From c3b2c4e89af935727965bf0ae75d30afb0d88979 Mon Sep 17 00:00:00 2001 From: justin Date: Fri, 5 Jun 2026 23:12:03 -0500 Subject: [PATCH] hc-email: prod listmonk_hc installed + 3 SMTP servers + rampcap cron; end-to-end validated to Gmail via .107-.109 --- docs/healthcare-email-stream-plan.md | 36 ++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 5 deletions(-) diff --git a/docs/healthcare-email-stream-plan.md b/docs/healthcare-email-stream-plan.md index ca1fe80..812c304 100644 --- a/docs/healthcare-email-stream-plan.md +++ b/docs/healthcare-email-stream-plan.md @@ -257,11 +257,37 @@ Committed and validated on dev: `.107/.108/.109` explicitly and ends `-all` (only 2 DNS-lookup mechanisms, `a mx` — safe under the 10 limit). DKIM selector `mail` published (2048-bit). DMARC `p=quarantine; pct=100; rua=dmarc@`. All domain-level, no change needed. -3. **Install on prod**: create `listmonk_hc` DB + `--install`, configure its 3 - SMTP servers (commands in deploy.sh header), run `hc_stream_setup.sh` on the - prod MTA, install `pw-hc-rampcap` cron. -4. **Verify identity** with mail-tester / aboutmy.email from an hc IP (PTR + SPF - + DKIM + DMARC all pass) BEFORE importing the list. +3. **Install on prod** — ✅ **DONE 2026-06-06.** + - Postfix hc stream already live on the app host (Postfix is co-located): + ports `2526/2527/2528` → `content_filter=hcout1/2/3:` → `smtp_bind_address` + `.107/.108/.109` + HELO `hcmta01/02/03`. Verified in master.cf. + - `listmonk_hc` DB existed (owner `pw`, was empty); ran + `docker compose run --rm --entrypoint /bin/sh listmonk-hc -c + './listmonk --install --idempotent --yes --config /listmonk/config.toml'` + → 16 tables, superadmin `api` created. `docker compose up -d listmonk-hc` + → container Up, `:9101` → 200. + - **3 SMTP servers configured directly in the `listmonk_hc.settings` table** + (the env-installed admin is a UI user, not an API-token user, so the REST + API rejects basic-auth; DB update is the clean path). Each points at + `172.18.0.1:2526/2527/2528` (docker bridge gateway → host Postfix hc ports), + `auth_protocol=none`, `tls_type=none`, `max_conns=2`, + `hello_hostname=hcmta0N`. Restart loaded "3 SMTP messengers". + - **End-to-end validated:** submitted one probe through each of 2526/2527/2528; + maillog shows each routed via its own `hcout1/2/3`, established a **Trusted + TLS connection to gmail-smtp-in.l.google.com:25**, and got a genuine Gmail + `550-5.1.1 NoSuchUser` (expected for the dummy recipient) — i.e. **no + PTR/SPF/reputation rejection**, FCrDNS accepted from all 3 hc IPs. + - ✅ `pw-hc-rampcap` installed at `/usr/local/bin/` + `/etc/cron.d/pw-hc-rampcap` + (daily 07:20, mirrors the trucking rampcap). The hc warmup stamp + `/etc/postfix/hc-warmup-start` exists (created by `hc_stream_setup.sh`), so + the ramp is on **day 0 → cap 100/h** (sliding window, 1h). Ramps to 1000/h + by day 10. Nothing sends until a list is imported. +4. **Verify identity** — ⚠️ **PARTIAL.** The live-send probes already prove Gmail + accepts mail from `.107/.108/.109` with no PTR/SPF/reputation rejection (only + the dummy-recipient `550 NoSuchUser`). Still worth a **mail-tester.com / + aboutmy.email** run from an hc IP (send to their probe address through + listmonk-hc) to confirm the numeric score (DKIM-signed, DMARC aligned, content + spamassassin score) BEFORE the first real batch. Not started. 5. **Free MX+SMTP verify** the institutional CSV on a non-sending IP, import the verified file into listmonk-hc, send small focused batches (overdue-first).