in the
> emails that are sent to the managers?
>
> The emails already show the name and email address of the person adding
> correspondence to the ticket.  Ticket owner information is already emailed
> when owner change occurs.
> On 08/07/2014 1:03 am, "Yavor Marinov"  wrote:
>
>> hey guys,
>>
>> i have again (probably) silly question. Is there any chance when using
>> RT web interface, when replying the rt-mailgate to attach the username
>> who did the action. Now, when replying to a ticket, via email we receive
>> only the actual information written by user plus link to the ticket. I'm
>> asking this, because some of our managers don't want to handle with RT's
>> web interface, but needs info who actually took action over the ticket
>>
>> Thanks in advance
>>
>> --
>> RT Training - Boston, September 9-10
>> http://bestpractical.com/training
>>
>
>
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] RT-mailgate question

2014-07-08 Thread Yavor Marinov 
Thanks for your time Peter.

Currently in the received mail i need to add the username which took
action over the ticket, nothing more

On 7/8/2014 3:26 AM, Alex Peters wrote:
>
> From your description, it seems that the managers are currently
> watching the ticket as AdminCCs.
>
> Can you please give an example of the information that you need in the
> emails that are sent to the managers?
>
> The emails already show the name and email address of the person
> adding correspondence to the ticket.  Ticket owner information is
> already emailed when owner change occurs.
>
> On 08/07/2014 1:03 am, "Yavor Marinov"  > wrote:
>
> hey guys,
>
> i have again (probably) silly question. Is there any chance when using
> RT web interface, when replying the rt-mailgate to attach the username
> who did the action. Now, when replying to a ticket, via email we
> receive
> only the actual information written by user plus link to the
> ticket. I'm
> asking this, because some of our managers don't want to handle
> with RT's
> web interface, but needs info who actually took action over the ticket
>
> Thanks in advance
>
> --
> RT Training - Boston, September 9-10
> http://bestpractical.com/training
>

-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] RT-mailgate question

2014-07-07 Thread Alex Peters 
>From your description, it seems that the managers are currently watching
the ticket as AdminCCs.

Can you please give an example of the information that you need in the
emails that are sent to the managers?

The emails already show the name and email address of the person adding
correspondence to the ticket.  Ticket owner information is already emailed
when owner change occurs.
On 08/07/2014 1:03 am, "Yavor Marinov"  wrote:

> hey guys,
>
> i have again (probably) silly question. Is there any chance when using
> RT web interface, when replying the rt-mailgate to attach the username
> who did the action. Now, when replying to a ticket, via email we receive
> only the actual information written by user plus link to the ticket. I'm
> asking this, because some of our managers don't want to handle with RT's
> web interface, but needs info who actually took action over the ticket
>
> Thanks in advance
>
> --
> RT Training - Boston, September 9-10
> http://bestpractical.com/training
>
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

[rt-users] RT-mailgate question

2014-07-07 Thread Yavor Marinov 
hey guys,

i have again (probably) silly question. Is there any chance when using
RT web interface, when replying the rt-mailgate to attach the username
who did the action. Now, when replying to a ticket, via email we receive
only the actual information written by user plus link to the ticket. I'm
asking this, because some of our managers don't want to handle with RT's
web interface, but needs info who actually took action over the ticket

Thanks in advance

-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] rt-mailgate https - problem

2014-06-30 Thread DD DD 
on old and new server there runs 4.0.7

new machine:

root@rt:~# wget https://127.0.0.1/rt
--2014-06-30 12:24:15--  https://127.0.0.1/rt

Connecting to 127.0.0.1:443... connected.
The certificate's owner does not match hostname `127.0.0.1'
root@rt:~# wget https://localhost/rt
--2014-06-30 12:28:22--  https://localhost/rt
Resolving localhost (localhost)... 127.0.0.1
Connecting to localhost (localhost)|127.0.0.1|:443... connected.

GnuTLS: A TLS warning alert has been received.
Unable to establish SSL connection.
root@rt:~#

Why occurs a TLS warning? This comes not from the certificate (I also tried
it with --no-check-certificate)


2014-06-30 12:21 GMT+02:00 Christian Loos :

> Please keep replies to the list.
>
> Which RT version are you using?
>
> Because your apache making a redirect and rt-mailgate following
> redirects only in RT 4.2.4 and newer.
>
> Chris
>
> Am 30.06.2014 12:09, schrieb DD DD:
> > root@rt:~# wget https://HIDDEN/rt
> > --2014-06-30 12:04:42--  https://HIDDEN/rt
> > Resolving HIDDEN (HIDDEN)... HIDDEN
> > Connecting to HIDDEN (HIDDEN)|HIDDEN|:443... connected.
> > HTTP request sent, awaiting response... 301 Moved Permanently
> > Location: https://HIDDEN/rt/ [following]
> > --2014-06-30 12:04:42--  https://HIDDEN/rt/
> > Reusing existing connection to HIDDEN:443.
> > HTTP request sent, awaiting response... 200 OK
> > Length: unspecified [text/html]
> > Saving to: `rt'
> >
> > [
> > <=>
> > ] 4,064   --.-K/s   in 0.01
> >
> > 2014-06-30 12:04:43 (324 KB/s) - `rt' saved [4064]
> >
> > root@rt:~#
> >
> > It seems that Apache doesn't listen correct, but the hosts entry is
> correct.
>
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] rt-mailgate https - problem

2014-06-30 Thread Christian Loos 
Please keep replies to the list.

Which RT version are you using?

Because your apache making a redirect and rt-mailgate following
redirects only in RT 4.2.4 and newer.

Chris

Am 30.06.2014 12:09, schrieb DD DD:
> root@rt:~# wget https://HIDDEN/rt
> --2014-06-30 12:04:42--  https://HIDDEN/rt
> Resolving HIDDEN (HIDDEN)... HIDDEN
> Connecting to HIDDEN (HIDDEN)|HIDDEN|:443... connected.
> HTTP request sent, awaiting response... 301 Moved Permanently
> Location: https://HIDDEN/rt/ [following]
> --2014-06-30 12:04:42--  https://HIDDEN/rt/
> Reusing existing connection to HIDDEN:443.
> HTTP request sent, awaiting response... 200 OK
> Length: unspecified [text/html]
> Saving to: `rt'
> 
> [
> <=>   
>  
> ] 4,064   --.-K/s   in 0.01
> 
> 2014-06-30 12:04:43 (324 KB/s) - `rt' saved [4064]
> 
> root@rt:~#
> 
> It seems that Apache doesn't listen correct, but the hosts entry is correct.
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] rt-mailgate https - problem

2014-06-30 Thread Christian Loos 
Replace in the URL parameter to rt-mailgate localhost with the FQDN.

Chris

Am 30.06.2014 11:17, schrieb DD DD:
> Hello,
> 
> I have following problem:
> 
> root@rt:~# rt-mailgate --debug --action correspond
> --url=https://localhost/rt --queue General < /root/test.msg
> /usr/bin/rt-mailgate: temp file is '/tmp/4iP43YcvGf/qapxKbbAkW'
> /usr/bin/rt-mailgate: connecting to
> https://localhost/rt/REST/1.0/NoAuth/mail-gateway
> An Error Occurred
> =
> 
> 500 Can't connect to localhost:443
> 
> /usr/bin/rt-mailgate: undefined server error
> root@rt:~#
> 
> On my RT-server I can't checkin the tickets via https (https website via
> browser works fine - certificte is ok) - via http it works fine!
> 
> The Apache errorlog is empty. what does this error mean?
> 
> Best Regards
> 
> 

-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

[rt-users] rt-mailgate https - problem

2014-06-30 Thread DD DD 
Hello,

I have following problem:

root@rt:~# rt-mailgate --debug --action correspond --url=
https://localhost/rt --queue General < /root/test.msg
/usr/bin/rt-mailgate: temp file is '/tmp/4iP43YcvGf/qapxKbbAkW'
/usr/bin/rt-mailgate: connecting to
https://localhost/rt/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=

500 Can't connect to localhost:443

/usr/bin/rt-mailgate: undefined server error
root@rt:~#

On my RT-server I can't checkin the tickets via https (https website via
browser works fine - certificte is ok) - via http it works fine!

The Apache errorlog is empty. what does this error mean?

Best Regards
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

[rt-users] rt-mailgate https - problem

2014-06-30 Thread DD DD 
Hello,

I have following problem:

root@rt:~# rt-mailgate --debug --action correspond --url=
https://localhost/rt --queue General < /root/test.msg
/usr/bin/rt-mailgate: temp file is '/tmp/4iP43YcvGf/qapxKbbAkW'
/usr/bin/rt-mailgate: connecting to
https://localhost/rt/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=

500 Can't connect to localhost:443

/usr/bin/rt-mailgate: undefined server error
root@rt:~#

On my RT-server I can't checkin the tickets via https (https website via
browser works fine - certificte is ok) - via http it works fine!

The Apache errorlog is empty. what does this error mean?

Best Regards
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] RT Mailgate question

2014-05-28 Thread Kevin Falcone 
On Sun, May 25, 2014 at 08:02:24PM -0700, Jeevan wrote:
> When I first started working on Request Tracker, the concept was simple
> cause I was working in a local environment where a mail message would be
> sent directly to a predefined RT queue e.g. que...@rt.example.com or just
> queue1. However, now I want to do something like this in which a ticket is
> created by sending an email to a Gmail account, the RT-Mailgate reads the
> account and creates the ticket. I am using Sendmail and relaying everything
> to a mailserver located within my network. Any thoughts or insights would be
> much appreciated. Please and thank you!

rt-mailgate does not do pop or imap or any other mail client
protocols.  You set up fetchmail or getmail or any of the other mail
client systems and have them pipe mail to rt-mailgate.

-kevin


pgp665p0MeUjZ.pgp
Description: PGP signature
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

[rt-users] RT Mailgate question

2014-05-25 Thread Jeevan 
Hi there,

When I first started working on Request Tracker, the concept was simple
cause I was working in a local environment where a mail message would be
sent directly to a predefined RT queue e.g. que...@rt.example.com or just
queue1. However, now I want to do something like this in which a ticket is
created by sending an email to a Gmail account, the RT-Mailgate reads the
account and creates the ticket. I am using Sendmail and relaying everything
to a mailserver located within my network. Any thoughts or insights would be
much appreciated. Please and thank you!


Best regards,
Jeevan



--
View this message in context: 
http://requesttracker.8502.n7.nabble.com/RT-Mailgate-question-tp57494.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] rt-mailgate +getmail issue

2014-02-18 Thread Kevin Falcone 
On Fri, Feb 14, 2014 at 09:14:08AM +0200, Yavor Marinov wrote:
>Additional information won't hurt anyway. The only regexp which is 
> configured in
>RT_Siteconfig.pm is
> 
>Set($RTAddressRegexp , '^r...@domain.com$');
> 
>What should be Regexp in order to detect the [] anywhere in the 
> Subject field

Not the relevant setting.

Your $rtname, $EmailSubjectTagRegex and any Queue level Subject tags
are relevant.

An outgoing Subject: line (taken from the history of the ticket) and
an incoming Subject that does not match and create a new ticket would
be needed to see what is going on.

The subjects cannot be changed, so putting [XXX] in defeats the
ability of anyone to debug.

You would also mention any plugins you have installed and enabled.

-kevin


pgpblnZ3hAPIN.pgp
Description: PGP signature
-- 
RT Training London, March 19-20 and Dallas May 20-21
http://bestpractical.com/training

Re: [rt-users] rt-mailgate +getmail issue

2014-02-13 Thread Yavor Marinov 
Additional information won't hurt anyway. The only regexp which is 
configured in RT_Siteconfig.pm is


Set($RTAddressRegexp , '^r...@domain.com$');

What should be Regexp in order to detect the [] anywhere in the 
Subject field




---
Find out about our new Cloud service - Cloudware.bg 


Access anywhere. Manage it yourself. Pay as you go.

*Yavor Marinov*
System Administrator

Neterra Ltd.
Telephone: +359 2 975 16 16
Fax: +359 2 975 34 36
Mobile: +359 888 610 048
www.neterra.net 


On 02/13/2014 05:13 PM, Kevin Falcone wrote:

On Thu, Feb 13, 2014 at 04:47:42PM +0200, Yavor Marinov wrote:

I've manage to solve this with [1]RT-Interface-Email-Filter-CheckMessageId 
extension.

I'm glad that this fixed your issues, however for the archives, RT
works just fine and has for years with the subject tag (the [XX]
part) being anywhere in the subject.

Usually this points to a misconfiguration in RT's rtname, the regexp
that understands it or Queue level subject tags.  But since you didn't
provide enough information about that, we can't even guess.

