Comments (7)
r-raymond
commented on August 17, 2024
This is indeed a problem with rspamd on nixos. It seems though as it does not jeopardize the functionality of it. rspamd website suggests hosting a DNS resolver, maybe that would solve the problem?
Btw, what rspamd version do you run? (I.e. are you on stable or unstable)
from nixos-mailserver.
erosennin
commented on August 17, 2024
Running a local DNS resolver fixed the problem for me:
services.kresd.enable = true;
networking.nameservers = [ "127.0.0.1" ];
from nixos-mailserver.
r-raymond
commented on August 17, 2024
Thanks for verifying this. I'll add this to the next version!
from nixos-mailserver.
phdoerfler
commented on August 17, 2024
@r-raymond I am on 17.09-small so yes: stable.
from nixos-mailserver.
phdoerfler
commented on August 17, 2024
I was writing a PR for this, adding the solution by @erosennin but when I put both lines in my configuration, the name resolution broke:
kresd failed to start because of this:
fetch of "https://data.iana.org/root-anchors/root-anchors.xml" failed: host or service not provided, or not known
I then removed this line:
networking.nameservers = [ "127.0.0.1" ];
after which kresd was able to start. Then I added the line back into my config and this time it worked.
I am afraid NixOS applies the networking.nameservers before kresd has performed its initial setup therefore switing to a name resolution service which can't work. Then in turn the entire system is unable to perform any name resolution. How do we solve this?
We could use networking.networkmanager.insertNameservers to prepend the list of nameservers with our own. If I understand this correctly NixOS then falls back to the nameservers set via DHCP if kresd fails. Thoughts? Edit: Nevermind that. This (of course) only affects networkmanager and I don't think we want to use that.
from nixos-mailserver.
erosennin
commented on August 17, 2024
@phdoerfler this is fixed in master, kresd now uses DNSSEC root trust anchors from nixpkgs. The fix is already in the nixos-unstable-small channel (but not in nixos-unstable yet).
from nixos-mailserver.
phdoerfler
commented on August 17, 2024
@erosennin Interesting! Also I use insertNameservers and I still get these errors logged.
Edit: Using networking.nameservers does not fix this for me.
Edit 2: Turns out I had to manually systemctl restart rspamd. Now everything is shiny.
from nixos-mailserver.
Related Issues (20)
- Own DNS fails due to kresd being enabled. HOT 3
- Suggestion: Add option for admin email HOT 4
- There are plenty of new features that need documentation HOT 1
- How to send email to multiple recipients HOT 5
- Dovecot's default connections per ip is a bit low HOT 1
- [support] How to use only enableImapSsl and enablePop3Ssl? HOT 4
- localDnsResolver (kresd) fails HOT 3
- catchAll issue during sending HOT 2
- Using certificateScheme = 3 fails HOT 6
- 18.03 tests fail HOT 5
- Timeout on postfix.service when generating big DH parameter HOT 3
- add dmarc instructions to the complete guide? HOT 1
- Error connecting to IMAP HOT 5
- DKIM signature validation fails with the simple canonicalization HOT 4
- Looking for (Co)-Maintainer(s) HOT 4
- Provide mailing list support with mailman HOT 2
- Trouble with DKIM signature HOT 2
- Using ACME without another nginx process HOT 2
- Backup relay MTA HOT 1
- Will edit later
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nixos-mailserver.