Spam Report links lead to a wrong host

[Sysxpp]

Hello!

Could you please help me correct the wrong links in the Spam reports?
I have an Exchanage server mail.mydomain.com
And I have a PMG server pmg.mydomain.com
PMG is configured to send and recieve mail for mail.mydomain.com and it works perfectly fine.
When user recieves a SPAM report it has a very useful links like "Blacklist", "Deliver", "Delete" - but the href leads to "https://mail.mydomain.com:8006/quarantine?ticket=..." but it should be like "https://pmg.mydomain.com:8006/quarantine?ticket=..." to work.
How can I fix all the links to point to pmg.mydomain.com?

Thank you in advance!

 

[Stoiko Ivanov]

but it should be like "https://pmg.mydomain.com:8006/quarantine?ticket=..." to work.
How can I fix all the links to point to pmg.mydomain.com?

The hostname part of the link can be set in GUI->Configuration->Spam Detector->Quarantine

I hope this helps!

 

[Sysxpp]

The hostname part of the link can be set in GUI->Configuration->Spam Detector->Quarantine

Thank you so much! Putting FQDN into "Quarantine host" fixed the link!
But it is still not working. At first, when I click "Delete" browser throwed a warning about certificate. I made an API certificate for pmg.mydomain.com and now it just opens a new tab with an empty white page with the following code:

<!DOCTYPE html>
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
    <title>pmg - Proxmox Mail Gateway</title>
    <link rel="icon" sizes="128x128" href="/pve2/images/logo-128.png" />
    <link rel="apple-touch-icon" sizes="128x128" href="/pve2/images/logo-128.png" />
    <link rel="stylesheet" type="text/css" href="/pve2/ext6/theme-crisp/resources/theme-crisp-all.css" />
    <link rel="stylesheet" type="text/css" href="/pve2/ext6/crisp/resources/charts-all.css" />
    <link rel="stylesheet" type="text/css" href="/fontawesome/css/font-awesome.css" />
    <link rel="stylesheet" type="text/css" href="/pve2/css/ext6-pmg.css?ver=3.2-2" />
    <link rel="stylesheet" type="text/css" href="/pwt/css/ext6-pmx.css?ver=3.5.5" />
 
    <script type='text/javascript'> function gettext(buf) { return buf; } </script>
 
    <script type="text/javascript" src="/pve2/ext6/ext-all.js"></script>
    <script type="text/javascript" src="/pve2/ext6/charts.js"></script>
    <script type="text/javascript" src="/qrcode.min.js"></script>
 
    <script type="text/javascript">
      Proxmox = {
        Setup: { auth_cookie_name: 'PMGAuthCookie' },
        NodeName: 'pmg',
        UserName: 'info@mydomain.com@quarantine',
        CSRFPreventionToken: '6406321A:R7VaMCx9ouEd+dgZ3hUVkwWYjAbmEfDEL1VWIbak/qU',
        QuarantineLink:  false ,
      };
    </script>
    <script type="text/javascript" src="/proxmoxlib.js?ver=3.5.5"></script>
    <script type="text/javascript" src="/pve2/ext6/locale/locale-en.js"></script>
    <script type="text/javascript">
      Ext.History.fieldid = 'x-history-field';
    </script>
    <script type="text/javascript" src="/pve2/js/pmgmanagerlib.js?ver=3.2-2"></script>
  </head>
  <body>
    <!-- Fields required for history management -->
    <form id="history-form" class="x-hidden">
      <input type="hidden" id="x-history-field"/>
    </form>
  </body>
</html>

I checked the "Spam Quarantine" the mail it still there. Can you please tell me what else can be wrong, so the link is not working?

Thank you!