-kevin


On 02/13/2014 12:29 PM, Yavor Marinov wrote:

  Hello,

  i have the following configs for getmail:

  create a ticket to address [2]requ...@company.com:
  arguments = ("--url", [3]"https://localhost";, "--queue", "Internal-IT", 
"--action",
  "correspond",)

  comment to a ticket to address [4]request-comm...@company.com:
  arguments = ("--url", [5]"https://localhost";, "--queue", "Internal-IT", 
"--action",
  "comment",)

  everything works as it should be, but the following is annoying our 
colleagues, and I need
  to fix it. So, if someone create a ticket via email, the ticket is 
getting into the queue
  correctly and the members of the group (responsible for the queue) are 
getting mail from RT
  with subject:

  [XX] Subject of the email which is send to corresponding email.

  Once anyone tried to reply via email (e.g. reply from their email client 
- subject changes
  to Re: [X] ) the reply isn't inserted in the correct ticket, but 
instead RT creates
  a new ticket with subject "Re: [X]."

  If they reply and remove the "Re:" and leave subject as in RT the comment 
is properly added
  to the ticket.
  Summed up - getmail and rt-mailgate are working properly - the only 
problem is the subject,
  and what should i modify in order RT to lookup into the Subject field even if 
"Re:" is
  supplied.




-- 
RT Training London, March 19-20 and Dallas May 20-21
http://bestpractical.com/training

Re: [rt-users] rt-mailgate +getmail issue

2014-02-13 Thread Kevin Falcone 
On Thu, Feb 13, 2014 at 04:47:42PM +0200, Yavor Marinov wrote:
>I've manage to solve this with [1]RT-Interface-Email-Filter-CheckMessageId 
> extension.

I'm glad that this fixed your issues, however for the archives, RT
works just fine and has for years with the subject tag (the [XX]
part) being anywhere in the subject.

Usually this points to a misconfiguration in RT's rtname, the regexp
that understands it or Queue level subject tags.  But since you didn't
provide enough information about that, we can't even guess.

-kevin

>On 02/13/2014 12:29 PM, Yavor Marinov wrote:
> 
>  Hello,
> 
>  i have the following configs for getmail:
> 
>  create a ticket to address [2]requ...@company.com:
>  arguments = ("--url", [3]"https://localhost";, "--queue", "Internal-IT", 
> "--action",
>  "correspond",)
> 
>  comment to a ticket to address [4]request-comm...@company.com:
>  arguments = ("--url", [5]"https://localhost";, "--queue", "Internal-IT", 
> "--action",
>  "comment",)
> 
>  everything works as it should be, but the following is annoying our 
> colleagues, and I need
>  to fix it. So, if someone create a ticket via email, the ticket is 
> getting into the queue
>  correctly and the members of the group (responsible for the queue) are 
> getting mail from RT
>  with subject:
> 
>  [XX] Subject of the email which is send to corresponding email.
> 
>  Once anyone tried to reply via email (e.g. reply from their email client 
> - subject changes
>  to Re: [X] ) the reply isn't inserted in the correct ticket, but 
> instead RT creates
>  a new ticket with subject "Re: [X]."
> 
>  If they reply and remove the "Re:" and leave subject as in RT the 
> comment is properly added
>  to the ticket.
>  Summed up - getmail and rt-mailgate are working properly - the only 
> problem is the subject,
>  and what should i modify in order RT to lookup into the Subject field 
> even if "Re:" is
>  supplied.


pgpgiFYganfPF.pgp
Description: PGP signature
-- 
RT Training London, March 19-20 and Dallas May 20-21
http://bestpractical.com/training

Re: [rt-users] rt-mailgate +getmail issue

2014-02-13 Thread Yavor Marinov 
I've manage to solve this with RT-Interface-Email-Filter-CheckMessageId 
 
extension.


On 02/13/2014 12:29 PM, Yavor Marinov wrote:

Hello,

i have the following configs for getmail:

create a ticket to address requ...@company.com:
arguments = ("--url", "https://localhost";, "--queue", "Internal-IT", 
"--action", "correspond",)


comment to a ticket to address request-comm...@company.com:
arguments = ("--url", "https://localhost";, "--queue", "Internal-IT", 
"--action", "comment",)


everything works as it should be, but the following is annoying our 
colleagues, and I need to fix it. So, if someone create a ticket via 
email, the ticket is getting into the queue correctly and the members 
of the group (responsible for the queue) are getting mail from RT with 
subject:


[XX] Subject of the email which is send to corresponding email.

Once anyone tried to reply via email (e.g. reply from their email 
client - subject changes to Re: [X] ) the reply isn't inserted 
in the correct ticket, but instead RT creates a new ticket with 
subject "Re: [X]."


If they reply and remove the "Re:" and leave subject as in RT the 
comment is properly added to the ticket.
Summed up - getmail and rt-mailgate are working properly - the only 
problem is the subject, and what should i modify in order RT to lookup 
into the Subject field even if "Re:" is supplied.


Any help will be much appreciated!





-- 
RT Training London, March 19-20 and Dallas May 20-21
http://bestpractical.com/training

[rt-users] rt-mailgate +getmail issue

2014-02-13 Thread Yavor Marinov 

Hello,

i have the following configs for getmail:

create a ticket to address requ...@company.com:
arguments = ("--url", "https://localhost";, "--queue", "Internal-IT", 
"--action", "correspond",)


comment to a ticket to address request-comm...@company.com:
arguments = ("--url", "https://localhost";, "--queue", "Internal-IT", 
"--action", "comment",)


everything works as it should be, but the following is annoying our 
colleagues, and I need to fix it. So, if someone create a ticket via 
email, the ticket is getting into the queue correctly and the members of 
the group (responsible for the queue) are getting mail from RT with subject:


[XX] Subject of the email which is send to corresponding email.

Once anyone tried to reply via email (e.g. reply from their email client 
- subject changes to Re: [X] ) the reply isn't inserted in the 
correct ticket, but instead RT creates a new ticket with subject "Re: 
[X]."


If they reply and remove the "Re:" and leave subject as in RT the 
comment is properly added to the ticket.
Summed up - getmail and rt-mailgate are working properly - the only 
problem is the subject, and what should i modify in order RT to lookup 
into the Subject field even if "Re:" is supplied.


Any help will be much appreciated!



--
RT Training London, March 19-20 and Dallas May 20-21
http://bestpractical.com/training

Re: [rt-users] rt-mailgate issue with postfix

2013-07-23 Thread Tim Wiley 

On 07/23/2013 04:53 AM, Rajat toshniwal wrote:

Hi Folks

We have just installed RT4.0.13 in our environment. Our foremost
requirement is ticket creation via email. In our setup we already have
postfix running on separate server.
On RT we are having exim which is acting as relay server and using
postfix mail server as master.
Now I want to integrate my RT server with that mailbox.
In order to do that I installed rt-mailgate on my mail server and
created below mentioned entries in /etc/aliases

*rt-database: "|/opt/rt4/bin/rt-mailgate --queue database
--action correspond --url http://rt.xyz.com/";
rt-database-comment: "|/opt/rt4/bin/rt-mailgate --queue database
--action comment --url http://rt.xyz.com/";
*
I have database queue configured on my RT box with the above mentioned
email-address. I have also given create-ticket rights to everyone.
Both the email-ids rt-datab...@gml.com and rt-database-comm...@gml.com
are configured on my AD.

But whenever i am trying to create ticket, I get the below mentioned
error from mail.log

Jul 23 07:23:17 mail postfix/smtpd[7389]: connect from localhost[127.0.0.1]
Jul 23 07:23:17 mail postfix/smtpd[7389]: DC0DC45C61:
client=localhost[127.0.0.1]
Jul 23 07:23:17 mail postfix/cleanup[7369]: DC0DC45C61:
message-id=
Jul 23 07:23:17 mail postfix/qmgr[5870]: DC0DC45C61:
from=, size=1448, nrcpt=1 (queue active)
Jul 23 07:23:17 mail postfix/smtpd[7389]: disconnect from
localhost[127.0.0.1]
Jul 23 07:23:17 mail amavis[5064]: (05064-04) Passed CLEAN,
[192.168.10.24]  -> <"|/opt/rt4/bin/rt-mailgate --queue
database --action correspond --url http://rt.tekmindz.com/"@gml.com>,
Message-ID: , mail_id: qXkzuLb1TZ4M, Hits: -1,
size: 854, queued_as: DC0DC45C61, 28311 ms
Jul 23 07:23:17 mail postfix/smtp[7386]: 8553245C65:
to=<|/opt/rt4/bin/rt-mailgate --queue database --action correspond --url
http://rt.tekmindz.com/@gml.com>, relay=127.0.0.1[127.0.0.1]:10024,
delay=28, delays=0.11/0.03/0.01/28, dsn=2.0.0, status=sent (250 2.0.0
Ok, id=05064-04, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
DC0DC45C61)
Jul 23 07:23:17 mail postfix/qmgr[5870]: 8553245C65: removed
Jul 23 07:23:18 mail postfix/virtual[7390]: DC0DC45C61:
to=<|/opt/rt4/bin/rt-mailgate --queue database --action correspond --url
http://rt.tekmindz.com/@gml.com>, relay=virtual, delay=0.17,
delays=0.06/0.05/0/0.06, dsn=5.1.1, status=bounced (unknown user:
"|/opt/rt4/bin/rt-mailgate --queue database --action correspond --url
http://rt.tekmindz.com/@gml.com";)
Jul 23 07:23:18 mail postfix/cleanup[7369]: 106A845C64:
message-id=<20130723112318.106a845...@mail.gml.com>
Jul 23 07:23:18 mail postfix/qmgr[5870]: 106A845C64: from=<>, size=3673,
nrcpt=1 (queue active)
Jul 23 07:23:18 mail postfix/bounce[7391]: DC0DC45C61: sender
non-delivery notification: 106A845C64
Jul 23 07:23:18 mail postfix/qmgr[5870]: DC0DC45C61: removed
Jul 23 07:23:18 mail postfix/virtual[7390]: 106A845C64:
to=, relay=virtual, delay=0.12, delays=0.06/0.01/0/0.05,
dsn=2.0.0, status=sent (delivered to maildir)
Jul 23 07:23:18 mail postfix/qmgr[5870]: 106A845C64: removed
Jul 23 07:24:29 mail postfix/smtpd[7363]: idle timeout -- exiting

Actually whole rt-mailgate entry is treated like a user. Right now i am
clueless about what to do.
Kindly help me in troubleshooting this issue.

Regards


You didn't post your exim.conf, so I'm pretty much stabbing in the dark, 
but my guess is a lack of address_pipe transport configuration.


That said, if your postfix machine is only used for routing to/from the 
RT machine, you may want to consider eliminating that machine & running 
postfix on your RT box.  And even if your postfix box is used for other 
things, you may want to consider using postfix on your RT box as well to 
eliminate the confusion of running 2 different MTAs.

[rt-users] rt-mailgate issue with postfix

2013-07-23 Thread Rajat toshniwal 

Hi Folks

We have just installed RT4.0.13 in our environment. Our foremost 
requirement is ticket creation via email. In our setup we already have 
postfix running on separate server.
On RT we are having exim which is acting as relay server and using 
postfix mail server as master.

Now I want to integrate my RT server with that mailbox.
In order to do that I installed rt-mailgate on my mail server and 
created below mentioned entries in /etc/aliases


*rt-database: "|/opt/rt4/bin/rt-mailgate --queue database 
--action correspond --url http://rt.xyz.com/";
rt-database-comment: "|/opt/rt4/bin/rt-mailgate --queue database 
--action comment --url http://rt.xyz.com/";

*
I have database queue configured on my RT box with the above mentioned 
email-address. I have also given create-ticket rights to everyone.
Both the email-ids rt-datab...@gml.com and rt-database-comm...@gml.com 
are configured on my AD.


