Hello, I just installed using the docker installer and the mail services are only reachable from server using localhost. If I try to connect (using telnet) via my NICs ip address I get connection refused.

All docker services are listening on 0.0.0.0. Is this an issue with the docker firewall configuration? How do I expose these services externally?

docker ps:
8a3b9e6159ce mailcow/postfix:1.66 "/docker-entrypoint.…" 12 hours ago Up 19 seconds 0.0.0.0:25->25/tcp, :::25->25/tcp, 0.0.0.0:465->465/tcp, :::465->465/tcp, 0.0.0.0:587->587/tcp, :::587->587/tcp, 588/tcp >
3917e1c0deb0 mailcow/dovecot:1.162 "/docker-entrypoint.…" 12 hours ago Up 5 minutes 0.0.0.0:110->110/tcp, :::110->110/tcp, 0.0.0.0:143->143/tcp, :::143->143/tcp, 0.0.0.0:993->993/tcp, :::993->993/tcp, 0.0.0.0:995->9>
04207cdecb1e nginx:mainline-alpine "/docker-entrypoint.…" 12 hours ago Up 12 hours 0.0.0.0:80->80/tcp, :::80->80/tcp, 127.0.0.1:8443->8443/tcp >

iptables –list
`
Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all – anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all – anywhere anywhere
ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all – anywhere anywhere
ACCEPT all – anywhere anywhere
ACCEPT all – anywhere anywhere
ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all – anywhere anywhere
ACCEPT all – anywhere anywhere
ACCEPT all – anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain DOCKER (2 references)
target prot opt source destination
ACCEPT tcp – anywhere 172.22.1.249 tcp dpt:redis
ACCEPT tcp – anywhere 172.22.1.6 tcp dpt:8983
ACCEPT tcp – anywhere 172.22.1.9 tcp dpt:mysql
ACCEPT tcp – anywhere 172.22.1.10 tcp dpt:8443
ACCEPT tcp – anywhere 172.22.1.10 tcp dpt:http
ACCEPT tcp – anywhere 172.22.1.253 tcp dpt:submission
ACCEPT tcp – anywhere 172.22.1.253 tcp dpt:submissions
ACCEPT tcp – anywhere 172.22.1.253 tcp dpt:smtp
ACCEPT tcp – anywhere 172.22.1.250 tcp dpt:12345
ACCEPT tcp – anywhere 172.22.1.250 tcp dpt:sieve
ACCEPT tcp – anywhere 172.22.1.250 tcp dpt:pop3s
ACCEPT tcp – anywhere 172.22.1.250 tcp dpt:imaps
ACCEPT tcp – anywhere 172.22.1.250 tcp dpt:imap2
ACCEPT tcp – anywhere 172.22.1.250 tcp dpt:pop3

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all – anywhere anywhere
DOCKER-ISOLATION-STAGE-2 all – anywhere anywhere
RETURN all – anywhere anywhere

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
target prot opt source destination
DROP all – anywhere anywhere
DROP all – anywhere anywhere
RETURN all – anywhere anywhere

Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all – anywhere anywhere
`

It looks like the root cause is that some services were not starting up because DNS resolution is failing inside the container.

Have something to say?

Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!

No one is typing