KumoMTA API

sympathetic-fox · July 18, 2025, 11:35am

I’m trying to access the API using:

curl -u login:pass http://server:8000/api/admin/bounce/v1
But I’m getting the error: Trusted IP required, even though the IP is already added to the Trusted list.
Is this a bug, or is there something else that needs to be configured?

Mike · July 18, 2025, 12:42pm

@sympathetic-fox read the READ ME FIRST and provide the required information listed in the link on how to ask for help.

sympathetic-fox · July 18, 2025, 2:40pm

kumod 2025.03.19-1d3f1f67
Linux 5.15.0-78-generic #85-Ubuntu SMP Fri Jul 7 15:25:09 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

sympathetic-fox · July 18, 2025, 2:40pm

init.lua

sympathetic-fox · July 18, 2025, 2:43pm

init.lua (2.77 KB)

Mike · July 18, 2025, 2:45pm

Your trusted IP list is just ALL IPs?

Mike · July 18, 2025, 2:46pm

Also shw the copy/paste of your actual Curl command and the actual output.

Mike · July 18, 2025, 2:47pm

And you haven’t implemented http_server_validate_auth_basic - KumoMTA Docs so the user/pass isn’t going to be checked.

sympathetic-fox · July 18, 2025, 2:54pm

Yes, this is a test server.
http_server_validate_auth_basic is like a debug mode — it accepts any login and password values and just logs them to syslog.

sympathetic-fox · July 18, 2025, 2:55pm

kumo.on(‘http_server_validate_auth_basic’, function(user, password)
print(“KUMO AUTH DEBUG: user=“..tostring(user)..“, password=“..tostring(password))
return true

Mike · July 18, 2025, 2:55pm

Did I miss that in the init.lua you posted?

sympathetic-fox · July 18, 2025, 2:56pm

yep
6 line

sympathetic-fox · July 18, 2025, 2:58pm

curl -u admin:admin1 http://host:8000/api/admin/bounce/v1
Trusted IP required

curl -v -u admin:admin1 http://host:8000/api/admin/bounce/v1

Trying IP:8000…
Connected to host (IP) port 8000 (#0)
Server auth using Basic with user ‘admin’

GET /api/admin/bounce/v1 HTTP/1.1
Host: host:8000
Authorization: Basic YWRtaW46YWRtaW4x
User-Agent: curl/7.81.0
Accept: /

Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< content-type: text/plain; charset=utf-8
< content-length: 19
< date: Fri, 18 Jul 2025 14:56:34 GMT
<
Connection #0 to host host left intact

Mike · July 18, 2025, 2:58pm

And what was the print output?

sympathetic-fox · July 18, 2025, 3:00pm

previous message

Mike · July 18, 2025, 3:02pm

I don’t see anything from the syslog saying KUMO AUTH DEBUG in youre previous message.

sympathetic-fox · July 18, 2025, 3:14pm

curl -u admin:admin1 http://host:8000/api/admin/bounce/v1
Trusted IP required

curl -v -u admin:admin1 http://host:8000/api/admin/bounce/v1
Trying IP:8000…
Connected to host (IP) port 8000 (#0)
Server auth using Basic with user ‘admin’
GET /api/admin/bounce/v1 HTTP/1.1
Host: host:8000
Authorization: Basic YWRtaW46YWRtaW4x
User-Agent: curl/7.81.0
Accept: /

Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< content-type: text/plain; charset=utf-8
< content-length: 19
< date: Fri, 18 Jul 2025 14:56:34 GMT
<
Connection #0 to host host left intact

Mike · July 18, 2025, 3:14pm

Check your syslog.

sympathetic-fox · July 18, 2025, 3:16pm

Jul 18 15:15:35 host kumod[3173888]: KUMO AUTH DEBUG: user=admin, password=admin1

Mike · July 18, 2025, 3:17pm

Just for fun, implement the example in the docs instead?