But whenever i am trying to create ticket, I get the below mentioned 
error from mail.log


Jul 23 07:23:17 mail postfix/smtpd[7389]: connect from localhost[127.0.0.1]
Jul 23 07:23:17 mail postfix/smtpd[7389]: DC0DC45C61: 
client=localhost[127.0.0.1]
Jul 23 07:23:17 mail postfix/cleanup[7369]: DC0DC45C61: 
message-id=
Jul 23 07:23:17 mail postfix/qmgr[5870]: DC0DC45C61: 
from=, size=1448, nrcpt=1 (queue active)
Jul 23 07:23:17 mail postfix/smtpd[7389]: disconnect from 
localhost[127.0.0.1]
Jul 23 07:23:17 mail amavis[5064]: (05064-04) Passed CLEAN, 
[192.168.10.24]  -> <"|/opt/rt4/bin/rt-mailgate --queue 
database --action correspond --url http://rt.tekmindz.com/"@gml.com>, 
Message-ID: , mail_id: qXkzuLb1TZ4M, Hits: -1, 
size: 854, queued_as: DC0DC45C61, 28311 ms
Jul 23 07:23:17 mail postfix/smtp[7386]: 8553245C65: 
to=<|/opt/rt4/bin/rt-mailgate --queue database --action correspond --url 
http://rt.tekmindz.com/@gml.com>, relay=127.0.0.1[127.0.0.1]:10024, 
delay=28, delays=0.11/0.03/0.01/28, dsn=2.0.0, status=sent (250 2.0.0 
Ok, id=05064-04, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 
DC0DC45C61)

Jul 23 07:23:17 mail postfix/qmgr[5870]: 8553245C65: removed
Jul 23 07:23:18 mail postfix/virtual[7390]: DC0DC45C61: 
to=<|/opt/rt4/bin/rt-mailgate --queue database --action correspond --url 
http://rt.tekmindz.com/@gml.com>, relay=virtual, delay=0.17, 
delays=0.06/0.05/0/0.06, dsn=5.1.1, status=bounced (unknown user: 
"|/opt/rt4/bin/rt-mailgate --queue database --action correspond --url 
http://rt.tekmindz.com/@gml.com";)
Jul 23 07:23:18 mail postfix/cleanup[7369]: 106A845C64: 
message-id=<20130723112318.106a845...@mail.gml.com>
Jul 23 07:23:18 mail postfix/qmgr[5870]: 106A845C64: from=<>, size=3673, 
nrcpt=1 (queue active)
Jul 23 07:23:18 mail postfix/bounce[7391]: DC0DC45C61: sender 
non-delivery notification: 106A845C64

Jul 23 07:23:18 mail postfix/qmgr[5870]: DC0DC45C61: removed
Jul 23 07:23:18 mail postfix/virtual[7390]: 106A845C64: 
to=, relay=virtual, delay=0.12, delays=0.06/0.01/0/0.05, 
dsn=2.0.0, status=sent (delivered to maildir)

Jul 23 07:23:18 mail postfix/qmgr[5870]: 106A845C64: removed
Jul 23 07:24:29 mail postfix/smtpd[7363]: idle timeout -- exiting

Actually whole rt-mailgate entry is treated like a user. Right now i am 
clueless about what to do.

Kindly help me in troubleshooting this issue.

Regards



--
Disclaimer: The information contained in this communication is confidential, 
private, proprietary, or otherwise privileged and is intended only for the use 
of the addressee. Unauthorized use, disclosure, distribution or copying is 
strictly prohibited and may be unlawful. If you have received this 
communication in error, please delete this message and notify the sender 
immediately - Samin TekMindz India Pvt. Ltd.
--

Re: [rt-users] rt-mailgate Unknown encoding 'charset="utf-8"'

2013-04-05 Thread Ruslan Zakirov 
On Fri, Apr 5, 2013 at 4:25 PM, charlyc...@yahoo.com.ar <
charlyc...@yahoo.com.ar> wrote:

> Thank you for your answer.
>
> 1. Do you know if the tickets are still created? I wanted to validate it
> but we receive hundreds of emails per hour and it's difficult for me to do
> follow up.
>
> no, tickets are not created


> 2. If I update to 4.0.10 this will be solved?
>
>
yes.



> Thank you for your help.
>
>
>   --
> *De:* Ruslan Zakirov 
> *Para:* "charlyc...@yahoo.com.ar" 
> *CC:* "rt-users@lists.bestpractical.com" 
>
> *Enviado:* viernes, 5 de abril de 2013 5:04
> *Asunto:* Re: [rt-users] rt-mailgate Unknown encoding 'charset="utf-8"'
>
> This happens when email has encoding defined, but it's not correct value.
> Newer versions convert such cases to "application/octet-stream". Change is
> in 4.0.9rc1.
>
>
> On Fri, Apr 5, 2013 at 6:00 AM, charlyc...@yahoo.com.ar <
> charlyc...@yahoo.com.ar> wrote:
>
> Hi,
>
> I've been running rt-mailgate to download my emails and today I started
> getting this error message on the fetchmail log.
>
> RT server error.
>
> The RT server which handled your email did not behave as expected. It
> said:
>
> Unknown encoding 'charset="utf-8"' at /data/rt4/sbin/../lib/RT/I18N.pm
> line 542.
>
> Stack:
>   [/usr/local/share/perl5/Carp.pm:100]
>   [/usr/local/lib64/perl5/Encode.pm:188]
>   [/data/rt4/sbin/../lib/RT/I18N.pm:542]
>   [/data/rt4/sbin/../lib/RT/I18N.pm:214]
>   [/data/rt4/sbin/../lib/RT/I18N.pm:210]
>   [/data/rt4/sbin/../lib/RT/EmailParser.pm:282]
>   [/data/rt4/sbin/../lib/RT/Interface/Email.pm:1433]
>   [/data/rt4/share/html/REST/1.0/NoAuth/mail-gateway:61]
>
>
>
> This is my configuration on the RT_Config.pm:
>
> Set(@EmailInputEncodings, qw(utf-8 iso-8859-1 us-ascii));
>
>
> There is no configuration for this parameter on the RT_SiteConfig.pm.
>
> RT Version: 4.0.8
>
>
> Do you know why this might happen?
>
> Thank you, Charly
>
>
>
>
> --
> Best regards, Ruslan.
>
>
>


-- 
Best regards, Ruslan.

Re: [rt-users] rt-mailgate Unknown encoding 'charset="utf-8"'

2013-04-05 Thread charlyc...@yahoo.com.ar 
Thank you for your answer.

1. Do you know if the tickets are still created? I wanted to validate it but we 
receive hundreds of emails per hour and it's difficult for me to do follow up.

2. If I update to 4.0.10 this will be solved?

Thank you for your help.





 De: Ruslan Zakirov 
Para: "charlyc...@yahoo.com.ar"  
CC: "rt-users@lists.bestpractical.com"  
Enviado: viernes, 5 de abril de 2013 5:04
Asunto: Re: [rt-users] rt-mailgate Unknown encoding 'charset="utf-8"'
 

This happens when email has encoding defined, but it's not correct value. Newer 
versions convert such cases to "application/octet-stream". Change is in 
4.0.9rc1.



On Fri, Apr 5, 2013 at 6:00 AM, charlyc...@yahoo.com.ar 
 wrote:

Hi,
>
>I've been running rt-mailgate to download my emails and today I started 
>getting this error message on the fetchmail log.
>
>RT server error.
>
>The RT server which handled your email did not behave as expected. It
>said:
>
>Unknown encoding 'charset="utf-8"' at /data/rt4/sbin/../lib/RT/I18N.pm line 
>542.
>
>Stack:
>  [/usr/local/share/perl5/Carp.pm:100]
>  [/usr/local/lib64/perl5/Encode.pm:188]
>  [/data/rt4/sbin/../lib/RT/I18N.pm:542]
>  [/data/rt4/sbin/../lib/RT/I18N.pm:214]
>  [/data/rt4/sbin/../lib/RT/I18N.pm:210]
>  [/data/rt4/sbin/../lib/RT/EmailParser.pm:282]
>  [/data/rt4/sbin/../lib/RT/Interface/Email.pm:1433]
>  [/data/rt4/share/html/REST/1.0/NoAuth/mail-gateway:61]
>
>
>
>This is my configuration on the RT_Config.pm:
>
>    Set(@EmailInputEncodings, qw(utf-8 iso-8859-1 us-ascii));
>
>
>There is no configuration for this parameter on the RT_SiteConfig.pm.
>
>RT Version: 4.0.8
>
>
>Do you know why this might happen?
>
>Thank you, Charly
>
>


-- 
Best regards, Ruslan.

Re: [rt-users] rt-mailgate Unknown encoding 'charset="utf-8"'

2013-04-05 Thread Ruslan Zakirov 
This happens when email has encoding defined, but it's not correct value.
Newer versions convert such cases to "application/octet-stream". Change is
in 4.0.9rc1.


On Fri, Apr 5, 2013 at 6:00 AM, charlyc...@yahoo.com.ar <
charlyc...@yahoo.com.ar> wrote:

> Hi,
>
> I've been running rt-mailgate to download my emails and today I started
> getting this error message on the fetchmail log.
>
> RT server error.
>
> The RT server which handled your email did not behave as expected. It
> said:
>
> Unknown encoding 'charset="utf-8"' at /data/rt4/sbin/../lib/RT/I18N.pm
> line 542.
>
> Stack:
>   [/usr/local/share/perl5/Carp.pm:100]
>   [/usr/local/lib64/perl5/Encode.pm:188]
>   [/data/rt4/sbin/../lib/RT/I18N.pm:542]
>   [/data/rt4/sbin/../lib/RT/I18N.pm:214]
>   [/data/rt4/sbin/../lib/RT/I18N.pm:210]
>   [/data/rt4/sbin/../lib/RT/EmailParser.pm:282]
>   [/data/rt4/sbin/../lib/RT/Interface/Email.pm:1433]
>   [/data/rt4/share/html/REST/1.0/NoAuth/mail-gateway:61]
>
>
>
> This is my configuration on the RT_Config.pm:
>
> Set(@EmailInputEncodings, qw(utf-8 iso-8859-1 us-ascii));
>
>
> There is no configuration for this parameter on the RT_SiteConfig.pm.
>
> RT Version: 4.0.8
>
>
> Do you know why this might happen?
>
> Thank you, Charly
>
>


-- 
Best regards, Ruslan.

[rt-users] rt-mailgate Unknown encoding 'charset="utf-8"'

2013-04-04 Thread charlyc...@yahoo.com.ar 
Hi,

I've been running rt-mailgate to download my emails and today I started getting 
this error message on the fetchmail log.

RT server error.

The RT server which handled your email did not behave as expected. It
said:

Unknown encoding 'charset="utf-8"' at /data/rt4/sbin/../lib/RT/I18N.pm line 542.

Stack:
  [/usr/local/share/perl5/Carp.pm:100]
  [/usr/local/lib64/perl5/Encode.pm:188]
  [/data/rt4/sbin/../lib/RT/I18N.pm:542]
  [/data/rt4/sbin/../lib/RT/I18N.pm:214]
  [/data/rt4/sbin/../lib/RT/I18N.pm:210]
  [/data/rt4/sbin/../lib/RT/EmailParser.pm:282]
  [/data/rt4/sbin/../lib/RT/Interface/Email.pm:1433]
  [/data/rt4/share/html/REST/1.0/NoAuth/mail-gateway:61]



This is my configuration on the RT_Config.pm:

    Set(@EmailInputEncodings, qw(utf-8 iso-8859-1 us-ascii));


There is no configuration for this parameter on the RT_SiteConfig.pm.

RT Version: 4.0.8


Do you know why this might happen?

Thank you, Charly

Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module

2013-02-13 Thread Thomas Klump 
Tim,

Thanks, adding a section to the virtualhost configuration for NoAuth having no 
authentication worked like a charm. The webpage I found the solution on is:

http://requesttracker.wikia.com/wiki/WebExternalAuth

and the snippet I added to my rc.conf was:


Satisfy Any
Allow from all


Thanks,

Thomas

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Tim Wiley
Sent: Wednesday, February 13, 2013 7:28 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache 
OpenID module

On 02/12/2013 08:00 PM, Thomas Klump wrote:
> I'm working on implementing RT with OpenID. I started with a basic 
> installation of RT and I created some test tickets from within the 
> webui and via email. Everything worked great. I then started to 
> implement OpenID for authentication. I tried using the RT OpenID 
> plugin but I was never able to get that to work and there was very 
> little documentation out there about it. I then decided to install 
> WebExternalAuth use the Apache OpenID module for authentication. I was 
> able to get this to work and now the web interface works great.
> Unfortunately, now the rt-mailgate is no longer working. When I email 
> the queue the following error is logged in the maillog:
>
> Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130:
> to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action 
> correspond --url http://rt.example.com/";, 
> ctladdr= <mailto:customerserv...@rt.example.com>> (8/0), delay=00:00:08, 
> xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred:
> prog mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL
>
> I then tried testing it from command line with the following results:
>
> # (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate 
> --queue 'Customer Service' --action correspond --url 
> http://rt.example.com --debug
>
> /usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2'
>
> /usr/local/rt/bin/rt-mailgate: connecting to 
> http://rt.example.com/REST/1.0/NoAuth/mail-gateway
>
> An Error Occurred
>
> =
>
> 302 Found
>
> /usr/local/rt/bin/rt-mailgate: undefined server error
>
> I then switched back to normal authentication methods in my apache 
> virtualhost config and then rt-mailgate would process emails 
> successfully. Here is my apache vituralhost configuration that seems 
> to be the problem:
>
> 
>
>  # Optional apache logs for RT
>
>  # ErrorLog /usr/local/rt/var/log/apache2.error
>
>  # TransferLog /usr/local/rt/var/log/apache2.access
>
>  # LogLevel debug
>
>  AddDefaultCharset UTF-8
>
>  DocumentRoot "/usr/local/rt/share/html"
>
>  
>
> # If I comment out the section below and uncomment the two lines below 
> that everything works
>
>  AuthType OpenID
>
>  require valid-user
>
>  AuthOpenIDTrusted ^http://www.example.com/$
>
>  AuthOpenIDUseCookie On
>
>  AuthOpenIDSingleIdP http://www.example.com
>
>  AuthOpenIDTrustRoot http://rt.example.com
>
>  AuthOpenIDCookieName rt_auth_cookie
>
>  AuthOpenIDSecureCookie Off
>
> #   Order allow,deny
>
> #   Allow from all
>
>  SetHandler modperl
>
>  PerlResponseHandler Plack::Handler::Apache2
>
>  PerlSetVar psgi_app /usr/local/rt/sbin/rt-server
>
>  
>
>  
>
>  use Plack::Handler::Apache2;
>
>
> Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server");
>
>  
>
> 
>
> Thanks for any help on this issue.
>
> Thomas Klump
>
>
>
>
>

I don't use RT in this way, but it sounds like you need to open up an area of 
RT for no authentication.  Take a look at the page below.  Note that it says 
it's out of date, so I may be way off here, but check out the part where it 
opens up /NoAuth.  You may have to play around with the location, as it looks 
like you're going through the REST API.


