[rt-users] RT Email temp fail with ExternalAuth and Auth::MailFrom

Kevin Falcone falcone at bestpractical.com
Tue Aug 2 17:01:50 EDT 2011

On Tue, Aug 02, 2011 at 04:23:50PM -0400, Shawn Plummer wrote:
> I am pretty certain I have something configured incorrectly regarding commandbyemail 0.9 ExternalAuth 0.9 and RT 4.0.1 (though its a problem for me with our 3.8 installation)
> Our externalauth plugin is configured to not create users that do not exist in our AD server. We don't want a user to end up with multiple rt accounts if they send from their campus email then from their home account then from a different account etc. Sending with a valid AD account works fine and commandbyemail processes emails just fine.
> However this causes a problem with email when sending an email as a non valid AD user. I get this error.
> Aug  2 16:18:08 rtdevel postfix/local[3050]: B534D5A57E: to=<rt at rtdevel.geneseo.edu>, relay=local, delay=2.2, delays=1.6/0.02/0/0.62, dsn=4.3.0, status=deferred (temporary failure. Command output: RT server error.  The RT server which handled your email did not behave as expected. It said:  Can't call method "HasRight" on an undefined value at /opt/rt4devel/sbin/../lib/RT/User.pm line 1206.  Stack:   [/opt/rt4devel/sbin/../lib/RT/User.pm:1206]   [/opt/rt4devel/sbin/../lib/RT/Queue.pm:1262]   [/opt/rt4devel/sbin/../lib/RT/Queue.pm:1229]   [/opt/rt4devel/sbin/../lib/RT/Queue.pm:657]   [/opt/rt4devel/local/plugins/RT-Extension-CommandByMail/lib/RT/Interface/Email/Filter/TakeAction.pm:496]   [/opt/rt4devel/sbin/../lib/RT/Interface/Email.pm:1612]   [/opt/rt4devel/sbin/../lib/RT/Interface/Email.pm:1429]   [/opt/rt4devel/share/html/REST/1.0/NoAuth/mail-gateway:61]  )
> The problem is because its status is deferred the user gets spammed with failure messages every time the queue runs till the deferred message is out of the queue. It only seems to set it to deferred when I have the mail plugins Auth::MailFrom Filter::TakeAction enabled. if I disable them it just fails, sends one bounce message and moves on as I want it to do.
> Am I missing some critical config line for Auth::MailFrom or Filter::TakeAction that would make it not defer?

Does RT::Extension::CommandByMail log about who it is going to run as?

If it gives a weird result on that log message, the attached patch might fix it

-------------- next part --------------
From 0485d33f62b8c34c926db7d3e675e34d585d3006 Mon Sep 17 00:00:00 2001
From: Kevin Falcone <falcone at bestpractical.com>
Date: Tue, 2 Aug 2011 17:00:35 -0400
Subject: [PATCH] Make sure we actually got a valid user before trying to use it

 lib/RT/Interface/Email/Filter/TakeAction.pm |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/lib/RT/Interface/Email/Filter/TakeAction.pm b/lib/RT/Interface/Email/Filter/TakeAction.pm
index 46823aa..7e4030e 100644
--- a/lib/RT/Interface/Email/Filter/TakeAction.pm
+++ b/lib/RT/Interface/Email/Filter/TakeAction.pm
@@ -148,7 +148,7 @@ sub GetCurrentUser {
-    unless ( $args{'CurrentUser'} ) {
+    unless ( $args{'CurrentUser'} && $args{'CurrentUser'}->Id ) {
             "Filter::TakeAction executed when "
             ."CurrentUser (actor) is not authorized. "

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110802/a0bad3dc/attachment.sig>

More information about the rt-users mailing list