:edit
I double checked several times with GTUBE emails and "pmgqm send --timespan today", now username and token are empty, and still not working:
Am I doing something wrong? The link in the address bar looks totally ok, it is big and all.
(h.t.t.p.s://pmg.mydomain.com:8006/quarantine?ticket=PMGQUAR:info@mydomain.com:64063518::aIeyFRI+ktVhTCNYozz6k/xNPoUgisFE2fq7z/1Vi5f3us8tuOOdBLEIvgsX/xevTD+0SCyF0Xq/McwYGNBHUpb7s/BQOXuXV0XZwLpsvw9d6XmKlZotqNaJCjxfwN6Ulfcv7eHr/zsAG9qeVb7PekREyBRQDhCZ8sPVuNRW6E/xNLTau+1rF3zVnvNpwp2j7WTze2rdT1CLqtm4Nc0POB/1KxRVC5ZYdl+jVAWFmDOrEeHKJbUuS2zq7ZjN2mXxKh51fbE2MlZWTduzHUjy/rMTOKmk/nH2N9r2mN41n06W4eqWBLuF1jiw+AtKuUrEFj5sE3Cm2ly6BbBMJJPWPQ==&cselect=C0R103T110483671&date=2023-03-06&action=delete)
My guess is that PMG is not picking up UserName and Token, but I have no idea why.



:edit1
I triple checked it using internal IP of PMG instead of FQDN in the link, i.e. 192.168.55.2 instead of pmg.mydomain.com
The code looks a bit different.

Still, UserName looks odd. Maybe it cannot parse the link for some reason?

 

[Stoiko Ivanov]

Still, UserName looks odd. Maybe it cannot parse the link for some reason?

the '@quarantine' part is ok and expected.

anything in the journal or /var/log/pmgproxy/pmgproxy.log pointing to a problem?!

 

[Sysxpp]

anything in the journal or /var/log/pmgproxy/pmgproxy.log pointing to a problem?!

I repeat the process of sending GTUBE and generating a report, then clicked on "Delete" two times: first with FQDN amd then with IP of PMG in the link. Here is the log of it:

::ffff:192.168.255.5 - - [07/03/2023:18:44:35 +0500] "GET /quarantine?ticket=PMGQUAR%253Ainfo%2540mydomain.com%253A64073F93%253A%253AjaRXYs4Jhlupe2FnM9wKgkZALAO4h6gd3sFq2BitxEXwgll7qJ1qM%252FFetFn6Z1fLxoo6JV3KFyhe7f%252BU%252B7sz1B3PrdSMiSnRc9QiaEXX15LOY%252FB0OwrAnaCzCgb4CPobylvX%252BPq7%252BZPxLjl8FLi2n%252BAZFQZLNLIFqJ%252BsCDYzCRxWppKqETjNkE6fUeVzxU0P8N9pAL3u6Xl1Iruis99wMgEKPdEA6wrsbIU%252BFE9TQDuu%252FpA6TN5x5bbSsNwrf74%252FJBMCPo%252F4g8otsknbvAaDDo69ywWPVOJ0ex9JPnj9A%252BzyIPqNaHhiI4Hk%252FjdvxPse2zf3ZOoOBzooRMmsfrIJSQ%253D%253D&cselect=C0R109T39255345&date=2023-03-07&action=delete HTTP/1.1" 200 739
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /quarantine?ticket=PMGQUAR%253Ainfo%2540mydomain.com%253A64073F93%253A%253AjaRXYs4Jhlupe2FnM9wKgkZALAO4h6gd3sFq2BitxEXwgll7qJ1qM%252FFetFn6Z1fLxoo6JV3KFyhe7f%252BU%252B7sz1B3PrdSMiSnRc9QiaEXX15LOY%252FB0OwrAnaCzCgb4CPobylvX%252BPq7%252BZPxLjl8FLi2n%252BAZFQZLNLIFqJ%252BsCDYzCRxWppKqETjNkE6fUeVzxU0P8N9pAL3u6Xl1Iruis99wMgEKPdEA6wrsbIU%252BFE9TQDuu%252FpA6TN5x5bbSsNwrf74%252FJBMCPo%252F4g8otsknbvAaDDo69ywWPVOJ0ex9JPnj9A%252BzyIPqNaHhiI4Hk%252FjdvxPse2zf3ZOoOBzooRMmsfrIJSQ%253D%253D&cselect=C0R109T39255345&date=2023-03-07&action=delete HTTP/1.1" 200 808
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pve2/ext6/theme-crisp/resources/theme-crisp-all.css HTTP/1.1" 200 66
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pve2/ext6/crisp/resources/charts-all.css HTTP/1.1" 200 780
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /fontawesome/css/font-awesome.css HTTP/1.1" 200 7289
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pve2/css/ext6-pmg.css?ver=3.2-2 HTTP/1.1" 200 1725
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pve2/ext6/theme-crisp/resources/theme-crisp-all_2.css HTTP/1.1" 200 6217
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pve2/ext6/theme-crisp/resources/theme-crisp-all_1.css HTTP/1.1" 200 32919
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pwt/css/ext6-pmx.css?ver=3.5.5 HTTP/1.1" 200 1960
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pve2/ext6/locale/locale-en.js HTTP/1.1" 200 2740
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pve2/js/pmgmanagerlib.js?ver=3.2-2 HTTP/1.1" 200 68675
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /qrcode.min.js HTTP/1.1" 200 6998
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /proxmoxlib.js?ver=3.5.5 HTTP/1.1" 200 113102
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pve2/ext6/charts.js HTTP/1.1" 200 108273
::ffff:192.168.255.5 - - [07/03/2023:18:44:46 +0500] "GET /pve2/ext6/ext-all.js HTTP/1.1" 200 683505
::ffff:192.168.255.5 - - [07/03/2023:18:44:47 +0500] "GET /pve2/images/logo-128.png HTTP/1.1" 200 4977

