Page MenuHomePhabricator

Document fetchmail/procmail as inbound mail options
Closed, WontfixPublic

Description

We weren't quite happy with having to set up a mail server on our Phabricator (I am lazy), so solved the problem with fetchmail instead.
I also can't seem to edit Diviner, so I'm posting it here and you're free to amend/edit/discard it!
Steps:
install fetchmail
put this in /etc/fetchmailrc:

set daemon 10

set logfile /var/log/fetchmail.log

poll [SERVER]
with proto [PROTOCOL]
user "[ACCOUNT]"
password "[PASSWORD]"
is "phabricator"
mda "/usr/bin/procmail /etc/procmailrc -d %T"

We decided to go for procmail instead of sendmail as our mda because we "needed" a simple way to accept multiple aliases for bug filing.
If you have sendmail, you can just leave out the mda (iirc) and use the bottom half of your config for sendmail.

Now, you can actually configure sendmail to deliver to Phabricator. In /etc/aliases, add an entry like this:

phabricator: "| /path/to/phabricator/scripts/mail/mail_handler.php <ENV>"

...where <ENV> is the PHABRICATOR_ENV the script should run under. Run sudo newaliases. Now you likely need to symlink this script into /etc/smrsh/:

sudo ln -s /path/to/phabricator/scripts/mail/mail_handler.php /etc/smrsh/

Finally, edit /etc/mail/virtusertable and add an entry like this:

`@yourdomain.com  phabricator@localhost`

That will forward all mail to @yourdomain.com to the Phabricator processing script. Run sudo /etc/mail/make or similar and then restart sendmail with sudo /etc/init.d/sendmail restart.

If you want to use procmail you put this into your conf /etc/procmailrc instead (Obviously, this is not really the intended usage of procmail, it's supposed to be a per user kind of deal, but as mentioned above, I am lazy):

LOGFILE=/var/log/procmail.log
VERBOSE=yes
EXITCODE=0
SHELL=/bin/sh

:0 fhw
* ^To.*(bruce.wayne|gordon|batman)@[DOMAIN]
| formail -i "To: phabricator@[DOMAIN]"

:0 w

| /path/to/phabricator/scripts/mail/mail_handler.php production

Event Timeline

Relaxguy raised the priority of this task from High to Needs Triage.
epriestley renamed this task from Add a third option for incoming mail setup to Document fetchmail/procmail as inbound mail options.Jul 9 2013, 3:08 AM
epriestley triaged this task as Wishlist priority.
epriestley added a subscriber: epriestley.

I did the same, only simpler without MTA or procmail.
I created a dedicated account for phabricator on our google domain and enabled POP3 access to gmail. (but you could use any existing e-mail service which works with fetchmail)

Then I created a ~/.fetchmailrc file containing:

poll pop.gmail.com proto pop3
   user something@gmail.com password *****
   mda "...../phabricator/scripts/mail/mail_handler.php"
   options ssl

and created a crontab entry which runs fetchmail every 2 minutes:

*/2 * * * * fetchmail > /dev/null 2>&1

but you could also use fetchmail in daemon mode.

Phabricator is configured as described on this page: https://secure.phabricator.com/book/phabricator/article/configuring_inbound_email/

I think its the most simple and free method of handling inbound email.
I wish this method was mentioned in the documentation because it took me some time to figure it out :-)

I did the same with Fetchmail and with a catch-all for email sent to that domain. It's ultra-simple and works pretty efficiently.

Here's a sample .fetchmailrc with tls support, assuming Phabricator is installed somewhere in /home/phab

set daemon 60
set logfile "/home/phab/fetchmail.log"
poll mail.phab.example.com protocol imap port 143:
        user "some.user" pass "some.password"
        mda "/home/phab/path/to/phabricator/scripts/mail/mail_handler.php"
        sslproto tls1
        no rewrite
        no keep
        fetchall;

Which will run in daemon mode and poll every 60 seconds the mailbox for some.user@phab.example.com, which is the catch-all mailbox.

If you've blocked SSL3 and SSL2 connections on your mail server, having sslproto tls1 will work around that and retain a secure connection.

avivey changed the visibility from "All Users" to "Public (No Login Required)".Jan 14 2016, 1:11 AM
epriestley claimed this task.

These are so niche that I think we probably don't want to formally support them in the upstream.