--
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T




-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module

2013-02-13 Thread Tim Wiley 

On 02/13/2013 10:10 AM, Thomas Klump wrote:

Tim,

Thanks, adding a section to the virtualhost configuration for NoAuth having no 
authentication worked like a charm. The webpage I found the solution on is:

http://requesttracker.wikia.com/wiki/WebExternalAuth

Thanks,

Thomas


It's usually a good idea to also reply to the list so others know the 
eventual resolution.


Also...so much for responding to e-mail before coffee.  I absolutely 
intended on adding that link to my e-mail & didn't.  My apologies.  I'm 
glad you eventually found it & figure it out.



--
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module

2013-02-13 Thread Tim Wiley 

On 02/12/2013 08:00 PM, Thomas Klump wrote:

I’m working on implementing RT with OpenID. I started with a basic
installation of RT and I created some test tickets from within the webui
and via email. Everything worked great. I then started to implement
OpenID for authentication. I tried using the RT OpenID plugin but I was
never able to get that to work and there was very little documentation
out there about it. I then decided to install WebExternalAuth use the
Apache OpenID module for authentication. I was able to get this to work
and now the web interface works great. Unfortunately, now the
rt-mailgate is no longer working. When I email the queue the following
error is logged in the maillog:

Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130:
to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action
correspond --url http://rt.example.com/";,
ctladdr=mailto:customerserv...@rt.example.com>> (8/0), delay=00:00:08,
xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred: prog
mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL

I then tried testing it from command line with the following results:

# (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate
--queue 'Customer Service' --action correspond --url
http://rt.example.com --debug

/usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2'

/usr/local/rt/bin/rt-mailgate: connecting to
http://rt.example.com/REST/1.0/NoAuth/mail-gateway

An Error Occurred

=

302 Found

/usr/local/rt/bin/rt-mailgate: undefined server error

I then switched back to normal authentication methods in my apache
virtualhost config and then rt-mailgate would process emails
successfully. Here is my apache vituralhost configuration that seems to
be the problem:



 # Optional apache logs for RT

 # ErrorLog /usr/local/rt/var/log/apache2.error

 # TransferLog /usr/local/rt/var/log/apache2.access

 # LogLevel debug

 AddDefaultCharset UTF-8

 DocumentRoot "/usr/local/rt/share/html"

 

# If I comment out the section below and uncomment the two lines below
that everything works

 AuthType OpenID

 require valid-user

 AuthOpenIDTrusted ^http://www.example.com/$

 AuthOpenIDUseCookie On

 AuthOpenIDSingleIdP http://www.example.com

 AuthOpenIDTrustRoot http://rt.example.com

 AuthOpenIDCookieName rt_auth_cookie

 AuthOpenIDSecureCookie Off

#   Order allow,deny

#   Allow from all

 SetHandler modperl

 PerlResponseHandler Plack::Handler::Apache2

 PerlSetVar psgi_app /usr/local/rt/sbin/rt-server

 

 

 use Plack::Handler::Apache2;


Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server");

 



Thanks for any help on this issue.

Thomas Klump







I don't use RT in this way, but it sounds like you need to open up an 
area of RT for no authentication.  Take a look at the page below.  Note 
that it says it's out of date, so I may be way off here, but check out 
the part where it opens up /NoAuth.  You may have to play around with 
the location, as it looks like you're going through the REST API.



--
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

[rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module

2013-02-12 Thread Thomas Klump 
I'm working on implementing RT with OpenID. I started with a basic installation 
of RT and I created some test tickets from within the webui and via email. 
After everything was working I started to implement OpenID for authentication. 
I tried using the RT OpenID plugin but I was never able to get that to work and 
there was next to no documentation out there about it. I then decided to 
install WebExternalAuth use the Apache OpenID module for authentication. I was 
able to get this to work and now the web interface works great. Unfortunately, 
now the rt-mailgate is no longer working. When I email the queue the following 
error is logged in the maillog:

Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130: 
to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action 
correspond --url http://rt.example.com/";, 
ctladdr= (8/0), delay=00:00:08, 
xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred: prog mailer 
(/usr/sbin/smrsh) exited with EX_TEMPFAIL

I then tried testing it from command line with the following results:

# (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate --queue 
'Customer Service' --action correspond --url http://rt.example.com --debug
/usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2'
/usr/local/rt/bin/rt-mailgate: connecting to 
http://rt.example.com/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=

302 Found

/usr/local/rt/bin/rt-mailgate: undefined server error

I then switched back to normal authentication methods in my apache virtualhost 
config and then rt-mailgate would process emails successfully. Here is my 
apache vituralhost configuration that is causing the errors:


# Optional apache logs for RT
# ErrorLog /usr/local/rt/var/log/apache2.error
# TransferLog /usr/local/rt/var/log/apache2.access
# LogLevel debug

AddDefaultCharset UTF-8
DocumentRoot "/usr/local/rt/share/html"


# If I comment out the section below and uncomment the two lines below that 
everything works
AuthType OpenID
require valid-user
AuthOpenIDTrusted ^http://www.example.com/$
AuthOpenIDUseCookie On
AuthOpenIDSingleIdP http://www.example.com
AuthOpenIDTrustRoot http://rt.example.com
AuthOpenIDCookieName rt_auth_cookie
AuthOpenIDSecureCookie Off

#   Order allow,deny
#   Allow from all

SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /usr/local/rt/sbin/rt-server


use Plack::Handler::Apache2;

Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server");




Thanks for any help on this issue.
Thomas Klump


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

[rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module

2013-02-12 Thread Thomas Klump 
I'm working on implementing RT with OpenID. I started with a basic installation 
of RT and I created some test tickets from within the webui and via email. 
Everything worked great. I then started to implement OpenID for authentication. 
I tried using the RT OpenID plugin but I was never able to get that to work and 
there was very little documentation out there about it. I then decided to 
install WebExternalAuth use the Apache OpenID module for authentication. I was 
able to get this to work and now the web interface works great. Unfortunately, 
now the rt-mailgate is no longer working. When I email the queue the following 
error is logged in the maillog:

Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130: 
to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action 
correspond --url http://rt.example.com/";, 
ctladdr=mailto:customerserv...@rt.example.com>> 
(8/0), delay=00:00:08, xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, 
stat=Deferred: prog mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL

I then tried testing it from command line with the following results:

# (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate --queue 
'Customer Service' --action correspond --url http://rt.example.com --debug
/usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2'
/usr/local/rt/bin/rt-mailgate: connecting to 
http://rt.example.com/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=

302 Found

/usr/local/rt/bin/rt-mailgate: undefined server error

I then switched back to normal authentication methods in my apache virtualhost 
config and then rt-mailgate would process emails successfully. Here is my 
apache vituralhost configuration that seems to be the problem:


# Optional apache logs for RT
# ErrorLog /usr/local/rt/var/log/apache2.error
# TransferLog /usr/local/rt/var/log/apache2.access
# LogLevel debug

AddDefaultCharset UTF-8
DocumentRoot "/usr/local/rt/share/html"


# If I comment out the section below and uncomment the two lines below that 
everything works
AuthType OpenID
require valid-user
AuthOpenIDTrusted ^http://www.example.com/$
AuthOpenIDUseCookie On
AuthOpenIDSingleIdP http://www.example.com
AuthOpenIDTrustRoot http://rt.example.com
AuthOpenIDCookieName rt_auth_cookie
AuthOpenIDSecureCookie Off

#   Order allow,deny
#   Allow from all

SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /usr/local/rt/sbin/rt-server


use Plack::Handler::Apache2;

Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server");




Thanks for any help on this issue.

Thomas Klump


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] rt-mailgate and web based authentication

2013-01-16 Thread Martin Wheldon 

Hi Tom,

Sounds like you may missing a Location section from your apache config. 
Something like...



   Order Allow,Deny
   Allow from 127.0.0.1


Best Regards

Martin Wheldon

On 2013-01-16 16:38, Thomas  Misilo wrote:

Hi,

I am switched from using LDAP to CAS for authentication, and now
because it redirects to the login screen, mailgate isn't working. I
was wondering if anyone had a workaround or solution to this?

Thanks,

Tom

 !DSPAM:9,50f6cf2333231759512251!

[rt-users] rt-mailgate and web based authentication

2013-01-16 Thread Thomas Misilo 
Hi,

I am switched from using LDAP to CAS for authentication, and now because it 
redirects to the login screen, mailgate isn't working. I was wondering if 
anyone had a workaround or solution to this?

Thanks,

Tom

Re: [rt-users] rt-mailgate fallback

2012-12-04 Thread Thomas Sibley 
On 12/04/2012 01:12 AM, Albert Shih wrote:
>   :0:
>   |/usr/bin/rt-mailgate --queue Support --action correspond --url 
> https://ULR_OF_RT
> 
> 
> the problem is sometime the RT website is down (power failure) and in that
> case the mail is lost. 
> 
> How can I tell rt-mailgate (or procmail) to send the mail to humain.address 
> only if the rt-mailgate failed

Your rt-mailgate procmail recipe should start with :0w not :0:  The w
indicates procmail should wait for rt-mailgate to return and use its
exit code.

We're hiring! http://bestpractical.com/jobs

Re: [rt-users] rt-mailgate fallback

2012-12-04 Thread Jason A. Smith 
I think what you want to do is add a rule like this right below your 
pipe to rt-mailgate rule. This tells procmail to trap the error from the 
failed rt-mailgate delivery and retry later:


# If RT delivery failed, return it to the mail queue, the MTA
# will retry delivery later (75 is the value for EX_TEMPFAIL
# in /usr/include/sysexits.h):
:0 e
{ EXITCODE=75 HOST }



On 12/04/2012 04:12 AM, Albert Shih wrote:

Hi,

I would like to known if they are any solution to have a fallback solution
about rt-mailgate with procmail.

Actually I've something like in the .procmailrc

#
# Spam
#
:0: # spam
* ^X-Spam-Status: YES*
! humain.address

:0:
|/usr/bin/rt-mailgate --queue Support --action correspond --url 
https://ULR_OF_RT


the problem is sometime the RT website is down (power failure) and in that
case the mail is lost.

How can I tell rt-mailgate (or procmail) to send the mail to humain.address 
only if the rt-mailgate failed

Regards.

JAS






We're hiring! http://bestpractical.com/jobs

[rt-users] rt-mailgate fallback

2012-12-04 Thread Albert Shih 
Hi,

I would like to known if they are any solution to have a fallback solution
about rt-mailgate with procmail.

Actually I've something like in the .procmailrc 

#
# Spam
#
:0: # spam
* ^X-Spam-Status: YES*
! humain.address

:0:
|/usr/bin/rt-mailgate --queue Support --action correspond --url 
https://ULR_OF_RT


the problem is sometime the RT website is down (power failure) and in that
case the mail is lost. 

How can I tell rt-mailgate (or procmail) to send the mail to humain.address 
only if the rt-mailgate failed

Regards.

JAS



-- 
Albert SHIH
DIO bâtiment 15
Observatoire de Paris
5 Place Jules Janssen
92195 Meudon Cedex
Téléphone : 01 45 07 76 26/06 86 69 95 71
xmpp: j...@obspm.fr
Heure local/Local time:
mar 4 déc 2012 10:08:17 CET

We're hiring! http://bestpractical.com/jobs

Re: [rt-users] rt-mailgate: undefined server error

2012-12-03 Thread Carlos Fuentes Bermejo 
Hi Thomas,

Nothing on the web server logs.

