Hello Mailcow community,

I’m currently having an issue related to my Mailcow installation. I have the following DNS setup:
sub.domain.tld is the designated subdomain for Mailcow (intended for email/webmail). This is what I gave as FQDN during the config script while installing.

domain.tld is my main domain, and I do not want Mailcow to be accessible from this domain.

What works
Mailcow functions correctly on sub.domain.tld inclusive but not limited to HTTP redirect to HTTPS, GUI, etc. All fine here.
DNS settings (A and AAAA records) for both sub.domain.tld and domain.tld are handled through Cloudflare.

What’s the Issue?
When I visit domain.tld , I end up seeing the Mailcow instance, which I don’t want! I’ve specifically set Mailcow to handle only sub.domain.tld, but it still shows up when accessing the main domain.
Additionally, domain.tld does not use HTTPS (even when I try forcing HTTPS manually).

My Setup:
I followed the Mailcow installation guide , provided the correct FQDN (sub.domain.tld) for mailcow.conf during installation, and SSL works fine on sub.domain.tld.
Here’s an overview of my relevant configuration files:
server_name.active > server_name sub.domain.tld autodiscover.* autoconfig.* ;

I found that grep -r "server_name _;" /opt/mailcow-dockerized/data/conf/nginx/ returns:

/opt/mailcow-dockerized/data/conf/nginx/meta_exporter.conf:  server_name _;
/opt/mailcow-dockerized/data/conf/nginx/dynmaps.conf:  server_name _;

Both meta_exporter.conf and dynmaps.conf seem to use server_name _;, which is likely catching requests to my main domain…

I’ve considered removing or restricting the server_name _ declarations, but I’m unsure of the best approach without potentially breaking something.
I don’t want Mailcow to appear on my main domain , nor do I want to set up a reverse proxy if I don’t have to.

If possible, I’d like domain.tld to do any of:

  • Serve a simple 404/403 error or a placeholder page.
  • Redirect to another site if easier.

I use the latest MailCow Dockerized (installed today) and otherwise things work smoothly (Other than awfully hit by google immediately with stuff like “this IP has a low reputation, we do not want your mail” lol.)

I appreciate any input, thanks!

This is nothing related to mailcow, it’s just a DNS issue on your side. What did you set your A record for @ (that’s if you enter just domain.tld) to?

    Have something to say?

    Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!

    DocFraggle well - the DNS has A (and AAA) records for both main and sub domain - pointing to the same ip - kind of the “normal” setup.

    I’d have thought specifying subdomain as FQDN in mailcow makes mailcow to deliver only under that subdomain.
    Im aware that without further server blocks nginx just catches all. Which is basically why I’m here - the only way to stop this would be to proxy in front of the mailcow?

    I can also just dump the A and AAAA record and remove the rDNS for the “main domain” of course, and serve it on another server.
    I had hoped there would be specific mailcow update-safe ways to handle to this

    If not I guess it’s clear, I’ll simply run two instances with distinct IPs.

    Thanks for any input.

      DocFraggle OK

      I think I then prefer to “just” go with another IP for the main domain

      This might have an obvious answer so please apologize if so:
      if I have two distinct IPs (domain.tld > 1.2.3.4 and mail.domain.tld > 2.3.4.5) does that have any influence on the mail service deliverability at all?
      What I mean is, does the IP reputation of mail.domain.tld suffer if its main domain is on another IP?

      I have a hard time getting the IP warmed up. My own gmail accepts my mails, but for example my friends gmails all refuse me with “this IP has a low reputation”
      So I do not want to jeopardize this more than necessary

      Thanks!

        We don’t have all the insights, but I think it’s only the IP of the sending email server and has nothing to do with any other DNS entries of your DNS zone. So the reputation of the IP address of sub.domain.tld isn’t influenced at all by the entry of domain.tld…

        No one is typing