Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Setup mail delivery from Jenkins and slaves

Description

I'm setting up some jobs that will require Jenkins and/or the slaves to send email to various places. Jenkins and the slaves seem to currently run Postfix in a default configuration that makes them attempt to deliver email directly to its destination. This causes sent email to get delayed.

We typically don't notice this because our SPF setting for ovirt.org are quite lax (We allow anyone to say he is from @ovirt.org, but delay messages that are not from "lists.phx.ovirt.org, "mail.phx.ovirt.org", or "gerrit.ovirt.org") abd because our ML server where we typically send to, only imposes a 60second delay.

We need to have a better setup. I suggest we configure Jenkins and the slaves to use some other server as a smart host (maybe "mail.phx.ovirt.org"?). To make the configuration as generic as possible I suggest we make the slaves deliver via Jenkins and only make Jenkins deliver to the smart host.

I think smart host configuration on Postfix is simple enough that we can make our usual job-embedded slave setup scrips set it up insead of having to resort to Puppet or Ansible.

Activity

Show:

Marc Dequènes (Duck) September 2, 2019 at 2:54 AM

It’s possible to use the ML server as a relay but I think a local one with a specific IP in the SPF headers would be better. With the move out of PHX I’m not sure how we can organize that now.

Barak Korren September 1, 2019 at 7:40 AM
Edited

It only works now because we're sending to @ovirt.org addresses, if we send to more secured addresses like @redhat.com ones, the messages will get blocked because they are not coming from an authorized server.

As I commented above we've kinda been lucky so far, because we're generating SMTP traffic from random IP addresses at PHX. If we're not careful we can easily get the whole PHX IP range blacklisted by sending traffic to the wrong places.

Its a mess we should sort out.

Eyal Edri August 29, 2019 at 3:02 PM

Any update on this? I just wonder why do we need something that has been working so far, isn’t the jenkins master been sending emails all this years already?

Marc Dequènes (Duck) June 3, 2019 at 6:55 AM

I just gave some info but no decision seem to have been made so I did not start any work on this yet.

what is the status of this BR?

Barak Korren February 21, 2019 at 9:38 AM

There is no code in global_setup.sh to set this up ATM, we're kinda luckey it even works and we're not getting blacklisted...

Details

Assignee

Reporter

Components

Priority

Parent

Created March 15, 2017 at 7:08 AM
Updated September 2, 2019 at 2:54 AM