Liebe Community,
Ich brauche dringend Hilfe und habe mein Problem leider nicht selbst lösen können.
Ich habe nach folgender Anleitung: https://goneuland.de/mailcow-e-mail-komplettsytem-mit-antivirus-spam-filer-webmail-webfrontend-installieren-mittels-docker-und-traefik/ Mailcow dockerized auf meinem cloud-Server bei Hetzner installiert. Traefik wird leider benötigt, weil ich noch einige weitere Dienste auf diesem Server betreibe.
Die Installation scheint grundlegend zu funktionieren. Ich kann per Thunderbird Mails über IMAP senden und empfangen. Über https://www.mail-tester.com/test-6fs7r50vj bekomme ich eine Bewertung von 10/10. DNS, DKIM und DMARC müssten also korrekt eingerichtet sein.
Mailcow ist aktuell. Ich habe gerade erfolgreich (ohne Fehlermeldungen) ./update.sh ausgeführt.
Alle Mailcow Container laufen.
Mein Problem besteht darin, dass ich mich zwar erfolgreich im SoGo anmelden kann, dort aber die Meldung bekomme, dass keine Mailbox ausgewählt sei. Dementsprechend sehe ich keine Ordner und kann über SoGo keine E-Mails verfassen oder empfangen.
SoGo Logs Ausschnitt:
23.06.2021, 00:27:58 notice [75]: 172.22.1.1 "GET /SOGo.index/ HTTP/1.1" 200 2573/0 0.073 - - 8M - 12
23.06.2021, 00:27:58 notice 00:27:58.212 sogod[75:75] could not get DNS name of address 172.22.1.1 in domain <InternetDomain[0x0x5640f4c8feb0]>: 1
23.06.2021, 00:27:58 notice 00:27:58.211 sogod[75:75] -[NGInternetSocketAddress _fillHost]: host not found ..
23.06.2021, 00:27:53 notice [75]: 37.4.250.60 "POST /SOGo/so/username@fwsmail.de/Mail/unseenCount HTTP/1.0" 200 21/31 0.039 - - 0 - 11
23.06.2021, 00:27:53 notice [75]: [ERROR] <0x5640f4869400[SOGoMailAccount]:0> Could not connect IMAP4
23.06.2021, 00:27:53 notice <0x0x5640f4be9eb0[NGImap4Client]: login=username@fwsmail.de(pwd) socket=<NGActiveSocket[0x0x5640f4988ec0]: mode=rw address=<0x0x5640f4988f50[NGInternetSocketAddress]: host=331a166b76bb port=50008> connectedTo=<0x0x5640f4f62f10[NGInternetSocketAddress]: host=172.22.1.250 port=143>>>
23.06.2021, 00:27:53 notice
23.06.2021, 00:27:53 notice
23.06.2021, 00:27:53 notice //username%40fwsmail.de@172.22.1.250/?tls=NO&tlsVerifyMode=none
23.06.2021, 00:27:53 notice user=username@fwsmail.de, pwd=yes
23.06.2021, 00:27:53 notice [75]: [ERROR] <0x0x5640f4c486f0[NGImap4ConnectionManager]> IMAP4 login failed:
23.06.2021, 00:27:53 notice [75]: <0x5640f4869400[SOGoMailAccount]:0> renewing imap4 password
Dovecot Logs Ausschnitt:
22.06.2021, 23:33:13 info managesieve-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:33:13 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:33:12 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
22.06.2021, 23:33:12 info lmtp(138): Disconnect from 172.22.1.1: Logged out (state=MAIL FROM)
22.06.2021, 23:33:12 info lmtp(138): Connect from 172.22.1.1
22.06.2021, 23:32:47 info imap-login: Login: user=<username@fwsmail.de>, method=PLAIN, rip=37.4.250.60, lip=172.22.1.250, mpid=146, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
22.06.2021, 23:32:39 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
22.06.2021, 23:32:39 info managesieve-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:32:39 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:32:38 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
22.06.2021, 23:32:38 info lmtp(138): Disconnect from 172.22.1.1: Logged out (state=MAIL FROM)
22.06.2021, 23:32:38 info lmtp(138): Connect from 172.22.1.1
22.06.2021, 23:32:10 info master: Dovecot v2.3.15 (0503334ab1) starting up for imap, sieve, lmtp, pop3
22.06.2021, 23:30:44 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
22.06.2021, 23:30:21 info managesieve-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:30:21 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:30:21 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
22.06.2021, 23:30:21 info lmtp(65301): Disconnect from 172.22.1.1: Logged out (state=MAIL FROM)
22.06.2021, 23:30:21 info lmtp(65301): Connect from 172.22.1.1
22.06.2021, 23:29:13 info managesieve-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:29:13 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:29:13 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
