Mailcow-dockerized: Can receive mails, but not send
I can receive mails from external services like Gmail, but I can not send any mails.
I also checked Common Problems' corresponding section, my IP is not blacklisted, and my server's mail ports are not blocked at all.
From the postfix's log, I can see postfix has some problem.
$ docker-compose logs --tail=10 -f postfix-mailcow
(...)
postfix-mailcow_1 | May 17 02:40:52 mail postfix/qmgr[332]: 58FFE1C1F90: from=<[email protected]
>, size=683, nrcpt=1 (queue active)
postfix-mailcow_1 | May 17 02:41:12 mail postfix/smtp[363]: 58FFE1C1F90: to=<[email protected]
>, relay=none, delay=502, delays=482/0.08/20/0, dsn=4.4.3, status=deferred (Host or domain name not
found. Name service error for name=korsnack.kr type=MX: Host not found, try again)
snack.studio is the domain I want to set my servers up, and korsnack.kr is my other domain which is using Google's mail server.
$ dig MX snack.studio
(...)
snack.studio. 300 IN MX 10 mail.snack.studio.
$ dig mail.snack.studio
(...)
mail.snack.studio. 300 IN A 150.95.131.26
$ dig MX korsnack.kr
(...)
korsnack.kr. 60 IN MX 10 aspmx.l.google.com.
Currently, my docker is behind Ubuntu's UFW, so it's an unusual setup and I think this is where the problem comes from.
# cat /etc/docker/daemon.json
{ "iptables": false }
$ docker exec -i -t mailcowdockerized_bind9-mailcow_1 /bin/ash
/ # ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
/ # ping korsnack.kr
ping: bad address 'korsnack.kr'
Snack-X
>All comments
...and just after submitting this issue, I managed to solve this problem.
I'm just leaving what I found and what I did for the record.
$ iptables -t nat -L -n -v
(...)
Chain POSTROUTING (policy ACCEPT 192 packets, 15178 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
By default, docker creates network interface docker0 and it routes every network packets from the docker containers(172.17.0.0/16) to other interface except docker0 interface itself.
But mailcow creates another network interface, so network packets from mailcow containers cannot go out.
So I modified docker-compose.yml a little bit to assign fixed network interface name, and manually added another rule.
$ git --no-pager diff docker-compose.yml
diff --git a/docker-compose.yml b/docker-compose.yml
index d5c4ead..a1ecd01 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -277,6 +277,8 @@ services:
networks:
mailcow-network:
driver: bridge
+ driver_opts:
+ com.docker.network.bridge.name: br-mailcow
enable_ipv6: true
ipam:
driver: default
$ iptables -t nat -A POSTROUTING -s 172.22.0.0/16 ! -o br-mailcow -j MASQUERADE
$ iptables -t nat -L -n -v
(...)
Chain POSTROUTING (policy ACCEPT 471 packets, 37597 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
466 34847 MASQUERADE all -- * !br-mailcow 172.22.0.0/16 0.0.0.0/0
And, everything is working, for now.
Snack-X
on 17 May 2017
Related issues
Adorfer
路
3Comments
schoebelh
路
3Comments
constin
路
3Comments
CrAazZyMaN21
路
3Comments
K2rool
路
3Comments
Most helpful comment
...and just after submitting this issue, I managed to solve this problem.
I'm just leaving what I found and what I did for the record.
By default, docker creates network interface
docker0and it routes every network packets from the docker containers(172.17.0.0/16) to other interface exceptdocker0interface itself.But mailcow creates another network interface, so network packets from mailcow containers cannot go out.
So I modified
docker-compose.ymla little bit to assign fixed network interface name, and manually added another rule.And, everything is working, for now.