Cheers,
Carlos

El 03/12/2012, a las 19:53, Thomas Sibley escribió:

> On 12/03/2012 01:27 AM, Carlos Fuentes Bermejo wrote:
>> Hiya folks,
>> 
>> Since a few days ago I'm having the following error:
>> 
>> rt-mailgate: connecting to
>> http://xxx.xxx.xxx.xxx//REST/1.0/NoAuth/mail-gateway An Error
>> Occurred =  500 read timeout
>> /path/to/my/rt/bin/rt-mailgate: undefined server error
>> 
>> This is happening since I did migrate to RT 4.0.8, and not with all
>> the incoming mail, just with mails which have attachments.
>> 
>> Any ideas??? I forgot something to configure???
> 
> The error implies that rt-mailgate times out while waiting for a
> response from the RT server.  Is there anything in your web server logs?
> 
> We're hiring! http://bestpractical.com/jobs

--
Carlos Fuentes Bermejo 
Security Specialist - IRIS-CERT 
RedIRIS/Red.es
Tel: 91 212 76 20/25 Ext: 5583
www.rediris.es - http://www.rediris.es/cert
PGP key: http://www.rediris.es/keyserver





We're hiring! http://bestpractical.com/jobs

Re: [rt-users] rt-mailgate: undefined server error

2012-12-03 Thread Thomas Sibley 
On 12/03/2012 01:27 AM, Carlos Fuentes Bermejo wrote:
> Hiya folks,
> 
> Since a few days ago I'm having the following error:
> 
> rt-mailgate: connecting to
> http://xxx.xxx.xxx.xxx//REST/1.0/NoAuth/mail-gateway An Error
> Occurred =  500 read timeout
> /path/to/my/rt/bin/rt-mailgate: undefined server error
> 
> This is happening since I did migrate to RT 4.0.8, and not with all
> the incoming mail, just with mails which have attachments.
> 
> Any ideas??? I forgot something to configure???

The error implies that rt-mailgate times out while waiting for a
response from the RT server.  Is there anything in your web server logs?

We're hiring! http://bestpractical.com/jobs

[rt-users] rt-mailgate: undefined server error

2012-12-03 Thread Carlos Fuentes Bermejo 
Hiya folks,

Since a few days ago I'm having the following error:

rt-mailgate: connecting to http://xxx.xxx.xxx.xxx//REST/1.0/NoAuth/mail-gateway 
An Error Occurred =  500 read timeout  
/path/to/my/rt/bin/rt-mailgate: undefined server error

This is happening since I did migrate to RT 4.0.8, and not with all the 
incoming mail, just with mails which have attachments.

Any ideas??? I forgot something to configure???

Cheers,
Carlos
--
Carlos Fuentes Bermejo 
Security Specialist - IRIS-CERT 
RedIRIS/Red.es
Tel: 91 212 76 20/25 Ext: 5583
www.rediris.es - http://www.rediris.es/cert
PGP key: http://www.rediris.es/keyserver






signature.asc
Description: Message signed with OpenPGP using GPGMail

We're hiring! http://bestpractical.com/jobs

Re: [rt-users] rt-mailgate problem - certificate verify failure ?

2012-08-21 Thread Thomas Sibley 
On 08/21/2012 08:03 AM, Martin Drasar wrote:
> If you want to avoid this step then you have to have a valid certificate
> for testrt.rc.fas.harvard.edu signed by a certificate authority that is
> in the ca bundle you are passing to rt-mailgate.

Martin's referring to the --ca-file argument you can pass.

You can also simply make sure to put your CA root cert used for signing
into /etc/ssl/certs/ or your system's equivalent.

See `perldoc bin/rt-mailgate` for more info.

Re: [rt-users] rt-mailgate problem - certificate verify failure ?

2012-08-21 Thread Martin Drasar 
On 21.8.2012 16:16, Ethier, Michael wrote:
> Hi Martin,
> 
> Thanks for the suggestion but if I enable --no-ssl I will be creating a 
> security
> vulnerability no ?
> 
> Thanks,
> Mike

Hi,

that's for sure. This was a suggestion for a development machine (the
name testrt.rc.fas.harvard.edu suggest that it is).

If you want to avoid this step then you have to have a valid certificate
for testrt.rc.fas.harvard.edu signed by a certificate authority that is
in the ca bundle you are passing to rt-mailgate.

Martin

Re: [rt-users] rt-mailgate problem - certificate verify failure ?

2012-08-21 Thread Ethier, Michael 
Hi Martin,

Thanks for the suggestion but if I enable --no-ssl I will be creating a security
vulnerability no ?

Thanks,
Mike

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Martin Drasar
Sent: Tuesday, August 21, 2012 10:11 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] rt-mailgate problem - certificate verify failure ?

On 21.8.2012 15:59, Ethier, Michael wrote:
> Hello,
> 
>  
> 
> The rt-mailgate program acts differently between v 3.8.8 and v 4.0.6.
> The v 3.8.8 version works
> 
> fine using https, and even when I have v 4.0.6 running with the 
> /etc/aliases point to the v 3.8.8 version of rtmailgate, email
> 
> get sent to the queue. But the v 4.0.6 version fails with certificate 
> verify failed, output from mailq:
> 
>  
> 
> (temporary failure. Command output: An Error Occurred 
> =
> 500 Can't connect to testrt.rc.fas.harvard.edu:443 (certificate verify
> failed))
> 
>  r...@testrt.rc.fas.harvard.edu
> 
>  
> 
> Any ideas as to the verification of my RT/ssl setup,  on how to fix 
> this ? Apparently the RT 4.0.6 is less forgiving about the ssl setup and 
> config.
> 
> I ran RT configure with the --enable-ssl-mailgate option and installed 
> all perl modules required with "make fixdeps" in RT 4.0.6.
> 
>  
> 
> Thanks,
> 
> Mike
> 
>  
> 
> This is in /etc/aliases:
> 
> # rt3
> 
> rt: "|/opt/rt-3.8.8/bin/rt-mailgate --queue 'General' --action 
> correspond --url https://testrt.rc.fas.harvard.edu/";
> 
> rt-comment: "|/opt/rt-3.8.8/bin/rt-mailgate --queue 'General' --action 
> comment --url https://testrt.rc.fas.harvard.edu/";
> 
>  
> 
> # rt4
> 
> #rt: "|/opt/rt4/bin/rt-mailgate --queue 'General' --ca-file 
> /etc/pki/tls/certs/ca-bundle.crt --action correspond --url 
> https://testrt.rc.fas.harvard.edu/";
> 
> #rt-comment: "|/opt/rt4/bin/rt-mailgate --queue 'General' --ca-file 
> /etc/pki/tls/certs/ca-bundle.crt --action comment --url 
> https://testrt.rc.fas.harvard.edu/";
> 

Hi Mike,

add this option to your aliases if you want to bypass certificate
validation: --no-verify-ssl

So your rt entry in /etc/aliases would look like this:

#rt: "|/opt/rt4/bin/rt-mailgate --queue 'General' --ca-file 
/etc/pki/tls/certs/ca-bundle.crt --action correspond --url 
https://testrt.rc.fas.harvard.edu/ --no-verify-ssl"

Martin

Re: [rt-users] rt-mailgate problem - certificate verify failure ?

2012-08-21 Thread Martin Drasar 
On 21.8.2012 15:59, Ethier, Michael wrote:
> Hello,
> 
>  
> 
> The rt-mailgate program acts differently between v 3.8.8 and v 4.0.6.
> The v 3.8.8 version works
> 
> fine using https, and even when I have v 4.0.6 running with the
> /etc/aliases point to the v 3.8.8 version of rtmailgate, email
> 
> get sent to the queue. But the v 4.0.6 version fails with certificate
> verify failed, output from mailq:
> 
>  
> 
> (temporary failure. Command output: An Error Occurred = 
> 500 Can't connect to testrt.rc.fas.harvard.edu:443 (certificate verify
> failed))
> 
>  r...@testrt.rc.fas.harvard.edu
> 
>  
> 
> Any ideas as to the verification of my RT/ssl setup,  on how to fix this
> ? Apparently the RT 4.0.6 is less forgiving about the ssl setup and config.
> 
> I ran RT configure with the --enable-ssl-mailgate option and installed
> all perl modules required with “make fixdeps” in RT 4.0.6.
> 
>  
> 
> Thanks,
> 
> Mike
> 
>  
> 
> This is in /etc/aliases:
> 
> # rt3
> 
> rt: "|/opt/rt-3.8.8/bin/rt-mailgate --queue 'General' --action
> correspond --url https://testrt.rc.fas.harvard.edu/";
> 
> rt-comment: "|/opt/rt-3.8.8/bin/rt-mailgate --queue 'General' --action
> comment --url https://testrt.rc.fas.harvard.edu/";
> 
>  
> 
> # rt4
> 
> #rt: "|/opt/rt4/bin/rt-mailgate --queue 'General' --ca-file
> /etc/pki/tls/certs/ca-bundle.crt --action correspond --url
> https://testrt.rc.fas.harvard.edu/";
> 
> #rt-comment: "|/opt/rt4/bin/rt-mailgate --queue 'General' --ca-file
> /etc/pki/tls/certs/ca-bundle.crt --action comment --url
> https://testrt.rc.fas.harvard.edu/";
> 

Hi Mike,

add this option to your aliases if you want to bypass certificate
validation: --no-verify-ssl

So your rt entry in /etc/aliases would look like this:

#rt: "|/opt/rt4/bin/rt-mailgate --queue 'General' --ca-file
/etc/pki/tls/certs/ca-bundle.crt --action correspond --url
https://testrt.rc.fas.harvard.edu/ --no-verify-ssl"

Martin

[rt-users] rt-mailgate problem - certificate verify failure ?

2012-08-21 Thread Ethier, Michael 
Hello,

The rt-mailgate program acts differently between v 3.8.8 and v 4.0.6. The v 
3.8.8 version works
fine using https, and even when I have v 4.0.6 running with the /etc/aliases 
point to the v 3.8.8 version of rtmailgate, email
get sent to the queue. But the v 4.0.6 version fails with certificate verify 
failed, output from mailq:

(temporary failure. Command output: An Error Occurred =  500 
Can't connect to testrt.rc.fas.harvard.edu:443 (certificate verify failed))
 r...@testrt.rc.fas.harvard.edu

Any ideas as to the verification of my RT/ssl setup,  on how to fix this ? 
Apparently the RT 4.0.6 is less forgiving about the ssl setup and config.
I ran RT configure with the --enable-ssl-mailgate option and installed all perl 
modules required with "make fixdeps" in RT 4.0.6.

Thanks,
Mike

This is in /etc/aliases:
# rt3
rt: "|/opt/rt-3.8.8/bin/rt-mailgate --queue 'General' --action correspond --url 
https://testrt.rc.fas.harvard.edu/";
rt-comment: "|/opt/rt-3.8.8/bin/rt-mailgate --queue 'General' --action comment 
--url https://testrt.rc.fas.harvard.edu/";

# rt4
#rt: "|/opt/rt4/bin/rt-mailgate --queue 'General' --ca-file 
/etc/pki/tls/certs/ca-bundle.crt --action correspond --url 
https://testrt.rc.fas.harvard.edu/";
#rt-comment: "|/opt/rt4/bin/rt-mailgate --queue 'General' --ca-file 
/etc/pki/tls/certs/ca-bundle.crt --action comment --url 
https://testrt.rc.fas.harvard.edu/";

Re: [rt-users] rt-mailgate 302 Error. No, not Plack.

2012-03-15 Thread Tim Cutts 

On 15 Mar 2012, at 17:44, Jourdan Perla wrote:

> Using 3.8 since there are no RT4 packages for Ubuntu 10.4 LTS. Attempts to 
> manually install RT4 on Lucid would result in a whole 'nother ticket.

I'm running 4.0.5 on Lucid.  Wasn't really a problem; I just don't use the 
packaged version and let 'make fixdeps' do its thing.  As you say though, 
waiting for 12.04 to come out is probably sensible, since Dominic *has* 
packaged rt4 more recently.

At one point I went to the effort of using dh-make-perl to update perl module 
packages to versions that RT needed, but for my 4.0.5 deployment I just thought 
"sod it" and took the fixdeps route.

The really hard bit actually was getting SphinxSE to work with the 
lucid-supplied MySQL server. *that* was painful, and I think if I were doing it 
again, I wouldn't use the packaged MySQL server either.  Actually, if I were 
really starting again I wouldn't use MySQL at all.

It's the Siren of databases, seducing you in with its lovely songs and apparent 
ease of use, and then smashing you to pieces on the rocks. :-/

Tim

--
 The Wellcome Trust Sanger Institute is operated by Genome Research
 Limited, a charity registered in England with number 1021457 and a
 company registered in England with number 2742969, whose registered
 office is 215 Euston Road, London, NW1 2BE.

Re: [rt-users] rt-mailgate 302 Error. No, not Plack.

