Admin Panel E-Mail and Rspamd buttons broken

FelixTECH · 2024-12-06T19:09:26+00:00

Hello, I have a VMware Appliance and before I was done setting it up I had the top right buttons "E-Mail" and "Rspamd" working. At some point those buttons...

crpb

Do the updates now work?

grom-test-4:~ # cat /etc/grommunio-admin-common/config.json
{
  "mailWebAddress": "https://grom-test-4.local.tld/web",
  "rspamdWebAddress": "https://grom-test-4.local.tld:8443/antispam/"
}

FelixTECH

If you take a long enough break the updates "work". Still horribly too slow but at least it finishes after hours.

-rw-r--r-- 1 root root 373 Dez  6 16:03 /etc/grommunio-admin-common/config.json

localhost:/var/log # cat /etc/grommunio-admin-common/config.json
{
  "mailWebAddress": "https://mail.*****.io/web",
  "rspamdWebAddress": "https://mail.*****.io:8443/antispam/",
  "customImages": {
      "mail.*****.io": {
          "icon": "https://www.*****.io/images/icon.svg",
          "logo": "https://www.*****.io/images/logo.svg",
          "logoLight": "https://www.*****.io/images/logo.svg"
      }
  }
}

The settings are correct but none of them are accepted. The custom images also don't work. A JSON Validator tells me the JSON is fine.

It doesn't make any difference if I take the custom images away. Also I don't see any log entry anywhere that would indicate a problem. Can I somehow turn the log level to debug?

crpb

hmm odd problems. you must have naughty gnomes running through your network 😛.

anyhow, have you tried this? https://github.com/grommunio/admin-web/blob/master/README.md?plain=1#L96
don't know if it works but sure sounds like it.

FelixTECH

I added "devMode": true, and rebooted. There isn't a single log entry more under Monitoring. My guess would be that this config file is never imported or used anywhere and no matter what I do in this file, it will not have any effect.

FelixTECH

I have switched to dark mode and green style in the admin panel and turned off dark mode again. Then it loaded the custom images. The menu is stuck in dark mode no matter what I do and the rest in in normal mode. But the webmail is still refusing the custom images and the debug logs are also not there.

Steakie

FelixTECH Your browser is/was caching the config.json file, which is statically fetched from the server. Ctrl+Shift+r usually does the trick

crpb

hmmm... maybe some DNS problem? you know, 'IT'S ALWAYS DNS!" :-)

you can add some logging by doing the following but i guess that devMode only does work if you run a local node something something ..

sed -i.bak '/disable-logging/ s/true/false/' /usr/share/grommunio-admin-api/api-config.ini
systemctl restart grommunio-admin-api.service
journalctl -fu grommunio-admin-api.service

Maybe @Steakie has some insight.

FelixTECH

crpb DNS is verified to be correct. After tons of testing the extremely buggy firewall (OPNsense) also is verified to do everything as expected. No errors are shown in the uWSGI logs. By turning on the logs this just logs all requests and has significantly increased the amount of queries sent to the database.

Interestingly the DNS Health in the domain settings was not working. Everything stayed gray and it says unexpected character at line 1 column 1 of the JSON data pops up at the bottom of the screen after half a minute.
After digging through the source code and inserting some print statements I found out that there is an undocumented requirement that there is outgoing DNS to 1.1.1.1, 1.0.0.1, 208.67.222.222, 208.67.220.220, 208.67.222.220 needed.
This error message is also complete garbage and fake. There is no JSON issue. The request ended in a timeout as it couldn't reach external DNS servers.
After enabling outgoing DNS for the Grommunio machine, the DNS check now works. What annoys me is that the optional (blue) things don't get green when they are okay. You can see from the results that they are okay but it is not shown in the color.
Also there is a bug in the DNS check GUI. The MX record is considered optional. The MX record is required and must be shown in read and not in blue. Without the MX record mails don't work. Also in my case it should be green as the record is there and correct.
Generally the DNS Health Check seems to be entirely undocumented.

None of this did anything to what the actual problem was.

Basically the leftovers of this thread is that it works but it is impossible to tell why and that the menu is forever stuck in dark mode. It is annoying that this bug is there but it doesn't affect the core parts of the application.
Just that the custom images are ignored by the webmail is left to resolve.
Along with other issues that CatchAll doesn't work and it is apparently impossible to use shared mailboxes in Outlook for mobile devices and also mails from ProtonMail and Exchange Online never get delivered due to some TLS problem. But maybe at some point all those bugs are either solved or there is a always working workaround so I could actually sell this to customers as an Exchange replacement.

FelixTECH

It is not a cache issue. I did this in development mode without cache. And I tried on a device which has never before opened the webmail. And it does not work. No matter what I do. It refuses to accept this file in the webmail. In the admin panel is the branding not that important. But the user-facing frontend should work and it just doesn't.

Steakie

FelixTECH Webmail? The config.json does not affect the webmail client in any way shape or form. It only changes the design of the Admin-web interface

FelixTECH

Steakie Then the documentation is straight up wrong and the custom images feature makes absolutely zero sense. Why would I want to change the looks of an interface only a few people in the IT department will see and I'm unable to change the looks of the interface every employee will see every day?

The docs (https://docs.grommunio.com/admin/administration.html#design) say

Admins have the ability to whitelabel the app for all users.

This explicitly says that the webmail should be whitelabelable.

WalterH

FelixTECH This explicitly says that the webmail should be whitelabelable.

But webmail is not the Admin-UI. These are two different programs and have different configurations.

Steakie

FelixTECH No it does not. It literally says "App". I'm going change that to "admin-web interface"

FelixTECH

Then it is entirely undocumented on how to change the appearance of the webmail. It should be documented that this is possible or not possible and if it is possible, how.

Also the term "app" is entirely wrong in this context as there is no app whatsoever involved. This has to be changed to relect reality.

FelixTECH

According to @mwilliams in thread https://community.grommunio.com/d/437-individuelles-branding-logon-seite/9 this should work since around 2 years. So this is a clear bug.
Theoretically I could manually mess around in /usr/share/grommunio-web/client/resources and have my changes broken after an update. But this is not a state in which I could sell this software to a customer.

Steakie

FelixTECH

This is still stupid as the documentation says something else and in the forums was communicated something else and as I said it is absolutely useless to whitelabel the admin panel but are unable to whitelabel the user facing frontend. And as there are so many other severe bugs and missing features to this product (menu stuck in dark mode, catchall breaks entire mail routing, no proper support for DKIM, Outlook on mobile devices doesn't work with shared mailboxes, SMTP-TLS not working properly) I see absolutely no chance to ever commercially using this software for real companies which rely on working e-mails.
At this point I will give up on attempting to get Grommunio to work properly enough for it to be software that I could pitch to customers. Maybe I can have a look in 5 years again but at this point there are too many severe flaws.

itNGO

FelixTECH Yes, this is exactly the impression Grommunio is currently making in many places and away from the advertising articles in magazines, unfortunately also in practice.... But maybe everything will be better with the next update....