I have set up a new Lemmy server with lemmy-ansible. After a few days, I realized emails are not working. It turns out my server provider had the SMTP port blocked. So I have reconfigured emails with an external SMTP server in config.hjson and verified that works by resetting the password. The problem is what to do with those failed emails.
Previously, emails were sent by postfix-relay. When I checked the logs, there were items in the queue, but they were gone after I changed the POSTFIX_* environment variables and restarted the Docker container.
As far as I know, the impact is a few users could not log in because their emails are not verified. What should you do in such a case? I can think of a few potential solutions, but since I'm not familiar with the source code, I can't judge which one is the best way to go for now.
- Find some way to resend failed emails with postfix-relay, and follow the normal path
- Ignore failed emails, find some way to re-trigger email verifications, so users can get new emails
- Ignore failed emails, connect to the database, and fix relevant data manually
- Something else?
The queue probably got cleared when the postfix container was recreated as it's spool directories weren't attached to a persistent volume .
Probably the easiest would be to manually set email_verified to true in the
local_usertable for those users (basically assume the email addresses were correct).I don't think there's a way to re-trigger the email verification without going through the sign-up process, so your option #3 is likely what you'll need to do.
You could do one of the following if you don't want to blanket-allow the existing signups:
Option 1: Go into the
email_verificationtable and get the email and local user ID to look up the account and send the verification token manually to them using the email account you configured with Lemmy:Option 2: Note the username and email address from the local_user and person tables, delete those, and recreate the accounts for them. They'll have to reset their passwords since you'll have to set one on their behalf, but that should be manageable. Just make sure the password you set for them is completely random, complex, and very long (not sure if the length is still 60 characters or not).
Option 3: Delete the records as in option 2 but send them an out-of-band email from your Lemmy address saying they'll need to re-register.
@[email protected] Thanks for your detailed answer.
The analysis and suggestions are all reasonable. I went with your option #1, and it worked well. I appreciate your prompt help.
One thing I didn't mention, the registration applications page was empty, but after both admin and non-admin users are verified, I'm able to see and approve the applications.
I've also removed
postfix-relayfromdocker-compose.ymlas I think it's now useless. It could be an optional component in the Ansible playbook.That's correct. The applications won't show up there until the email is verified (if verification is enabled). I guess it's a deliberate choice by the devs as a spam prevention method.