2012-03-15 Thread Jourdan Perla 
Using 3.8 since there are no RT4 packages for Ubuntu 10.4 LTS. Attempts to 
manually install RT4 on Lucid would result in a whole 'nother ticket. Plan was 
to run 3.8 for now, then migrate to 4 on 12 this winter once things had settled 
down here.

No https redirects going on. I am using CAS Authentication (via mod_auth_cas) 
for the main site.


Apache httpd.conf
LoadFile /usr/lib/libcurl.so
LoadModule auth_cas_module /usr/lib/apache2/modules/mod_auth_cas.so

CASLoginURL https://cas.myserver.com/cas/login
CASValidateURL https://cas.myserver.com/cas/serviceValidate
CASCertificatePath /etc/ssl/certs/my_cas_bundle.pem
CASCookiePath /var/cache/apache2/mod_auth_cas/
CASSSOEnabled On
CASValidateServer On
CASDebug Off



 
   AuthType CAS
   AuthName " CAS"
 
   Require valid-user


   AllowOverRide None
   Satisfy Any


   AllowOverRide None
   Allow from all
   Satisfy Any


   Order allow,deny
   Allow from all
   Satisfy Any


   Order allow,deny
   Allow from all
   Satisfy Any


Satisfy Any
Allow from all


-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kevin Falcone
Sent: Wednesday, March 14, 2012 4:49 PM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] rt-mailgate 302 Error. No, not Plack.

On Wed, Mar 14, 2012 at 09:43:47PM +, Jourdan Perla wrote:
> 
> An Error Occurred
> =
> 
> 302 Found
> 
> /usr/bin/rt-mailgate: undefined server error

This is Apache issuing a 302 before it gets to RT

> Grep all my logs for what happens at the same time and
> apache2/access.log:
> rt.myserver.com - - [14/Mar/2012:14:05:33 -0700] "POST 
> /rt/REST/1.0/NoAuth/mail-gateway HTTP/1.1" 302 715 "-" "libwww-perl/6.04"
> 
> I've got the following in my httpd.conf
> 
> 
>AllowOverRide None
>Satisfy Any
> 
> 
>AllowOverRide None
>Allow from all
>Satisfy Any
> 
> 
>Order allow,deny
>Allow from all
>Satisfy Any
> 
> 
>Order allow,deny
>Allow from all
>Satisfy Any
> 

What else do you have in apache.  Are you redirecting from http to https?  
Since you're using the debian packages, what else is going on there.  Also, 
this is where I feel compelled to ask why you're using
3.8 rather than 4.0 for a new install.

-kevin

Re: [rt-users] rt-mailgate 302 Error. No, not Plack.

2012-03-14 Thread Kevin Falcone 
On Wed, Mar 14, 2012 at 09:43:47PM +, Jourdan Perla wrote:
> 
> An Error Occurred
> =
> 
> 302 Found
> 
> /usr/bin/rt-mailgate: undefined server error

This is Apache issuing a 302 before it gets to RT

> Grep all my logs for what happens at the same time and
> apache2/access.log:
> rt.myserver.com - - [14/Mar/2012:14:05:33 -0700] "POST 
> /rt/REST/1.0/NoAuth/mail-gateway HTTP/1.1" 302 715 "-" "libwww-perl/6.04"
> 
> I've got the following in my httpd.conf
> 
> 
>AllowOverRide None
>Satisfy Any
> 
> 
>AllowOverRide None
>Allow from all
>Satisfy Any
> 
> 
>Order allow,deny
>Allow from all
>Satisfy Any
> 
> 
>Order allow,deny
>Allow from all
>Satisfy Any
> 

What else do you have in apache.  Are you redirecting from http to
https?  Since you're using the debian packages, what else is going on
there.  Also, this is where I feel compelled to ask why you're using
3.8 rather than 4.0 for a new install.

-kevin


pgp3svR3MHFCf.pgp
Description: PGP signature

Re: [rt-users] rt-mailgate 302 Error. No, not Plack.

2012-03-14 Thread Jourdan Perla 

> Please - keep list replies on the list.

Sorry, will do.

Thought I had this licked, but now as I build a *clean* production image, I'm 
running into the same error again..

$ cat mbox | /usr/bin/rt-mailgate --queue general --action correspond --url 
http://rt.myserver.com /rt -debug
/usr/bin/rt-mailgate: temp file is '/tmp/Dm_pceG62x'
/usr/bin/rt-mailgate: connecting to 
http://rt.myserver.com/rt/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=

302 Found

/usr/bin/rt-mailgate: undefined server error

Grep all my logs for what happens at the same time and
apache2/access.log:
rt.myserver.com - - [14/Mar/2012:14:05:33 -0700] "POST 
/rt/REST/1.0/NoAuth/mail-gateway HTTP/1.1" 302 715 "-" "libwww-perl/6.04"
mail.info:
Mar 14 14:05:33 RT-PROD-SVR postfix/qmgr[4393]: 17286120B94: 
from=, size=7604, nrcpt=1 (queue active)
mail.info:
Mar 14 14:05:33 RT-PROD-SVR postfix/local[29538]: 88DCB1207CF: 
to=http://rt.myserver.com/REST/1.0/NoAuth/mail-gateway An Error 
Occurred =  302 Found  /usr/bin/rt-mailgate: undefined server 
error )

rt3.log shows nothing but:
[Wed Mar 14 15:56:08 2012] [error]: gpg: error reading key: secret key not 
available (/usr/share/request-tracker3.8/lib/RT/Crypt/GnuPG.pm:2078)
Which is from earlier.

/etc/aliases:
# See man 5 aliases for format
postmaster:myroot
help:  "|/usr/bin/rt-mailgate --queue general --action correspond --url 
http://rt.myserver.com/rt -debug"
comment: "|/usr/bin/rt-mailgate --queue general --action comment --url 
http://rt.myserver.com/rt -debug"


I've got the following in my httpd.conf


   AllowOverRide None
   Satisfy Any


   AllowOverRide None
   Allow from all
   Satisfy Any


   Order allow,deny
   Allow from all
   Satisfy Any


   Order allow,deny
   Allow from all
   Satisfy Any


Logging options in RT_SiteConfig.d
## Logging Options
# From lowest to highest priority, the levels are:
#  debug info notice warning error critical alert emergency
Set($LogToSyslog, 'info');
Set($LogToScreen, 'warning');
# log to /var/log/rt3.log
Set($LogToFile, 'debug');
Set($LogDir, '/var/log');
Set($LogToFileNamed , "rt3.log");


On Fri, Feb 24, 2012 at 10:24:52PM +, Jourdan Perla wrote:
> Fixed it. I was missing an Auth exclusion for the /REST/1.0/NoAuth 
> directory
> 
> As for the RT logs, can't find them. And can't find out where they're 
> configured.

Search in RT_Config.pm for the various Log config options and check their 
documentation.  Then see what you have in your RT_SiteConfig.pm

-kevin

> 
> On 2/24/12 2:15 PM, "Kevin Falcone"  wrote:
> 
> >On Fri, Feb 24, 2012 at 08:54:00PM +, Jourdan Perla wrote:
> >>Install of RT3.8 on Ubuntu 10.4 LTS.
> >>I'm getting that pesky "302 Found" error as I'm trying to push 
> >>mail into my queues using
> >>rt-mailqueue.
> >>I've done the usual Googling and wiki hunts, and I've run out of 
> >>options.
> >>- Aliases are working fine, it's a rt-mailgate error.
> >>- Plack is up to date (0.9985).
> >>- There's no extra '/'. It's finding rt-mailgate fine.
> >>- Not configured for SSL. That's on my to-do list, and if I need 
> >>to bump that up, I will.
> >>Command : /usr/bin/rt-mailgate --queue myqueue --action 
> >>correspond --url
> >>http://myserver.com/rt -debug < test.msg
> >>Output:
> >>/usr/bin/rt-mailgate: temp file is '/tmp/TykSIIvN17'
> >>/usr/bin/rt-mailgate: connecting to 
> >>http://myserver.com/rt/REST/1.0/NoAuth/mail-gateway
> >>An Error Occurred
> >>=
> >>302 Found
> >>/usr/bin/rt-mailgate: undefined server error
> >>Thoughts?
> >
> >What's in the RT logs.
> >
> >What's your test.msg.
> >
> >Also, Plack is only used in RT4
> >
> >-kevin
> >
> >RT Training Sessions 
> >(http://bestpractical.com/services/training.html)
> >* Boston — March 5 & 6, 2012
>

Re: [rt-users] rt-mailgate 302 Error. No, not Plack.

2012-03-02 Thread Kevin Falcone 
Please - keep list replies on the list.

On Fri, Feb 24, 2012 at 10:24:52PM +, Jourdan Perla wrote:
> Fixed it. I was missing an Auth exclusion for the /REST/1.0/NoAuth
> directory 
> 
> As for the RT logs, can't find them. And can't find out where they're
> configured.

Search in RT_Config.pm for the various Log config options and check
their documentation.  Then see what you have in your RT_SiteConfig.pm

-kevin

> 
> On 2/24/12 2:15 PM, "Kevin Falcone"  wrote:
> 
> >On Fri, Feb 24, 2012 at 08:54:00PM +, Jourdan Perla wrote:
> >>Install of RT3.8 on Ubuntu 10.4 LTS.
> >>I'm getting that pesky "302 Found" error as I'm trying to push mail
> >>into my queues using
> >>rt-mailqueue.
> >>I've done the usual Googling and wiki hunts, and I've run out of
> >>options.
> >>- Aliases are working fine, it's a rt-mailgate error.
> >>- Plack is up to date (0.9985).
> >>- There's no extra '/'. It's finding rt-mailgate fine.
> >>- Not configured for SSL. That's on my to-do list, and if I need to
> >>bump that up, I will.
> >>Command : /usr/bin/rt-mailgate --queue myqueue --action correspond
> >>--url
> >>http://myserver.com/rt -debug < test.msg
> >>Output:
> >>/usr/bin/rt-mailgate: temp file is '/tmp/TykSIIvN17'
> >>/usr/bin/rt-mailgate: connecting to
> >>http://myserver.com/rt/REST/1.0/NoAuth/mail-gateway
> >>An Error Occurred
> >>=
> >>302 Found
> >>/usr/bin/rt-mailgate: undefined server error
> >>Thoughts?
> >
> >What's in the RT logs.
> >
> >What's your test.msg.
> >
> >Also, Plack is only used in RT4
> >
> >-kevin
> >
> >RT Training Sessions (http://bestpractical.com/services/training.html)
> >* Boston — March 5 & 6, 2012
> 


pgp6lmZa2VEc3.pgp
Description: PGP signature

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

Re: [rt-users] rt-mailgate 302 Error. No, not Plack.

2012-02-24 Thread Kevin Falcone 
On Fri, Feb 24, 2012 at 08:54:00PM +, Jourdan Perla wrote:
>Install of RT3.8 on Ubuntu 10.4 LTS.
>I'm getting that pesky "302 Found" error as I'm trying to push mail into 
> my queues using
>rt-mailqueue.
>I've done the usual Googling and wiki hunts, and I've run out of options.
>- Aliases are working fine, it's a rt-mailgate error.
>- Plack is up to date (0.9985).
>- There's no extra '/'. It's finding rt-mailgate fine.
>- Not configured for SSL. That's on my to-do list, and if I need to bump 
> that up, I will.
>Command : /usr/bin/rt-mailgate --queue myqueue --action correspond --url
>http://myserver.com/rt -debug < test.msg
>Output:
>/usr/bin/rt-mailgate: temp file is '/tmp/TykSIIvN17'
>/usr/bin/rt-mailgate: connecting to 
> http://myserver.com/rt/REST/1.0/NoAuth/mail-gateway
>An Error Occurred
>=
>302 Found
>/usr/bin/rt-mailgate: undefined server error
>Thoughts?

What's in the RT logs.

What's your test.msg.

Also, Plack is only used in RT4

-kevin


pgpSqpmOCG7a2.pgp
Description: PGP signature

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

[rt-users] rt-mailgate 302 Error. No, not Plack.

2012-02-24 Thread Jourdan Perla 
Install of RT3.8 on Ubuntu 10.4 LTS.

I'm getting that pesky "302 Found" error as I'm trying to push mail into my 
queues using rt-mailqueue.

I've done the usual Googling and wiki hunts, and I've run out of options.
- Aliases are working fine, it's a rt-mailgate error.
- Plack is up to date (0.9985).
- There's no extra '/'. It's finding rt-mailgate fine.
- Not configured for SSL. That's on my to-do list, and if I need to bump that 
up, I will.

Command : /usr/bin/rt-mailgate --queue myqueue --action correspond --url 
http://myserver.com/rt -debug < test.msg
Output:
/usr/bin/rt-mailgate: temp file is '/tmp/TykSIIvN17'
/usr/bin/rt-mailgate: connecting to 
http://myserver.com/rt/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=

302 Found

/usr/bin/rt-mailgate: undefined server error

Thoughts?

