The emails generated by the self-service (maybe elsewhere, too) are rejected by Gmail's SMTP servers for lack of a proper `Message-Id` in their header: > Aug 13 12:14:03 postfix postfix/smtp[1252]: 4AB65C466981: to=<xxxx-value-removed-xxxx@gmail.com>, relay=gmail-smtp-in.l.google.com[142.250.147.27]:25, delay=1.5, delays=0.35/0.34/0.29/0.52, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[142.250.147.27] said: 550-5.7.1 [194.76.91.97] Messages missing a valid Message-ID header are not 550-5.7.1 accepted. For more information, go to 550-5.7.1 https://support.google.com/mail/?p=RfcMessageNonCompliant and review 550 5.7.1 RFC 5322 specifications. a640c23a62f3a-a80f3fa7d31si92176566b.238 - gsmtp (in reply to end of DATA command)) It might be necessary to generate a message-id for outgoing messages, e.g. using a helper function from Python: https://docs.python.org/3/library/email.utils.html#email.utils.make_msgid This bug was reported by Johannes Bornhold on behalf of a customer.
"upvote" - I have a second user reporting the issue. I assume this affects every customer using the password reset.
Password recovery and initial invitation of users via mail are impossible if those users use a mail service hosted by google (this goes beyond @gmail.com addresses, some companies use google as well for mail with their own domain). This currently prevents me from using a UCS system for collaboration in a project, as I can not get everyone onboarded. In case you have a preliminary fix or workaround available, I'd be happy to test. (Hint: Not a UCS expert, though plenty of Linux experience ...)
Do you want to post the patch here? Again, happy to test. (I don't know how long it will take to trickle down your build system, your QA and then pushed out as maintenance update. If that's only a few hours, then feel free to ignore my request.)
The Message-ID header is now added to emails sent via Self Service to prevent rejection by certain email providers. UCS 5.0 univention-self-service (5.0.11-3) 19e95a97cfa4 | Bug #57512: add Message-ID header to emails sent via Self Service UCS 5.2 univention-self-service (7.0.6) b655934644f3 | Bug #57512: add Message-ID header to emails sent via Self Service
QA: - Code Review: OK - Package builds locally: OK - Package installs: OK - Before new package, no message ID is generated for the pw reset mail: OK - After patch, message ID is generated
Created attachment 11282 [details] self-service patch (5.0-9) I've also uploaded a patch in this bug's attachments so you can try out the changes.
Thanks, Christian! As the maintenance update did not yet trickle down into my UCS instance, I live-patched the python code (using patch -p5 in /usr/lib/python3/dist-packages/univention/management/console/modules/) with univention-self-service-passwordreset-umc 5.0.11-2 as baseline. Looking at the code, I have no doubt that it works, but you never know. I'll let you know how it goes.
I can confirm that the patch is effective.
<https://errata.software-univention.de/#/?erratum=5.2x23>