22.06.2021, 23:29:13 info lmtp(65207): Disconnect from 172.22.1.1: Logged out (state=MAIL FROM)
22.06.2021, 23:29:13 info lmtp(65207): Connect from 172.22.1.1
22.06.2021, 23:28:28 info managesieve-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:28:28 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:28:28 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
22.06.2021, 23:28:28 info lmtp(65207): Disconnect from 172.22.1.1: Logged out (state=MAIL FROM)
22.06.2021, 23:28:28 info lmtp(65207): Connect from 172.22.1.1
22.06.2021, 23:27:20 info managesieve-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:27:20 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
22.06.2021, 23:27:20 info imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
22.06.2021, 23:27:20 info lmtp(65165): Disconnect from 172.22.1.1: Logged out (state=MAIL FROM)
22.06.2021, 23:27:20 info lmtp(65165): Connect from 172.22.1.1
22.06.2021, 23:26:12 info managesieve-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=172.22.1.1, lip=172.22.1.250
git diff (nur Zertifikate entfernt):
`diff –git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf
index 00eb8a93..6bb25e48 100644
— a/data/conf/postfix/main.cf
+++ b/data/conf/postfix/main.cf
@@ -198,3 +198,6 @@ parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks
DO NOT EDIT ANYTHING BELOW
User overrides
+
+myhostname = mail.fwsmail.de
+
diff –git a/docker-compose.yml b/docker-compose.yml
index 469cf6fb..505e663a 100644
— a/docker-compose.yml
+++ b/docker-compose.yml
@@ -373,9 +373,9 @@ services:
- ./data/conf/nginx/:/etc/nginx/conf.d/:z
- ./data/conf/rspamd/meta_exporter:/meta_exporter:ro,z
- sogo-web-vol-1:/usr/lib/GNUstep/SOGo/:z
- ports:
- - “${HTTPS_BIND:-:}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}”
- - “${HTTP_BIND:-:}:${HTTP_PORT:-80}:${HTTP_PORT:-80}”
- #ports:
- “${HTTPS_BIND:-:}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}”
- “${HTTP_BIND:-:}:${HTTP_PORT:-80}:${HTTP_PORT:-80}”
restart: always
networks:
mailcow-network:`
docker-compose.override.yml:
`version: ‘2.1’
services:
nginx-mailcow:
labels:
- “traefik.enable=true”
- “traefik.docker.network=traefik-proxy”
- "traefik.http.routers.nginx-mailcow.entrypoints=http"
- "traefik.http.routers.nginx-mailcow.rule=HostRegexp(`{host:(autodiscover|autoconfig|webmail|mail|email).+}`)"
- "traefik.http.routers.nginx-mailcow.middlewares=nginx-mailcow-https-redirect"
- "traefik.http.middlewares.nginx-mailcow-https-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.nginx-mailcow-https-redirect.redirectscheme.permanent=true"
- "traefik.http.routers.nginx-mailcow-secure.entrypoints=https"
- "traefik.http.routers.nginx-mailcow-secure.rule=Host(`mail.fwsmail.de`)" ###### hier eure FQDN angeben #####
- "traefik.http.routers.nginx-mailcow-secure.tls=true"
- "traefik.http.routers.nginx-mailcow-secure.tls.certresolver=http"
- "traefik.http.routers.nginx-mailcow-secure.service=nginx-mailcow"
- "traefik.http.routers.nginx-mailcow-secure.tls.domains[0].main=mail.fwsmail.de" ###### anpassen zu euer FQDN von oben #####
- "traefik.http.routers.nginx-mailcow-secure.tls.domains[0].sans=imap.fwsmail.de, smtp.fwsmail.de, pop3.fwsmail.de" ## Domain anpassen ##
- "traefik.http.services.nginx-mailcow.loadbalancer.server.port=80"
networks:
traefik-proxy:
mailcow-certdumper:
image: humenius/traefik-certs-dumper
container_name: mailcow-certdumper
restart: unless-stopped
network_mode: none
command: --restart-containers mailcowdockerized_postfix-mailcow_1,mailcowdockerized_dovecot-mailcow_1
volumes:
# mount the folder which contains Traefik's `acme.json' file
# in this case Traefik is started from its own docker-compose in ../traefik
- /root/storage/traefik/data:/traefik:ro
# mount mailcow's SSL folder
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/assets/ssl:/output:rw
environment:
# only change this, if you're using another domain for mailcow's web frontend compared to the standard config
- DOMAIN=${MAILCOW_HOSTNAME}
networks:
traefik-proxy:
external: true`
docker version (client and server):
Docker Engine - Community
Version: 20.10.6
...