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-26 Thread jim . h . berry 
Hi

We let Apache authenticate under SSL but had problems with rt-mailgate. 
Our work around was to configure httpd.conf as below so that rt-mailgate 
could operate under port 80. No doubt there are better ways, but this is 
working for us.

### Force SSL for RT except the NoAuth and REST directories


   Order allow,deny
   Allow from all
   Satisfy Any
 
 
   Order allow,deny
   Allow from all
   Satisfy Any
 


  SSLRequireSSL
  AuthType [...]
   Require valid-user


-- 
Jim Berry
RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-24 Thread Robert Nesius 
On Mon, Jan 23, 2012 at 2:38 PM, Allen wrote:

> Landon wrote:
>
>> We simply use mod_rewrite to redirect everyone *except* the server itself
>> to https.  This way when rt-mailgate calls http://rt.ourdomain/com it is
>> not forced to use https while everyone else is.
>>
>
Landon - thank you for sharing those config lines.  I had debated exactly
that approach but had not dug into the mod-rewrite docs far enough to get
that line on my own.  Though - as I look at it - pretty simple regular
expression. :)   Thanks again!

Thanks. That is an easy, maintainable solution until the next version of
>> rt-mailgate that will let us specify the cert path, or until OpenSSL 1.x
>> gets it's act together with LWP.
>>
>
> But doesn't work for me. I solved some kind of mod-perl/apache
> redeclaration or some such problem (either spamming the logs or making
> apache not start -- cant remember which) that I solved by removing all RT
> apache configuration under regular http and just having the redirect to
> SSL. The SSL virtualhost container has the RT configs in it.
>

One other thought crossed my mind reading your earlier comments about
getting the environment variable into LWP::UserAgent via fetchmail configs.
 I think "export VAR=VALUE" is bash-specific syntax.  If the fetchmailrc
file is being read by /bin/sh, or bash running in /bin/sh compatibility
mode, that syntax could cause a problem.You might try this:  "VAR=VALUE
/opt/rt4/bin/rt-mailgate ... ".   That syntax works for me via my aliases
file and is what I use in crontabs too.  I did see you use that syntax with
the env command - I've never tried that before myself but I've never needed
it either.

-Rob

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-23 Thread Allen 
> We simply use mod_rewrite to redirect everyone *except* the server itself
> to https.  This way when rt-mailgate calls http://rt.ourdomain/com it is
> not forced to use https while everyone else is.
>
>
Thanks. That is an easy, maintainable solution until the next version of
rt-mailgate that will let us specify the cert path, or until OpenSSL 1.x
gets it's act together with LWP.

But doesn't work for me. I solved some kind of mod-perl/apache
redeclaration or some such problem (either spamming the logs or making
apache not start -- cant remember which) that I solved by removing all RT
apache configuration under regular http and just having the redirect to
SSL. The SSL virtualhost container has the RT configs in it.

A

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-23 Thread Landon Stewart 
On 9 January 2012 10:34, Robert Nesius  wrote:

> I made a recently change to how my apache2 server was configured to
> redirect all requests through https.  Now emails are not flowing through to
> RT - I tracked the issue down to rt-mailgate complaining about not being
> able to verify the certificate.  I'm a little perplexed on how to proceed
> or how to verify what certs/CAs rt-mailgate is using, or if there is an
> issue with the Crypt::SSLeay module (which I had to force install due to a
> failing test).   I only have one openssl install on the system, and I
> thought Crypt::SSLeay would reach through to those configs for things like
> CA certs, etc...
>
> Perhaps an easy workaround, since the mail server and apache2 server are
> on the same machine, would be to configure a "localhost:80" virtual host
> within apache2 and bypass SSL when accessing RT via that url.
>
> Any helpful hints/suggestions would be greatly appreciated.   I've been
> google-ing away but haven't had any luck yet.
>
>
We simply use mod_rewrite to redirect everyone *except* the server itself
to https.  This way when rt-mailgate calls http://rt.ourdomain/com it is
not forced to use https while everyone else is.

# Redirect everyone except the rt-mailgate and RT utilities to https
   RewriteEngine On
   RewriteCond %{REMOTE_ADDR} !^10\.10\.227\.209$
   RewriteRule ^/(.*)$ https://rt.ourdomain.com/$1 [R=301,L]

The 10.10.227.209 is the IP address of the server according to ifconfig
eth0 in this case.

-- 
Landon Stewart 
Manager of Systems and Engineering
Superb Internet Corp - 888-354-6128 x 4199
Web hosting and more "Ahead of the Rest": http://www.superbhosting.net

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-23 Thread Allen 
I tried several things to get the cert path into the environment for LWP,
none worked:

1. Adding this to /etc/fetchmailrc

   mda "env PERL_LWP_SSL_CA_PATH=/etc/ssl/certs /usr/bin/rt-mailgate-4 ...

does NOT work to get the right cert to LWP through the environment:

root@web0:/etc# service fetchmail start
* Starting mail retriever agent:
  fetchmail:
starting fetchmail 6.3.19 daemon

  [ OK ]
root@web0:/etc# fetchmail: 1 message for [email address] at
[imapmailserver] (folder Support).
An Error Occurred
=

500 Can't connect to [RT webserver]:443
(certificate verify failed)


2. Adding this to fetchmailrc does not work either:

mda "export PERL_LWP_SSL_CA_PATH=/etc/ssl/certs; /usr/bin/rt-mailgate-4
...


3. Adding this to /etc/default/fetchmail on Ubuntu where fetchmail runs
from an init script as a daemin does not work either:

export PERL_LWP_SSL_CA_PATH=/etc/ssl/certs


I am stuck with having to edit the rt-mailgate-4 on line 151 file like this:

#my $ua   = LWP::UserAgent->new();
my $ua   = LWP::UserAgent->new(ssl_opts => {SSL_ca_file =>
'/etc/ssl/certs/7d3cd826.0'});

which I dont like because I will forget about it during upgrade.

A



On Mon, Jan 23, 2012 at 11:06 AM, Thomas Sibley 
wrote:
> On 01/20/2012 02:38 PM, Robert Nesius wrote:
>> I figured out a work around for this issue.  I was suspicious that
>> LWP::UserAgent could not reach the cert for the CA that signed the cert
>> being presented by the web server.  I learned there are some environment
>> variables that I can leverage to influence where LWP::UserAgent looks
>> even though it's being invoked down inside a program I don't want to
>> touch.   Adding my /etc/ssl/certs directory to the list of directories
>> examined for certs solved the problem.
>
> For what it's worth, the next release of RT will include a --ca-file
> option you can use to specify the specific cert.  It's equivalent to
> setting PERL_LWP_SSL_CA_FILE.
>
>> *root@linux:/opt/rt4/bin# *export PERL_LWP_SSL_CA_PATH=/etc/ssl/certs
>
> If you'd like to submit a simple patch to rt-mailgate that also adds
> support for --ca-path, I'm sure we'd apply it.
>
> I do wonder why the OpenSSL library underlying the Perl library isn't
> finding your cert in /etc/ssl/certs like I'd expect it to.
>
> Thomas
> 
> RT Training Sessions (http://bestpractical.com/services/training.html)
> * Boston  March 5 & 6, 2012

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-23 Thread Thomas Sibley 
On 01/20/2012 02:38 PM, Robert Nesius wrote:
> I figured out a work around for this issue.  I was suspicious that
> LWP::UserAgent could not reach the cert for the CA that signed the cert
> being presented by the web server.  I learned there are some environment
> variables that I can leverage to influence where LWP::UserAgent looks
> even though it's being invoked down inside a program I don't want to
> touch.   Adding my /etc/ssl/certs directory to the list of directories
> examined for certs solved the problem.  

For what it's worth, the next release of RT will include a --ca-file
option you can use to specify the specific cert.  It's equivalent to
setting PERL_LWP_SSL_CA_FILE.

> *root@linux:/opt/rt4/bin# *export PERL_LWP_SSL_CA_PATH=/etc/ssl/certs

If you'd like to submit a simple patch to rt-mailgate that also adds
support for --ca-path, I'm sure we'd apply it.

I do wonder why the OpenSSL library underlying the Perl library isn't
finding your cert in /etc/ssl/certs like I'd expect it to.

Thomas

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-20 Thread Robert Nesius 
I figured out a work around for this issue.  I was suspicious that
LWP::UserAgent could not reach the cert for the CA that signed the cert
being presented by the web server.  I learned there are some environment
variables that I can leverage to influence where LWP::UserAgent looks even
though it's being invoked down inside a program I don't want to touch.
Adding my /etc/ssl/certs directory to the list of directories examined for
certs solved the problem.

*root@linux:/opt/rt4/bin# *./rt-mailgate --debug --action=correspond
--queue=ToDo --url=https://request.domain.com < ~/test.msg
./rt-mailgate: temp file is '/tmp/MqO8Gyi3SW/ILtfyOuDPb'
./rt-mailgate: connecting to
https://request.domain.com/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=

500 Can't connect to
request.domain.com:443 (certificate
verify failed)

./rt-mailgate: undefined server error

*root@linux:/opt/rt4/bin# *export PERL_LWP_SSL_CA_PATH=/etc/ssl/certs

*root@linux:/opt/rt4/bin#* ./rt-mailgate --debug --action=correspond
--queue=ToDo --url=https://request.domain.com < ~/test.msg
./rt-mailgate: temp file is '/tmp/rn88yVfFtr/IVe9YYO9IY'
./rt-mailgate: connecting to
https://request.domain.com/REST/1.0/NoAuth/mail-gateway
okTicket: 7698Queue: ToDoOwner: ran1Status: newSubject: testRequestor:
robert.nes...@domani.com

Inspiration for the fix:
http://colinnewell.wordpress.com/2011/03/11/ssl-host-checking-and-lwpuseragent/

Ultimately I suppose I can wrap rt-mailgate with a script that sets the
environment variable and exec's rt-mailgate, or I could perhaps embed
setting the environment variable along with the invocation of rt-mailgate
in the aliases file.  I'll figure something out.

-Rob

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-12 Thread Allen 
pc  request-tracker3.6   3.6.7-5+lenny6 Extensible trouble-ticket
tracking system
pc  rt3.6-db-postgresql  3.6.7-5+lenny6 PostgreSQL database backend
for request-trac

"p" in first column means already marked for purging.
"c" in second column means configuration files from those are still present

try: dpkg --purge



> rt3.6-db-postgresql but it failed ...?
> www:/etc/ssl/certs# apt-get  remove  rt3.6-db-postgresql
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> Package rt3.6-db-postgresql is not installed, so not removed
> 0 upgraded, 0 newly installed, 0 to remove and 48 not upgraded.
>
> www:/etc/ssl/certs# apt-get  remove  request-tracker3.6
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> Package request-tracker3.6 is not installed, so not removed
> 0 upgraded, 0 newly installed, 0 to remove and 48 not upgraded.
>
>
> --Mark
>

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-12 Thread Mark Story 

I have rt4 installed manually in /opt/rt4 but when I ran dpkg I got:

www:/etc/ssl/certs# dpkg --list | grep reques
ii  libapache2-mod-apreq22.08-5+b1  generic
Apache request library - Apache modu
ii  libapache2-request-perl  2.08-5+b1  generic
Apache request library - Perl module
ii  libapreq22.08-5+b1  generic
Apache request library
pc  request-tracker3.6   3.6.7-5+lenny6
Extensible trouble-ticket tracking system
pc  rt3.6-db-postgresql  3.6.7-5+lenny6
PostgreSQL database backend for request-trac

Is that a potential issue?  I tried removing request-tracker3.6 &
rt3.6-db-postgresql but it failed ...?
www:/etc/ssl/certs# apt-get  remove  rt3.6-db-postgresql
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package rt3.6-db-postgresql is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 48 not upgraded.

www:/etc/ssl/certs# apt-get  remove  request-tracker3.6
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package request-tracker3.6 is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 48 not upgraded.


--Mark

> This is on Ubuntu 11.10 Oneiric running reqest-tracker4 pinned with
> apt preferences to "Precise" packages for version 4.0.4-1:
> 
> root@web0:/etc/logrotate.d# dpkg --list | grep reques
> ii  request-tracker44.0.4-1
> extensible trouble-ticket tracking system
> ii  rt4-apache2 4.0.4-1
> Apache 2 specific files for request-tracker4
> ii  rt4-clients 4.0.4-1
> mail gateway and command-line interface to request-tracker4
> ii  rt4-db-sqlite   4.0.4-1
> SQLite database backend for request-tracker4




RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-12 Thread Mark Story 

> Make sure you have Crypt::SSLeay, Net::SSL, LWP::UserAgent,
> LWP::Protocol::https, and Mozilla::CA installed.

