akrantz01 When I try to view the DNS records for my newly added domain, all of the records of type TLSA show 110: Operation timed out under the Correct Data field. Looking at the logs for the nginx and php-fpm containers, nothing seems to be amiss. Any help would be appreciated, thanks!
AwesomeGeorge akrantz01 Did you set any TLSA records for your domain at your domain registrar? If not: That’s normal behavior.
pkernstock For generating the TLSA records we initiate connections to the mailserver to each service/port in the code here. So apparently this doesn’t work on your particular setup. Try checking if connection does work e.g. by using: /opt/mailcow-dockerized $ docker-compose exec php-fpm-mailcow nc -vz mail.domain.tld 25 mail.domain.tld (IP:25) open
pkernstock AwesomeGeorge No, that’s indeed not normal behavior. When TLSA records are not set, the validation should report that it doesn’t match but not fail with “Operation timed out”.
AwesomeGeorge pkernstock Well, I thought so because it was the same for me. I got a 110: Operation timed out on almost all checked TLSA records, but everything worked fine after I added the TLSA records.
diekuh Make sure you can reach your public IP from within Docker. If you use a NAT setup, you most likely need NAT reflection. If not, check your iptables, don’t use ufw etc. Not an issue with mailcow, but with your network.
reichley This issue “tlsa error 110 timeout” was experienced by me as well…I run mailcow from home in a VM and use a digitalocean droplet (smallest one) for a reputable IP, easy rDNS setup and connect my VM to it via wireguard. I have a simple DNAT rule on the vps allowing allow tcp traffic to it back to the VM over wireguard tunnel but didn’t have an SNAT rule in place to allow the return traffic to use the public ip of the droplet. Thanks for the hint at NAT reflection, @diekuh
cihanmanap SS = https://prnt.sc/mewcn8PE7JOg I am having the same problem. Emails I send are not going. Please check your mail queue. SS= https://prnt.sc/TdmtufuhG6mA I did a port check, port 25 is open but the problem still persists. Please I need the help of an expert friend who understands the subject.