System:
Ubuntu 20.04.2 LTS auf Hetzner Cloud Server
iptables (nicht manuell bearbeitet, alles Einträge von Docker bzw. fail2ban:
`root@vServer:~/mailcow# iptables -L -vn
Chain INPUT (policy ACCEPT 5414 packets, 1660K bytes)
pkts bytes target prot opt in out source destination
5743 1692K MAILCOW all – * * 0.0.0.0/0 0.0.0.0/0
10572 674K f2b-sshd tcp – * * 0.0.0.0/0 0.0.0.0/0 multiport dports 49822
0 0 ACCEPT tcp – eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* openvpn-input-rule /
39129 2281K f2b-sshdlongterm tcp – * * 0.0.0.0/0 0.0.0.0/0 multiport dports 49822
32290 3176K ACCEPT udp – eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:443 / wireguard-input-rule */
39129 2281K f2b-sshdlongterm tcp – * * 0.0.0.0/0 0.0.0.0/0 multiport dports 49822
39129 2281K f2b-sshd tcp – * * 0.0.0.0/0 0.0.0.0/0 multiport dports 49822
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
164K 293M MAILCOW all – * * 0.0.0.0/0 0.0.0.0/0
171K 396M DOCKER-USER all – * * 0.0.0.0/0 0.0.0.0/0
171K 396M DOCKER-ISOLATION-STAGE-1 all – * * 0.0.0.0/0 0.0.0.0/0
150K 393M ACCEPT all – * br-mailcow 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
9416 577K DOCKER all – * br-mailcow 0.0.0.0/0 0.0.0.0/0
9539 661K ACCEPT all – br-mailcow !br-mailcow 0.0.0.0/0 0.0.0.0/0
9413 577K ACCEPT all – br-mailcow br-mailcow 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all – * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – docker0 docker0 0.0.0.0/0 0.0.0.0/0
1960 4757K ACCEPT all – * br-a44fe1c68254 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
273 18852 DOCKER all – * br-a44fe1c68254 0.0.0.0/0 0.0.0.0/0
2277 199K ACCEPT all – br-a44fe1c68254 !br-a44fe1c68254 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – br-a44fe1c68254 br-a44fe1c68254 0.0.0.0/0 0.0.0.0/0
85330 29M ACCEPT all – * br-d1415a748398 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
14759 872K DOCKER all – * br-d1415a748398 0.0.0.0/0 0.0.0.0/0
68945 26M ACCEPT all – br-d1415a748398 !br-d1415a748398 0.0.0.0/0 0.0.0.0/0
4277 257K ACCEPT all – br-d1415a748398 br-d1415a748398 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – eth0 tun0 0.0.0.0/0 10.8.0.0/24 ctstate RELATED,ESTABLISHED /* openvpn-forward-rule /
0 0 ACCEPT all – tun0 eth0 10.8.0.0/24 0.0.0.0/0 / openvpn-forward-rule /
0 0 ACCEPT all – eth0 wg0 0.0.0.0/0 10.6.0.0/24 ctstate RELATED,ESTABLISHED / wireguard-forward-rule /
0 0 ACCEPT all – wg0 eth0 10.6.0.0/24 0.0.0.0/0 / wireguard-forward-rule */
0 0 ACCEPT all – * br-528eef17f60e 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all – * br-528eef17f60e 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – br-528eef17f60e !br-528eef17f60e 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – br-528eef17f60e br-528eef17f60e 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 8023 packets, 713K bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (5 references)
pkts bytes target prot opt in out source destination
9301 552K ACCEPT tcp – !br-d1415a748398 br-d1415a748398 0.0.0.0/0 172.19.0.2 tcp dpt:443
0 0 ACCEPT tcp – !br-a44fe1c68254 br-a44fe1c68254 0.0.0.0/0 172.21.0.2 tcp dpt:80
0 0 ACCEPT udp – !br-a44fe1c68254 br-a44fe1c68254 0.0.0.0/0 172.21.0.2 udp dpt:67
1181 63800 ACCEPT tcp – !br-d1415a748398 br-d1415a748398 0.0.0.0/0 172.19.0.2 tcp dpt:80
0 0 ACCEPT tcp – !br-a44fe1c68254 br-a44fe1c68254 0.0.0.0/0 172.21.0.2 tcp dpt:53
0 0 ACCEPT tcp – !br-d1415a748398 br-d1415a748398 0.0.0.0/0 172.19.0.3 tcp dpt:9883
0 0 ACCEPT tcp – !br-d1415a748398 br-d1415a748398 0.0.0.0/0 172.19.0.3 tcp dpt:8883
273 18852 ACCEPT udp – !br-a44fe1c68254 br-a44fe1c68254 0.0.0.0/0 172.21.0.2 udp dpt:53
0 0 ACCEPT tcp – !br-d1415a748398 br-d1415a748398 0.0.0.0/0 172.19.0.5 tcp dpt:8083
0 0 ACCEPT tcp – !br-d1415a748398 br-d1415a748398 0.0.0.0/0 172.19.0.3 tcp dpt:1883
