Hello friends, I’m new here.
I have a technical question that I haven’t been able to clarify yet, so I want to share and see if anyone can help me.
I’m using Mailcow in Docker on an Oracle server. Everything worked perfectly, I followed the instructions and information on the official website and managed to get everything working.
However, I want to improve security on the server, and for that I want to block some outgoing ports (Egress) in the firewall. I noticed that all communication coming to SOGO Webmail, using the HTTPS port (TCP443), responses are being sent on random high ports. I intended to block Internet egress only to port 443, and I can’t because of these responses on random ports.
Wouldn’t it be correct for the response to requesters to be sent via port 443 as is done at the entrance?
I have the impression that this is because the docker network structure is in Bridge mode, but I’m not sure.
I use Traefik as a front, to make Ingress for SOGo Webmail.
Has anyone analyzed or has the same case as mine?
I would be happy to know if there is a way to fix this.
Thank you all.
Rafael Matias