We didn't have Mozilla::CA  & Crypt::SSLeay installed, but still didn't
help:

rt> ls -t 59
Query:Status!='resolved' and Status!='rejected'
rt: Server error: Can't connect to rt.myhost.com:443 (certificate verify
failed) (500)



--Mark



> 
> Thomas
> 
> RT Training Sessions (http://bestpractical.com/services/training.html)
> * Boston  March 5 & 6, 2012


RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-12 Thread Mark Story 
Hello,

I verified my certificates, openssl says they're OK.


--Mark

> Sorry, left out the -CApath flag, and this is just for illustration:
> 
> root@xxx:/var/www/servers# openssl verify -CApath /etc/ssl/certs/ 
> /usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt 
> /usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt: OK

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-11 Thread Allen 
On Wed, Jan 11, 2012 at 11:22 AM, Izz Abdullah  wrote:
> root@xxx:/var/www/servers# openssl verify -CApath /etc/ssl/certs/ 
> /usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt
> /usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt: OK


Yes, that is the same output I get when running the command.

The problem is that only rt-mailgate is having a problem figuring out
how to validate the SSL certificate that RT instance is using. All
browser clients validate it fine.

This thread from October 2011
http://www.gossamer-threads.com/lists/rt/users/106073 talks about
editting rt-mailgate to specifically name a root ca as an ssl_option
argument, but I really don't want to mess with the RT distribution and
feel I shouldn;t have to because it worked fine with the old wildcard
SSL cert, and browsers were able to figure out the new SSL cert
without trouble as well.

A

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-11 Thread Allen 
On Tue, Jan 10, 2012 at 1:05 PM, Robert Nesius  wrote:
> 500 Can't connect to
> request.domain.com:443 (certificate
> verify failed)
>
> /opt/rt4/bin/rt-mailgate: undefined server error

Yes, I got the same problem Monday after installing an "Extended
Validation" SSL certificate on the same Apache2 server as RT. RT is
accessible only over SSL using a wildcard cert, and some other
virtualhosts use the same wildcard cert. All the virtualhosts, RT
included, have the same IP address, which means the client needs to
understand TLS in order to get Apache to present to correct
certificate for the correct hostname.

When all the Virtualhosts used the same wildcard SSL cert, mailgate
worked fine. As soon as one of the Virtualhosts used a different cert,
mailgate fails with the above error to connect to RT to stuff the
message in.

This is on Ubuntu 11.10 Oneiric running reqest-tracker4 pinned with
apt preferences to "Precise" packages for version 4.0.4-1:

root@web0:/etc/logrotate.d# dpkg --list | grep reques
ii  request-tracker4                    4.0.4-1
        extensible trouble-ticket tracking system
ii  rt4-apache2                         4.0.4-1
        Apache 2 specific files for request-tracker4
ii  rt4-clients                         4.0.4-1
        mail gateway and command-line interface to request-tracker4
ii  rt4-db-sqlite                       4.0.4-1
        SQLite database backend for request-tracker4

I think something is wrong in the rt-mailgate-4 script that doesn't
understand TLS or when something happens and it gets a certificate
whose hostname does not match with the host that it is connecting to.

A

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-11 Thread Thomas Sibley 
On 01/11/2012 02:04 PM, Mark Story wrote:
> I've had the same issues and am only now getting around to figuring it
> out.  Everything works fine in browser, but not thru rt-mailgate.
> Every other service that uses the SSL keys are working; puzzled.

We have a branch (not yet merged) that improves the doc for using
rt-mailgate with SSL:
https://github.com/bestpractical/rt/compare/4.0-trunk...4.0%2fmailgate-ssl-deps

Make sure you have Crypt::SSLeay, Net::SSL, LWP::UserAgent,
LWP::Protocol::https, and Mozilla::CA installed.

Thomas

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-11 Thread Izz Abdullah 
Sorry, left out the -CApath flag, and this is just for illustration:

root@xxx:/var/www/servers# openssl verify -CApath /etc/ssl/certs/ 
/usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt 
/usr/share/ca-certificates/mozilla/DST_ACES_CA_X6.crt: OK

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Izz Abdullah
Sent: Wednesday, January 11, 2012 1:14 PM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] rt-mailgate

Have you guys checked to ensure the linux box itself, I presume it is linux, 
acknowledges the validity of the certificate?  (usually something like:
# openssl verify /etc/ssl/certs/ 

Just a quick openssl thought.

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Mark Story
Sent: Wednesday, January 11, 2012 1:04 PM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] rt-mailgate

Hello,

I've had the same issues and am only now getting around to figuring it out.  
Everything works fine in browser, but not thru rt-mailgate.
Every other service that uses the SSL keys are working; puzzled.

If I find something worthy of note, I'll post it.


--Mark

> Thanks for the suggestions guys.  
> 
> I finally just turned off my re-write rule that was re-directing http 
> to https and side-stepped the rt-mailgate ssl failure all together.
> Not ideal, but in practice very few of my users log into RT directly 
> so it's a configuration I can live with short term while I figure out 
> the real issue.
> 
> I've configured postfix to hand messages to the aliases for my queues 
> directly to rt-mailgate.  It is rt-mailgate that cannot verify the ssl 
> certificate that my web server is presenting it.  None of my web 
> browsers have trouble with it, so it feels like an rt-mailgate 
> configuration issue.  I can repro the issue on the command line
> 

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-11 Thread Izz Abdullah 
Have you guys checked to ensure the linux box itself, I presume it is linux, 
acknowledges the validity of the certificate?  (usually something like:
# openssl verify /etc/ssl/certs/ 

Just a quick openssl thought.

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Mark Story
Sent: Wednesday, January 11, 2012 1:04 PM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] rt-mailgate

Hello,

I've had the same issues and am only now getting around to figuring it out.  
Everything works fine in browser, but not thru rt-mailgate.
Every other service that uses the SSL keys are working; puzzled.

If I find something worthy of note, I'll post it.


--Mark

> Thanks for the suggestions guys.  
> 
> I finally just turned off my re-write rule that was re-directing http 
> to https and side-stepped the rt-mailgate ssl failure all together.  
> Not ideal, but in practice very few of my users log into RT directly 
> so it's a configuration I can live with short term while I figure out 
> the real issue.
> 
> I've configured postfix to hand messages to the aliases for my queues 
> directly to rt-mailgate.  It is rt-mailgate that cannot verify the ssl 
> certificate that my web server is presenting it.  None of my web 
> browsers have trouble with it, so it feels like an rt-mailgate 
> configuration issue.  I can repro the issue on the command line
> 

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-11 Thread Mark Story 
Hello,

I've had the same issues and am only now getting around to figuring it
out.  Everything works fine in browser, but not thru rt-mailgate.
Every other service that uses the SSL keys are working; puzzled.

If I find something worthy of note, I'll post it.


--Mark

> Thanks for the suggestions guys.  
> 
> I finally just turned off my re-write rule that was re-directing http to
> https and side-stepped the rt-mailgate ssl failure all together.  Not
> ideal, but in practice very few of my users log into RT directly so it's
> a configuration I can live with short term while I figure out the real
> issue.  
> 
> I've configured postfix to hand messages to the aliases for my queues
> directly to rt-mailgate.  It is rt-mailgate that cannot verify the ssl
> certificate that my web server is presenting it.  None of my web
> browsers have trouble with it, so it feels like an rt-mailgate
> configuration issue.  I can repro the issue on the command line 
> 

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-10 Thread Robert Nesius 
Thanks for the suggestions guys.

I finally just turned off my re-write rule that was re-directing http to
https and side-stepped the rt-mailgate ssl failure all together.  Not
ideal, but in practice very few of my users log into RT directly so it's a
configuration I can live with short term while I figure out the real issue.


I've configured postfix to hand messages to the aliases for my queues
directly to rt-mailgate.  It is rt-mailgate that cannot verify the ssl
certificate that my web server is presenting it.  None of my web browsers
have trouble with it, so it feels like an rt-mailgate configuration issue.
I can repro the issue on the command line

root@linux:~# /opt/rt4/bin/rt-mailgate --debug --queue 'general' --action
correspond --url https://request.domain.com/ < ~/test.msg
/opt/rt4/bin/rt-mailgate: temp file is '/tmp/XOCrOYAr8p/vkVDTmoszI'
/opt/rt4/bin/rt-mailgate: connecting to
https://request.domain.com//REST/1.0/NoAuth/mail-gateway
An Error Occurred
=

500 Can't connect to
request.domain.com:443 (certificate
verify failed)

/opt/rt4/bin/rt-mailgate: undefined server error

-Rob


On Mon, Jan 9, 2012 at 4:08 PM, Izz Abdullah wrote:

> And if that doesn't work, since I have a certificate with a domain name
> (although signed by our internal CA which all of our PCs trust), I had to
> put in below where Mauricio put in https://localhost, I actually needed
> to use my dns name in which the certificate is assigned (e.g. https://MyRT
> )
>
> My $0.02 worth as well. :)
>
> -Original Message-
> From: rt-users-boun...@lists.bestpractical.com [mailto:
> rt-users-boun...@lists.bestpractical.com] On Behalf Of Mauricio Tavares
> Sent: Monday, January 09, 2012 4:02 PM
> To: rt-users@lists.bestpractical.com
> Subject: Re: [rt-users] rt-mailgate
>
> On Mon, Jan 9, 2012 at 1:34 PM, Robert Nesius  wrote:
> > I made a recently change to how my apache2 server was configured to
> > redirect all requests through https.  Now emails are not flowing
> > through to RT - I tracked the issue down to rt-mailgate complaining
> > about not being able to verify the certificate.  I'm a little
> > perplexed on how to proceed or how to verify what certs/CAs
> > rt-mailgate is using, or if there is an issue with the Crypt::SSLeay
> module (which I had to force install due to a failing test).
> > I only have one openssl install on the system, and I thought
> > Crypt::SSLeay would reach through to those configs for things like CA
> certs, etc...
> >
> > Perhaps an easy workaround, since the mail server and apache2 server
> > are on the same machine, would be to configure a "localhost:80"
> > virtual host within
> > apache2 and bypass SSL when accessing RT via that url.
> >
> > Any helpful hints/suggestions would be greatly appreciated.   I've
> > been google-ing away but haven't had any luck yet.
> >
>  AFAIK, rt-mailgate connects to RT using RT's web interface; it should
> use whatever cert you have defined in the virtual host entry for RT. Here
> is how my fetchmailrc calls rt-mailgate:
>
> mda "/usr/bin/perl /usr/bin/rt-mailgate --url https://localhost/rt \
> --queue support --action correspond"
>
> > -Rob
> >
> > 
> > RT Training Sessions (http://bestpractical.com/services/training.html)
> > * Boston - March 5 & 6, 2012
> 
> RT Training Sessions (http://bestpractical.com/services/training.html)
> * Boston  March 5 & 6, 2012
> 
> RT Training Sessions (http://bestpractical.com/services/training.html)
> * Boston  March 5 & 6, 2012
>

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 & 6, 2012

Re: [rt-users] rt-mailgate

2012-01-09 Thread Izz Abdullah 
And if that doesn't work, since I have a certificate with a domain name 
(although signed by our internal CA which all of our PCs trust), I had to put 
in below where Mauricio put in https://localhost, I actually needed to use my 
dns name in which the certificate is assigned (e.g. https://MyRT)

My $0.02 worth as well. :)

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Mauricio Tavares
Sent: Monday, January 09, 2012 4:02 PM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] rt-mailgate

On Mon, Jan 9, 2012 at 1:34 PM, Robert Nesius  wrote:
> I made a recently change to how my apache2 server was configured to 
> redirect all requests through https.  Now emails are not flowing 
> through to RT - I tracked the issue down to rt-mailgate complaining 
> about not being able to verify the certificate.  I'm a little 
> perplexed on how to proceed or how to verify what certs/CAs 
> rt-mailgate is using, or if there is an issue with the Crypt::SSLeay module 
> (which I had to force install due to a failing test).
> I only have one openssl install on the system, and I thought 
> Crypt::SSLeay would reach through to those configs for things like CA certs, 
> etc...
>
> Perhaps an easy workaround, since the mail server and apache2 server 
> are on the same machine, would be to configure a "localhost:80" 
> virtual host within
> apache2 and bypass SSL when accessing RT via that url.
>
> Any helpful hints/suggestions would be greatly appreciated.   I've 
> been google-ing away but haven't had any luck yet.
>
  AFAIK, rt-mailgate connects to RT using RT's web interface; it should use 
whatever cert you have defined in the virtual host entry for RT. Here is how my 
fetchmailrc calls rt-mailgate:

mda "/usr/bin/perl /usr/bin/rt-mailgate --url https://localhost/rt \ --queue 
support --action correspond"

> -Rob
>
> 
> RT Training Sessions (http://bestpractical.com/services/training.html)
> * Boston - March 5 & 6, 2012

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston  March 5 & 6, 2012

  1   2   3   >