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.3 tcp dpt:8983
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.8 tcp dpt:5443
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.249 tcp dpt:6379
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.8 tcp dpt:5269
1 40 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.8 tcp dpt:5222
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.9 tcp dpt:3306
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.253 tcp dpt:587
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:12345
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:4190
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.253 tcp dpt:465
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:995
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.253 tcp dpt:25
2 136 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:993
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:143
0 0 ACCEPT tcp – !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:110
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
9539 661K DOCKER-ISOLATION-STAGE-2 all – br-mailcow !br-mailcow 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-2 all – docker0 !docker0 0.0.0.0/0 0.0.0.0/0
2277 199K DOCKER-ISOLATION-STAGE-2 all – br-a44fe1c68254 !br-a44fe1c68254 0.0.0.0/0 0.0.0.0/0
68945 26M DOCKER-ISOLATION-STAGE-2 all – br-d1415a748398 !br-d1415a748398 0.0.0.0/0 0.0.0.0/0
11M 7889M RETURN all – * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (4 references)
pkts bytes target prot opt in out source destination
0 0 DROP all – * br-mailcow 0.0.0.0/0 0.0.0.0/0
0 0 DROP all – * docker0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all – * br-a44fe1c68254 0.0.0.0/0 0.0.0.0/0
0 0 DROP all – * br-d1415a748398 0.0.0.0/0 0.0.0.0/0
459K 66M RETURN all – * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
11M 7889M RETURN all – * * 0.0.0.0/0 0.0.0.0/0
Chain MAILCOW (2 references)
pkts bytes target prot opt in out source destination
Chain f2b-sshd (2 references)
pkts bytes target prot opt in out source destination
49699 2954K RETURN all – * * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all – * * 0.0.0.0/0 0.0.0.0/0
Chain f2b-sshdlongterm (2 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all – * * 182.75.139.26 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all – * * 14.204.145.108 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all – * * 114.69.244.122 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all – * * 103.86.180.10 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all – * * 103.86.180.10 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all – * * 182.75.139.26 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all – * * 114.69.244.122 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all – * * 14.204.145.108 0.0.0.0/0 reject-with icmp-port-unreachable
78258 4562K RETURN all – * * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all – * * 0.0.0.0/0 0.0.0.0/0
`
` ip6tables -L -vn
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
513 32720 MAILCOW all * * ::/0 ::/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER-USER all * * ::/0 ::/0
19914 14M MAILCOW all * * ::/0 ::/0
1773K 2701M DOCKER all * br-mailcow ::/0 ::/0
1505K 2682M ACCEPT all * br-mailcow ::/0 ::/0 ctstate RELATED,ESTABLISHED
30160 3066K ACCEPT all br-mailcow !br-mailcow ::/0 ::/0
268K 19M ACCEPT all br-mailcow br-mailcow ::/0 ::/0
1214 102K DOCKER-ISOLATION-STAGE-1 all * * ::/0 ::/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::e tcp dpt:25
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::e tcp dpt:465
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::e tcp dpt:587
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::f tcp dpt:143
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::f tcp dpt:4190
