Can Send Messages But am unable to Recieve messages.

lilmart210 · 2025-04-12T16:31:16+00:00

I started with the minimum configuration specified in the documentation and began working with mailcow. Very early on I could send messages but i could not recieve them. So i began adding everything that the documentation specified. The only thing i could not get working was the reverse domain lookup. But that only where you mail lands, inbox or junk, So i’m very confident that the configuration is set up correctly with all ports exposed. I can send mail but i cannot recieve it.

mail tester passes everything with a 10/10.

checking postifx logs, I found that there was no Inbound mail from the outside but i could send perfectly fine which led me to believe that I still have a problem with blocked traffic, so i contacted my isp and they claim they do not block any traffic going to my home and there was other ‘trash’ traffic being blocked so they unblocked even that for me. Still no change. I’m not sure what the problem is here.

My setup is a nginx reverse proxy, in docker, sending traffic to another docker container on the same device. I use squarespace as my domain provider(i got transitioned from google, not sure if that helps), i3broadband as my internet provider.
My reverseproxy moves all http traffix to https. Any advice or help is appreciated, i really want my own mail server.

I’ve tried everything i could think of, not sure what to do at this point.

w.email/assets/files/2025-04-12/1744475064-343338-help3.jpg alt={TEXT?}]

I can send mail to others like gmail, i can recieve local mail from other users on my server. I just can’t recieve external mail. I tried to investigate the ‘cannot connect’ but have determined that the ports in use are all open. using nmap and other programs, they really are open.

DocFraggle · 2025-04-12T18:02:44+00:00

Afaik you can’t use Nginx to proxy SMTP, IMAP Pop3 etc.
You have to use haproxy or similar services for that

esackbauer · 2025-04-12T18:12:21+00:00

Correct. Besides other problems, docker-iptables will not work correctly, spam detection and fail2ban will not work. The services need the originating IP address, and using streams does hide the originating IP.
You must NAT those ports directly to the mailcow host.

lilmart210 · 2025-04-12T18:22:40+00:00

DocFraggle as far as i can understand from nginx docs, the “streams” is able to do this. Haproxy seems to be exactly the same as nginx in this regard. if this was the case, I fail to understand why I would be able to send a message to myself, in this case, wouldn’t all mail fail?

[unknown] How would I know they don’t work? as far as i understand, the problem should lie with somewhere between them and just outside of the docker container, so as close as the nginx reverse proxy. i’m pretty sure i have a “nat” in the reverse proxy configuration, just for this

DocFraggle · 2025-04-12T18:34:20+00:00

Configuring NGINX as a Mail Proxy Server | NGINX Documentation

docs.nginx.com

Configuring NGINX as a Mail Proxy Server | NGINX Documentation

Simplify your email service and improve its performance with NGINX or NGINX Plus as a proxy for the IMAP, POP3, and SMTP protocols

It doesn’t look like you configured your Nginx like the docs state

lilmart210 · 2025-04-12T19:20:13+00:00

DocFraggle I’m unable to get this to run correctly. For example, where exactly would i get the target for <auth_http> for mailcow? And although i can listen on the respective ports, i don’t see anything that is forwarding this to the target addresses.

I currently have 2 solutions in mind, remove these ports from the reverse proxy and directly let the docker container handle them, but with this i would still need to reverse proxy port 80 and 443. Theoretically this should still be fine right? since those are http anyways. and the other solution was to use haproxy, but if i’m struggling with nginx, i don’t see why haproxy would suddenly work.

DocFraggle I finally figured it out, its been a week of scratching my head.

its possible to use the stream directive and this is what finally worked.

`stream {
server {
listen 143;
proxy_pass 192.168.0.16:6306;
}

server {
    listen 993 ssl;
    proxy_pass 192.168.0.16:6307;
    ssl_certificate <yourcert>
    ssl_certificate_key /etc/myconfig/youkey.key;

}

server {
    listen 110;
    proxy_pass 192.168.0.16:6308;
}

server {
    listen 995 ssl;
    proxy_pass 192.168.0.16:6309;

    ssl_certificate <yourcert>
    ssl_certificate_key /etc/myconfig/youkey.key;

server {
    listen 25;
    proxy_pass 192.168.0.16:6303;
}

server {
    listen 587;
    proxy_pass 192.168.0.16:6305;
}

server {
    listen 465 ssl;
    proxy_pass 192.168.0.16:6304;

    ssl_certificate <yourcert>
    ssl_certificate_key /etc/myconfig/youkey.key;
}

}`

lilmart210 · 2025-04-16T21:10:52+00:00

esackbauer Correct. Besides other problems, docker-iptables will not work correctly, spam detection and fail2ban will not work. The services need the originating IP address, and using streams does hide the originating IP.
You must NAT those ports directly to the mailcow host.

Ugh, i wish I read this more carefully, i must have misinterpreted this reply in my haste. i was subject to an open relay attack. I was wondering how could this be, when I had a firewall, tls, ssl and user auth. I doubly checked everything and it still happened.

maybe It makes sense if the origin ip gets masked as the host as both proxy and reciever is the same in my case, and then that gets relayed to mailcow as authentic.

the “mail” directive didn’t work, and so i reverted to stream. So you say haproxy is a better way to do this.

Well it was only for fun, it was easy enough to understand but it seems my skills are lacking, google workspace it is.

Trytan6bz · 2025-04-19T01:37:06+00:00

Hi y’all, so I have a similar problem only that I have three different domains configured and only the mail-boxes that are for the first domain can send and receive emails while mail-boxes with the other two can’t. This is my first time using mailcow so I just need some guidance with this. I didn’t configure this manually I used the docker version.

To give you a better understanding I’ll explain what I am really trying to configure. I have domail-1 which is the first domain that has DNS records pointing to the same server where I setup mailcow. The other two domains are both pointing to different servers where I have hosted two webapps. I added these domain names on mailcow and configured the domains to point to the machine where the webapps point to and I can only send mail from them but not receive. I have tried changing the MX records on both of them to point to the actual mail server but I still get issues with the PTR records, even after reconfiguring the PTR records to point to the mail server to fix the issue I still can’t get the mail-boxes of these two domains to function properly.

Any suggestions?

lilmart210 · 2025-04-19T01:42:56+00:00

Trytan6bz i remember the guides me tioned that in the mailcow.conf file, you need to add the extra domains in. Did you do that?

You mentioned 2 other domains, so im assuming you also setup the mx records for those as well right? Any problems with the mx record there would reflect on the server. Since the first one works, its likely a missed step in the configuration or dns problems. My problems are different from this, it was due to my reverse proxy.

Trytan6bz · 2025-04-19T02:09:10+00:00

No I didn’t add the extra two domains in the mailcow.config file and can I do that after my mailcow server is up and running or do I need to stop it first add the domains and restart. I am asking because I have used it for almost 2 weeks now and I don’t want to lose any of my data.

lilmart210 · 2025-04-19T02:11:39+00:00

Trytan6bz if you are using the mailcow dockerized, you can. There are persistent volumes that exists that allows you to do docker compose down and docker compose up without harming anything.

Trytan6bz · 2025-04-21T08:40:58+00:00

Got it thanks