esackbauer Good points, host on premise in my datacenter, running under an XCP-ng hypervisor, using Rocky Linux 8.
Setenforce was enabled by default, I’ve set this to permissive - output below. The domain is mail.roc-technology.com
[mail-cow-admin@mail mailcow-dockerized]# sudo ufw status
sudo: ufw: command not found
[mail-cow-admin@mail mailcow-dockerized]# getenforce
Enforcing
[mail-cow-admin@mail mailcow-dockerized]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux mail-cow-admin directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
[mail-cow-admin@mail mailcow-dockerized]# setenforce 0
[mail-cow-admin@mail mailcow-dockerized]# getenforce
Permissive
[mail-cow-admin@mail mailcow-dockerized]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux mail-cow-admin directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
[unknown] Yes, I’ve gone of the DNS and have everything configured appropriately for mailflow and https. Everything tests fine (apparently) besides the webpage and inbound (at least ahead of the firewall changes just now) - Webpage is still unresponsive from outside of my network.
ss -tlpn | grep -E -w '25|80|110|143|443|465|587|993|995|4190'
LISTEN 0 2048 0.0.0.0:25 0.0.0.0:* users:(("docker-proxy",pid=2642,fd=4))
LISTEN 0 2048 0.0.0.0:443 0.0.0.0:* users:(("docker-proxy",pid=2565,fd=4))
LISTEN 0 2048 0.0.0.0:4190 0.0.0.0:* users:(("docker-proxy",pid=3434,fd=4))
LISTEN 0 2048 0.0.0.0:993 0.0.0.0:* users:(("docker-proxy",pid=3485,fd=4))
LISTEN 0 2048 0.0.0.0:995 0.0.0.0:* users:(("docker-proxy",pid=3460,fd=4))
LISTEN 0 2048 0.0.0.0:587 0.0.0.0:* users:(("docker-proxy",pid=2409,fd=4))
LISTEN 0 2048 0.0.0.0:110 0.0.0.0:* users:(("docker-proxy",pid=3597,fd=4))
LISTEN 0 2048 0.0.0.0:143 0.0.0.0:* users:(("docker-proxy",pid=3551,fd=4))
LISTEN 0 2048 0.0.0.0:80 0.0.0.0:* users:(("docker-proxy",pid=2926,fd=4))
LISTEN 0 2048 0.0.0.0:465 0.0.0.0:* users:(("docker-proxy",pid=2478,fd=4))
LISTEN 0 2048 [::]:25 [::]:* users:(("docker-proxy",pid=2646,fd=4))
LISTEN 0 2048 [::]:443 [::]:* users:(("docker-proxy",pid=2569,fd=4))
LISTEN 0 2048 [::]:4190 [::]:* users:(("docker-proxy",pid=3438,fd=4))
LISTEN 0 2048 [::]:993 [::]:* users:(("docker-proxy",pid=3491,fd=4))
LISTEN 0 2048 [::]:995 [::]:* users:(("docker-proxy",pid=3466,fd=4))
LISTEN 0 2048 [::]:587 [::]:* users:(("docker-proxy",pid=2437,fd=4))
LISTEN 0 2048 [::]:110 [::]:* users:(("docker-proxy",pid=3601,fd=4))
LISTEN 0 2048 [::]:143 [::]:* users:(("docker-proxy",pid=3555,fd=4))
LISTEN 0 2048 [::]:80 [::]:* users:(("docker-proxy",pid=2930,fd=4))
LISTEN 0 2048 [::]:465 [::]:* users:(("docker-proxy",pid=2482,fd=4))