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::f tcp dpt:993
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::f tcp dpt:995
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::f tcp dpt:110
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::a tcp dpt:5222
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::a tcp dpt:5269
0 0 ACCEPT tcp !br-mailcow br-mailcow ::/0 fd4d:6169:6c63:6f77::a tcp dpt:5443
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 all br-mailcow !br-mailcow ::/0 ::/0
0 0 RETURN all * * ::/0 ::/0
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all * br-mailcow ::/0 ::/0
0 0 RETURN all * * ::/0 ::/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
1805K 2704M RETURN all * * ::/0 ::/0
Chain MAILCOW (2 references)
pkts bytes target prot opt in out source destination
`
`root@vServer:~/mailcow# iptables -L -vn -t nat
Chain PREROUTING (policy ACCEPT 11383 packets, 715K bytes)
pkts bytes target prot opt in out source destination
12802 794K DOCKER all – * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 16 packets, 1344 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 3 packets, 180 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all – * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 53 packets, 3022 bytes)
pkts bytes target prot opt in out source destination
1479 108K MASQUERADE all – * !br-mailcow 172.22.1.0/24 0.0.0.0/0
0 0 MASQUERADE all – * !docker0 172.17.0.0/16 0.0.0.0/0
551 38430 MASQUERADE all – * !br-a44fe1c68254 172.21.0.0/16 0.0.0.0/0
78 4970 MASQUERADE all – * !br-d1415a748398 172.19.0.0/16 0.0.0.0/0
0 0 MASQUERADE all – * eth0 10.8.0.0/24 0.0.0.0/0 /* openvpn-nat-rule /
0 0 MASQUERADE all – * eth0 10.6.0.0/24 0.0.0.0/0 / wireguard-nat-rule */
820K 50M MASQUERADE all – * !br-528eef17f60e 172.22.0.0/16 0.0.0.0/0
0 0 MASQUERADE tcp – * * 172.22.0.2 172.22.0.2 tcp dpt:80
0 0 MASQUERADE udp – * * 172.22.0.2 172.22.0.2 udp dpt:67
0 0 MASQUERADE tcp – * * 172.22.0.2 172.22.0.2 tcp dpt:53
0 0 MASQUERADE udp – * * 172.22.0.2 172.22.0.2 udp dpt:53
0 0 MASQUERADE tcp – * * 172.19.0.2 172.19.0.2 tcp dpt:443
0 0 MASQUERADE tcp – * * 172.21.0.2 172.21.0.2 tcp dpt:80
0 0 MASQUERADE udp – * * 172.21.0.2 172.21.0.2 udp dpt:67
0 0 MASQUERADE tcp – * * 172.19.0.2 172.19.0.2 tcp dpt:80
0 0 MASQUERADE tcp – * * 172.19.0.3 172.19.0.3 tcp dpt:9883
0 0 MASQUERADE tcp – * * 172.21.0.2 172.21.0.2 tcp dpt:53
0 0 MASQUERADE tcp – * * 172.19.0.3 172.19.0.3 tcp dpt:8883
0 0 MASQUERADE udp – * * 172.21.0.2 172.21.0.2 udp dpt:53
0 0 MASQUERADE tcp – * * 172.19.0.5 172.19.0.5 tcp dpt:8083
0 0 MASQUERADE tcp – * * 172.19.0.3 172.19.0.3 tcp dpt:1883
0 0 MASQUERADE tcp – * * 172.22.1.3 172.22.1.3 tcp dpt:8983
0 0 MASQUERADE tcp – * * 172.22.1.8 172.22.1.8 tcp dpt:5443
0 0 MASQUERADE tcp – * * 172.22.1.249 172.22.1.249 tcp dpt:6379
0 0 MASQUERADE tcp – * * 172.22.1.8 172.22.1.8 tcp dpt:5269
0 0 MASQUERADE tcp – * * 172.22.1.8 172.22.1.8 tcp dpt:5222
0 0 MASQUERADE tcp – * * 172.22.1.9 172.22.1.9 tcp dpt:3306
0 0 MASQUERADE tcp – * * 172.22.1.253 172.22.1.253 tcp dpt:587
0 0 MASQUERADE tcp – * * 172.22.1.250 172.22.1.250 tcp dpt:12345
0 0 MASQUERADE tcp – * * 172.22.1.250 172.22.1.250 tcp dpt:4190
0 0 MASQUERADE tcp – * * 172.22.1.253 172.22.1.253 tcp dpt:465
0 0 MASQUERADE tcp – * * 172.22.1.250 172.22.1.250 tcp dpt:995
0 0 MASQUERADE tcp – * * 172.22.1.253 172.22.1.253 tcp dpt:25
0 0 MASQUERADE tcp – * * 172.22.1.250 172.22.1.250 tcp dpt:993
0 0 MASQUERADE tcp – * * 172.22.1.250 172.22.1.250 tcp dpt:143
0 0 MASQUERADE tcp – * * 172.22.1.250 172.22.1.250 tcp dpt:110
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all – br-mailcow * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all – docker0 * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all – br-a44fe1c68254 * 0.0.0.0/0 0.0.0.0/0
