Mailcow-dockerized: Dovecot fails to start after upgrade from state at 2019-09-25
Please try to answer all questions. If you cannot, don't just delete it. If you completely ignore or remove the whole template, your issue is either closed or ignored, too. :( This is (not only) because we are evil. Many awesome mailcow supporters don't bother to reply to an issue, when crucial information is missing. Especially when it could have been answered by using this issue template. We need as much information as possible. Please post all logs, do not copy that one line you think may be interesting. Copy the whole bunch and remove sensible information. :) Thank you!
Prior to placing the issue, please check following: (fill out each checkbox with a X once done)
- [X] I understand that not following below instructions might result in immediate closing and deletion of my issue.
- [X] I have understood that answers are voluntary and community-driven, and not commercial support.
- [X] I have verified that my issue has not been already answered in the past. I also checked previous issues.
Description of the bug: What kind of issue have you exactly come across?
My Dovecot stopped to respond after an upgrade of the setup today from the 2019-09-25 version (last update).
Reproduction of said bug: How exactly do you reproduce the bug?
- I stopped all containers with
docker-compose down - I ran the upgrade script
./update.shand did the upgrade - Dovecot failed to start and SoGo shows
no mailbox selected
__I have tried or I do...__ (fill out each checkbox with a X if applicable)
- [X] In case of WebUI issue, I have tried clearing the browser cache and the issue persists.
- [ ] I do run mailcow on a Synology, QNAP or any other sort of NAS.
System information
Further information (where applicable):
| Question | Answer |
| --- | --- |
| My operating system | Ubuntu 16.04.4 |
| Is Apparmor, SELinux or similar active? | Yes |
| Virtualization technlogy (KVM, VMware, Xen, etc) | KVM |
| Server/VM specifications (Memory, CPU Cores) | 2GB, 1CPU |
| Docker Version (docker version) | 19.03.5 |
| Docker-Compose Version (docker-compose version) | 1.25.1 |
| Reverse proxy (custom solution) | nginx |
Further notes:
- Output of
git diff origin/master, any other changes to the code? If so, please post them. - All third-party firewalls and custom iptables rules are unsupported. Please check the Docker docs about how to use Docker with your own ruleset. Nevertheless, iptabels output can help _us_ to help _you_:
iptables -L -vn,ip6tables -L -vn,iptables -L -vn -t natandip6tables -L -vn -t nat
sudo iptables -L -vn
Chain INPUT (policy ACCEPT 14122 packets, 2831K bytes)
pkts bytes target prot opt in out source destination
14122 2831K MAILCOW all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
7492 1032K MAILCOW all -- * * 0.0.0.0/0 0.0.0.0/0
7563 1041K DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0
7563 1041K DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
6188 943K ACCEPT all -- * br-mailcow 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
386 24503 DOCKER all -- * br-mailcow 0.0.0.0/0 0.0.0.0/0
989 73596 ACCEPT all -- br-mailcow !br-mailcow 0.0.0.0/0 0.0.0.0/0
363 23063 ACCEPT all -- br-mailcow br-mailcow 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 19353 packets, 3821K bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.5 tcp dpt:18080
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.5 tcp dpt:14443
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.7 tcp dpt:587
2 120 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.7 tcp dpt:465
2 104 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.7 tcp dpt:25
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:12345
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:4190
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.11 tcp dpt:3306
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.13 tcp dpt:8983
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:995
19 1216 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:993
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:143
0 0 ACCEPT tcp -- !br-mailcow br-mailcow 0.0.0.0/0 172.22.1.250 tcp dpt:110
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
989 73596 DOCKER-ISOLATION-STAGE-2 all -- br-mailcow !br-mailcow 0.0.0.0/0 0.0.0.0/0
7563 1041K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * br-mailcow 0.0.0.0/0 0.0.0.0/0
989 73596 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
7563 1041K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain MAILCOW (2 references)
pkts bytes target prot opt in out source destination
Check
docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254(set the IP accordingly, if you changed the internal mailcow network) anddocker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @1.1.1.1- output? Timeout?- It Works
General logs:
- Please take a look at the official documentation.
ProfFan
All 24 comments
@andryyy ls -la as per your request :)
total 140
drwxrwxr-x 7 fan fan 4096 Jan 20 05:20 .
drwxr-xr-x 26 fan fan 4096 Jan 20 05:49 ..
-rw-rw-r-- 1 fan fan 3223 Aug 25 2018 CODE_OF_CONDUCT.md
-rw-rw-r-- 1 fan fan 954 Aug 25 2018 CONTRIBUTING.md
drwxrwxr-x 7 fan fan 4096 Jan 20 03:04 data
-rw-r--r-- 1 root root 15819 Jan 20 04:08 docker-compose.yml
-rw-r--r-- 1 root root 414 Jan 20 03:04 .editorconfig
lrwxrwxrwx 1 fan fan 12 Aug 25 2018 .env -> mailcow.conf
-rwxr-xr-x 1 root root 8288 Jan 20 03:04 generate_config.sh
drwxrwxr-x 8 fan fan 4096 Jan 20 05:47 .git
drwxr-xr-x 3 fan fan 4096 Jan 29 2019 .github
-rw-r--r-- 1 root root 1272 Jan 20 03:04 .gitignore
drwxrwxr-x 3 fan fan 4096 Jan 20 03:04 helper-scripts
-rw-rw-r-- 1 fan fan 35141 Aug 25 2018 LICENSE
-rw------- 1 fan fan 3916 Jan 20 05:20 mailcow.conf
-rw-r--r-- 1 root root 662 Aug 18 02:31 README.md
-rw-rw-r-- 1 fan fan 1746 Aug 25 2018 .travis.yml
drwxr-xr-x 2 root root 4096 Jan 20 03:00 update_diffs
-rwxr-xr-x 1 root root 19393 Jan 20 02:33 update.sh
Thank you. Which kernel?
andryyy
on 19 Jan 2020
@andryyy uname -r: 4.15.0-75-generic (the HWE kernel)
ProfFan
on 19 Jan 2020
Can you try to run down, delete all docker images and pull again?
Please also post a git diff.
Are you using overlay as storage driver?
Where did you pull that docker version from? Which repository?
andryyy
on 19 Jan 2020
I am trying that.
git diff is empty.
I am using overlay2:
Client:
Debug Mode: false
Server:
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 31
Server Version: 19.03.5
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
init version: fec3683
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.15.0-75-generic
Operating System: Ubuntu 16.04.6 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.946GiB
Name: iZj6caj6zr3zokmd4c9y6wZ
ID: WVVC:IHNB:WE7W:RTU7:ADY6:KFRK:SDZG:QALJ:GBOZ:DPWX:TLPQ:CGZI
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
Docker:
deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable
# deb-src [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable
@andryyy It appears to be $(dig txt 1.4.3.spamassassin.heinlein-support.de +short | tr -d '"') returning the full DiG report instead of the +short string (1830).
Log:
dovecot-mailcow_1 | curl: (6) Could not resolve host: ;
dovecot-mailcow_1 | curl: (6) Could not resolve host: <<>>
dovecot-mailcow_1 | curl: (6) Could not resolve host: DiG
dovecot-mailcow_1 | curl: (6) Could not resolve host: 9.11.5-P4-5.1-Debian
dovecot-mailcow_1 | curl: (6) Could not resolve host: <<>>
dovecot-mailcow_1 | curl: (6) