E-Mail Notify when new Firmware is available

Started by xenon2008, May 27, 2024, 06:40:39 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
October 14, 2024, 07:50:05 AM #15
For what it's worth, 24.7.6 also did not deliver email via the forum. I'd love to see the mailing list brought back.
October 14, 2024, 01:00:22 PM #16
Also FWIW, I *did* get an email from the forum notifying me of the 24.7.6 release post. I suspect it's getting caught in SPAM filters sometimes, maybe. I do notice this:

Code Select
Received-SPF: fail (google.com: domain of no-reply@opnsense.org does not designate 209.85.220.69 as permitted sender) client-ip=209.85.220.69;

although it does pass DKIM and DMARC. SPAM filters can be fickle, though....
October 16, 2024, 02:28:01 PM #17
> I really think security updates should be taken much more seriously. OPNsense needs a way to mass notify about security updates.

Is that a straw man suggesting we don't take security updates seriously? :)

It's pretty easy to mass-notify all the GDPR compliant contacts we were provided which is... zero. The times of unsolicited mass-notifications are effectively over. It also allows the users to build their favourite channel from the available primary sources.


Cheers,
Franco
October 28, 2024, 01:48:37 AM #18 Last Edit: October 28, 2024, 01:55:56 AM by munroe
I mean, that's not what a straw man is? It is an implication though, and I think a fair one. It's a large project that people are trusting at their edge. It is good practice to have a mechanism to notify people of important security updates. I don't think this is controversial. And here we are met with "just subscribe to the announcement forum" which simply does not work predictably. I have provided multiple examples of email notifications failing to work on the forum -- and I have offered to help track them down. Yes, I and many others are capable of building my own tools to check for updates but the right thing to do is for the project to offer this, or at least have an official mailing list that works reliably. As I already posted before what are you going to do when there's a 0day? Hope people notice it on reddit? Hope they refresh their dashboard every day? You need a way to reach out in an official capacity besides posting on the forums. I'm not sure how GDPR is relevant here, it can still be opt-in.

Anyway regarding the announcement forum and email, I think the issue with forum subscription is that there is a backoff on topic notifications. If you do not actually click through and re-open the forum it will not send new email notifications for new topics past the one it already sent. So it may actually be that instead of spam filters. It would be better if the announcement forum didn't have this behavior probably.
October 28, 2024, 08:42:04 AM #19
> It is an implication though, and I think a fair one.

Fair enough and I do disagree. Ive seen too many people claiming that this or that is suboptimal but in the average case users just fail to read or find what information is readily available.


Cheers,
Franco
October 28, 2024, 09:56:30 AM #20
Do we have RSS feeds ?
October 28, 2024, 11:30:03 AM #21
Read the whole thread I responded that on page 1.
https://forum.opnsense.org/index.php?topic=40727.msg213549#msg213549
Hardware:
DEC740
October 28, 2024, 12:13:46 PM #22
Quote from: Monviech on October 28, 2024, 11:30:03 AM
Read the whole thread I responded that on page 1.
https://forum.opnsense.org/index.php?topic=40727.msg213549#msg213549
Alright then, sorry for asking.
October 28, 2024, 12:49:17 PM #23
Sorry I didnt want to sound mean.  :)
Hardware:
DEC740
October 28, 2024, 04:14:01 PM #24
No worries.
November 29, 2024, 11:42:45 PM #25 Last Edit: December 03, 2024, 09:46:22 PM by fastboot
As I just answered in this forum in german... No fun to translate the comments. But hope its clear to understand :)

cat /usr/local/bin/check_opnsense_update.sh
Code Select
#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

# Aktuelle installierte Version abrufen und nur die Versionsnummer extrahieren
CURRENT_VERSION=$(opnsense-version | awk '{print $2}')

# Verfügbare Version aus dem Repository abrufen
AVAILABLE_VERSION=$(pkg rquery '%v' opnsense)

if [ "$CURRENT_VERSION" = "$AVAILABLE_VERSION" ]; then
    # Keine neue Version verfügbar
    echo "NO_UPDATE: Current version: $CURRENT_VERSION"
    exit 0
else
    # Update verfügbar
    echo "UPDATE_AVAILABLE: Current version: OPNsense $CURRENT_VERSION, Available version: OPNsense $AVAILABLE_VERSION"
    exit 1
fi


Service Test Settings:
Name: check_opnsense_update
Condition: status != 0
Action: Alert

Service Settings:
Name: OPNsense_Update_Check
Type: custom
Path: /usr/local/bin/check_opnsense_update.sh
Tests: check_opnsense_update
Poll Time: 0 0 * * *
Note: for daily checks at 0:00

Alert Settings:
Recipient: e@mail.com
Events: status failed
Mail Format:
Code Select
from: [FW@lalelu.com]
reply-to: [e@mail.com]
subject: Monit Alert -- $EVENT
message: $EVENT Service $SERVICE

Date: $DATE
Action: $ACTION
Host: $HOST
Description: $DESCRIPTION

Cheers,

Monit

Reminder: 3600



Cheers

EDIT: I could not test the opnsense-update -c, as I have already the latest update installed. But I assume it will work. Let me know :)
January 24, 2025, 01:25:11 PM #26
Hello Franco

I as well was missing a few notification emails towards the end of 2024 on two different email addresses, one selfhosted and another one at Google Workspaces.

I did login with both accounts and checked settings, clicked around in the Forum and then I again got the notification for "OPNsense 25.1-RC1 released" (on 22.01.2025) and "OPNsense 25.1-RC2 released" (today, on 24.01.2025, but only to one of the addresses).

I did see this line in the email from 22.01.2025 and now also today:
"More topics may be posted, but you won't receive more email notifications for this board until you return to the board and read some of them."

I did already login on the 22.01.2025 with both accounts an clicked on a few posting and still only one of them got the email of today.
In case of the announcement I really don't see any reason to also visit the forum, as all the relevant information already is in the email. Unfortunately additional (important) comments to existing announcement postings do not send any notifications at all.

I suspect that the Forum software is disabling the sending out of notifications if a user has not logged in for a certain time, or even worse did not read any postings at all.

It either would be helpful to mention that if no login did happen for that certain time, that notifications will be stopped. In that case I would make myself a reminder to login in regularly to avoid this. I already have such things for other services where they mention to even delete the account when no login happen for e.g. 1 year. In one case it is a postal service which does send email notification of arriving packages, which is all I need and I do not have to login there for anything else.

Or maybe there is a knob somewhere in the Forum software to disable this check and keep sending email as long as they don't bounce with a hard error.


Best regards,
Fabian
January 24, 2025, 04:14:28 PM #27
Quote from: Fabian Wenk on January 24, 2025, 01:25:11 PM"OPNsense 25.1-RC2 released" (today, on 24.01.2025, but only to one of the addresses).

In the meantime with 1.5 hours delay the email also arrived in the second mail account.
Print
Go Up Pages 1 2
User actions