UNBOUND_MAILCOW Healthcheck problème

BisonOpiniatre

I try to deploy mailcow on my home server and I have some error with the UNBOUND container. I previosly bypassed it to correct others problème, using SWAG reverse proxy and setting SMTP2GO. But now I need to correct it.
When it start, the container stuck with this loop of message in logs:

2026-01-07 09:00:08: Healthcheck: DNS Resolution Failed on attempt 1 for fuzzy.mailcow.email! Trying again…
2026-01-07 09:00:08: Healthcheck: DNS Resolution Failed on attempt 2 for fuzzy.mailcow.email! Trying again…
2026-01-07 09:00:09: Healthcheck: DNS Resolution Failed on attempt 3 for fuzzy.mailcow.email! Trying again…
2026-01-07 09:00:09: Healthcheck: DNS Resolution not possible after 3 attempts for fuzzy.mailcow.email… Gave up!
2026-01-07 09:00:09: Healthcheck: DNS Resolution Failed on attempt 1 for github.com! Trying again…
2026-01-07 09:00:09: Healthcheck: DNS Resolution Failed on attempt 2 for github.com! Trying again…
2026-01-07 09:00:09: Healthcheck: DNS Resolution Failed on attempt 3 for github.com! Trying again…
2026-01-07 09:00:09: Healthcheck: DNS Resolution not possible after 3 attempts for github.com… Gave up!
2026-01-07 09:00:09: Healthcheck: DNS Resolution Failed on attempt 1 for hub.docker.com! Trying again…
2026-01-07 09:00:09: Healthcheck: DNS Resolution Failed on attempt 2 for hub.docker.com! Trying again…
2026-01-07 09:00:09: Healthcheck: DNS Resolution Failed on attempt 3 for hub.docker.com! Trying again…
2026-01-07 09:00:09: Healthcheck: DNS Resolution not possible after 3 attempts for hub.docker.com… Gave up!
2026-01-07 09:00:09: Healthcheck: Too many DNS failures (1 failures allowed, you got 3 failures), marking Healthcheck as unhealthy…

I tried to define a foward-zone like mentioned in documentation but this don’t resolve the problème.
I suspect SWAG create another problème but I don’t know why.

I also disabled IPv6.
I also added UNBOUND_DNS=1.1.1.1,8.8.8.8

Because UNBOUND cannot resolve DNS, others container, like nginx cannot start.

BisonOpiniatre

Currently I bypass Healthcheck because I have another problem to set smtp relay.

BisonOpiniatre

Now I can send email but not recevie them. I saw they were rejected because postfix cannot resolve DNS. But it use Unbound and unbound are not able to résolve DNS. Someone can help me?
Thanks

NOQUEUE: reject: RCPT from unknown[52.103.20.95]: 450 4.1.8 <mail@outlook.com>: Sender address rejected: Domain not found; from=<mail@outlook.com> to=<postmaster@domaine.tld> proto=ESMTP helo=<CH4PR04CU002.outbound.protection.outlook.com>

esackbauer

Sorry with that little information about your setup we cannot help (which hoster, which firewall, which OS, IPv4 or also IPv6 etc). Check the logs of the unbound container. Check if you meet all prerequisites (DNS port 53 outgoing open for TCP and UDP, check with your hosting provider).
Check if you can dig from within your unbound container. Use forum search to find other threads that explain things to try and narrow down the error.

BisonOpiniatre

I validate fierwall also I disabled IPv6 but I see somthing strange in logs.
After disabled Healthcheck I see in logs the container or the application seems reboot with this logs:

Setting console permissions…
Receiving anchor key…
Receiving root hints…
######################################################################## 100.0%
setup in directory /etc/unbound
removing artifacts
Setup success. Certificates created. Enable in unbound.conf file to use
2026-01-14 14:47:05,892 INFO Set uid to user 0 succeeded
2026-01-14 14:47:05,895 INFO supervisord started with pid 1
2026-01-14 14:47:06,898 INFO spawned: ‘processes’ with pid 17
2026-01-14 14:47:06,901 INFO spawned: ‘syslog-ng’ with pid 18
2026-01-14 14:47:06,903 INFO spawned: ‘unbound’ with pid 19
2026-01-14 14:47:06,905 INFO spawned: ‘unbound-healthcheck’ with pid 20
2026-01-14 14:47:06: Healthcheck: ALL CHECKS WERE SKIPPED! Unbound is healthy!
[1768420026] unbound[19:0] notice: init module 0: subnetcache
[1768420026] unbound[19:0] notice: init module 1: validator
[1768420026] unbound[19:0] notice: init module 2: iterator
Jan 14 14:47:06 7f49191ceb3b syslog-ng[18]: syslog-ng starting up; version=‘4.8.1’
[1768420026] unbound[19:0] info: start of service (unbound 1.22.0).
2026-01-14 14:47:07,928 INFO success: processes entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2026-01-14 14:47:07,928 INFO success: syslog-ng entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2026-01-14 14:47:07,928 INFO success: unbound entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2026-01-14 14:47:07,928 INFO success: unbound-healthcheck entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2026-01-14 14:53:33,402 WARN received SIGTERM indicating exit request
2026-01-14 14:53:33,402 INFO waiting for processes, syslog-ng, unbound, unbound-healthcheck to die
2026-01-14 14:53:34,404 WARN stopped: unbound-healthcheck (terminated by SIGTERM)
[1768420414] unbound[19:0] info: service stopped (unbound 1.22.0).
[1768420414] unbound[19:0] info: server stats for thread 0: 132 queries, 32 answers from cache, 100 recursions, 0 prefetch, 0 rejected by ip ratelimiting
[1768420414] unbound[19:0] info: server stats for thread 0: requestlist max 20 avg 8.79 exceeded 24 jostled 0
[1768420414] unbound[19:0] info: average recursion processing time 0.000000 sec
[1768420414] unbound[19:0] info: histogram of recursion processing times
[1768420414] unbound[19:0] info: [25%]=2.5e-07 median[50%]=5e-07 [75%]=7.5e-07
[1768420414] unbound[19:0] info: lower(secs) upper(secs) recursions
[1768420414] unbound[19:0] info: 0.000000 0.000001 76
2026-01-14 14:53:34,417 INFO stopped: unbound (exit status 0)
2026-01-14 14:53:34,417 WARN received SIGQUIT indicating exit request
Jan 14 14:53:34 7f49191ceb3b syslog-ng[18]: syslog-ng shutting down; version=‘4.8.1’
2026-01-14 14:53:34,528 INFO stopped: syslog-ng (exit status 0)
2026-01-14 14:53:34,529 WARN stopped: processes (terminated by SIGTERM)

esackbauer

BisonOpiniatre 2026-01-14 14:53:33,402 WARN received SIGTERM indicating exit request

You need to find out why the unbound container gets the SIGTERM signal (request to shutdown). Look at other logs, e.g. form healthcheck container and correlate what happens at that time.