9 540 RETURN all – br-d1415a748398 * 0.0.0.0/0 0.0.0.0/0
9301 552K DNAT tcp – !br-d1415a748398 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 to:172.19.0.2:443
0 0 DNAT tcp – !br-a44fe1c68254 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 to:172.21.0.2:80
0 0 DNAT udp – !br-a44fe1c68254 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 to:172.21.0.2:67
1183 63920 DNAT tcp – !br-d1415a748398 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.19.0.2:80
0 0 DNAT tcp – !br-a44fe1c68254 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 to:172.21.0.2:53
0 0 DNAT tcp – !br-d1415a748398 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9883 to:172.19.0.3:9883
0 0 DNAT tcp – !br-d1415a748398 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8883 to:172.19.0.3:8883
273 18852 DNAT udp – !br-a44fe1c68254 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 to:172.21.0.2:53
0 0 DNAT tcp – !br-d1415a748398 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8083 to:172.19.0.5:8083
0 0 DNAT tcp – !br-d1415a748398 * 0.0.0.0/0 127.0.0.1 tcp dpt:1883 to:172.19.0.3:1883
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 127.0.0.1 tcp dpt:18983 to:172.22.1.3:8983
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5443 to:172.22.1.8:5443
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 127.0.0.1 tcp dpt:7654 to:172.22.1.249:6379
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5269 to:172.22.1.8:5269
1 40 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5222 to:172.22.1.8:5222
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 127.0.0.1 tcp dpt:13306 to:172.22.1.9:3306
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 to:172.22.1.253:587
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 127.0.0.1 tcp dpt:19991 to:172.22.1.250:12345
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4190 to:172.22.1.250:4190
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 to:172.22.1.253:465
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 to:172.22.1.250:995
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 to:172.22.1.253:25
2 136 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 to:172.22.1.250:993
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 to:172.22.1.250:143
0 0 DNAT tcp – !br-mailcow * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 to:172.22.1.250:110`
`root@vServer:~/mailcow# ip6tables -L -vn -t nat
Chain PREROUTING (policy ACCEPT 26 packets, 2094 bytes)
pkts bytes target prot opt in out source destination
6 460 DOCKER all * * ::/0 ::/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all * * ::/0 !::1 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 24 packets, 1920 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all * br-mailcow ::/0 ::/0 ADDRTYPE match dst-type LOCAL
19010 1698K MASQUERADE all * !br-mailcow fd4d:6169:6c63:6f77::/64 ::/0
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::e fd4d:6169:6c63:6f77::e tcp dpt:110
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::e fd4d:6169:6c63:6f77::e tcp dpt:143
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::e fd4d:6169:6c63:6f77::e tcp dpt:4190
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::e fd4d:6169:6c63:6f77::e tcp dpt:993
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::e fd4d:6169:6c63:6f77::e tcp dpt:995
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::f fd4d:6169:6c63:6f77::f tcp dpt:25
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::f fd4d:6169:6c63:6f77::f tcp dpt:465
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::f fd4d:6169:6c63:6f77::f tcp dpt:587
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::a fd4d:6169:6c63:6f77::a tcp dpt:5222
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::a fd4d:6169:6c63:6f77::a tcp dpt:5269