Shame on me, but I can't see anything pinpointing the issue.

 

[Stoiko Ivanov]

I repeat the process of sending GTUBE and generating a report, then clicked on "Delete" two times: first with FQDN amd then with IP of PMG in the link. Here is the log of it:

log looks ok - and reproducing it here - makes it work! (the mail actually gets deleted when I click on the delete link

keep in mind, that you need to accept the certificate warning in the browser if this opens up/you have not trusted your PMG certificate yet

 

[Sysxpp]

log looks ok - and reproducing it here - makes it work! (the mail actually gets deleted when I click on the delete link

Very strange indeed. I even fully updated the PMG and rebooted the node - no luck, even tried different browsers.
Looks like the PMG recieves the command, but then completely ignores it. "Deliver" is also not working, not tried other options, guess all will be the same.
This is somewhat uncomfortable - this way users can only see ther spam in reports, but cannot delete or deliver it.
I will keep looking into it, maybe it will be resolved somehow.
Certificate from LetsEncrypt is totally fine - browsers like it and show "green lock".
Buttons in "Administration" -> "Spam Quarantine" works fine, but I can't let users into there.

 

[Stoiko Ivanov]

anything in the journal (not the pmgproxy log) when you try this?!

 

[Sysxpp]

I found this in SysLog when I'm clicking the links:



Not sure what it means. Spamreport-verbose.tt does not have a $ticket variable. And I didn't mess with my PMG, it is basically fresh and new, I just couldn't mess up because I didn't do anything.

 

[Stoiko Ivanov]

hmm - could you try using a freshly installed browser?
do you have any extensions in your browser that could be adding cookies?

 

[Sysxpp]

hmm - could you try using a freshly installed browser?
do you have any extensions in your browser that could be adding cookies?

Freshly installed chrome with all extensions disabled is not working, but works in "incognito" mode. Firefox works fine.
I guess it is some problem on my side, since firefox works. It is totally OK, if it works in firefox - it is more than enough.
Thank you so much for your help!
As I said before - you're the best!!

 

[Stoiko Ivanov]

You're welcome - glad we found the source of the issue!