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::a fd4d:6169:6c63:6f77::a tcp dpt:5443
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::3 fd4d:6169:6c63:6f77::3 tcp dpt:5269
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::3 fd4d:6169:6c63:6f77::3 tcp dpt:5443
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::3 fd4d:6169:6c63:6f77::3 tcp dpt:5222
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::e fd4d:6169:6c63:6f77::e tcp dpt:25
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::e fd4d:6169:6c63:6f77::e tcp dpt:465
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::e fd4d:6169:6c63:6f77::e tcp dpt:587
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::b fd4d:6169:6c63:6f77::b tcp dpt:5443
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::b fd4d:6169:6c63:6f77::b tcp dpt:5222
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::b fd4d:6169:6c63:6f77::b tcp dpt:5269
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::f fd4d:6169:6c63:6f77::f tcp dpt:110
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::f fd4d:6169:6c63:6f77::f tcp dpt:143
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::f fd4d:6169:6c63:6f77::f tcp dpt:4190
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::f fd4d:6169:6c63:6f77::f tcp dpt:993
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::f fd4d:6169:6c63:6f77::f tcp dpt:995
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::12 fd4d:6169:6c63:6f77::12 tcp dpt:995
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::12 fd4d:6169:6c63:6f77::12 tcp dpt:110
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::12 fd4d:6169:6c63:6f77::12 tcp dpt:143
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::12 fd4d:6169:6c63:6f77::12 tcp dpt:4190
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::12 fd4d:6169:6c63:6f77::12 tcp dpt:993
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::b fd4d:6169:6c63:6f77::b tcp dpt:25
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::b fd4d:6169:6c63:6f77::b tcp dpt:465
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::b fd4d:6169:6c63:6f77::b tcp dpt:587
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::d fd4d:6169:6c63:6f77::d tcp dpt:5443
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::d fd4d:6169:6c63:6f77::d tcp dpt:5222
0 0 MASQUERADE tcp * * fd4d:6169:6c63:6f77::d fd4d:6169:6c63:6f77::d tcp dpt:5269
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all br-mailcow * ::/0 ::/0
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:25 to:[fd4d:6169:6c63:6f77::e]:25
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:465 to:[fd4d:6169:6c63:6f77::e]:465
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:587 to:[fd4d:6169:6c63:6f77::e]:587
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:143 to:[fd4d:6169:6c63:6f77::f]:143
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:4190 to:[fd4d:6169:6c63:6f77::f]:4190
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:993 to:[fd4d:6169:6c63:6f77::f]:993
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:995 to:[fd4d:6169:6c63:6f77::f]:995
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:110 to:[fd4d:6169:6c63:6f77::f]:110
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:5222 to:[fd4d:6169:6c63:6f77::a]:5222
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:5269 to:[fd4d:6169:6c63:6f77::a]:5269
0 0 DNAT tcp !br-mailcow * ::/0 ::/0 tcp dpt:5443 to:[fd4d:6169:6c63:6f77::a]:5443`
DNS:
root@vServer:~/mailcow# docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254
151.101.1.69
151.101.65.69
151.101.129.69
151.101.193.69
Was kann ich tun, um den Fehler zu finden und zu beheben? Das komplette Entfernen von Mailcow, anschließende Bereinigen von Docker und eine komplette Neuinstallation von Mailcow führten leider wieder zu dem gleichen Ergebnis.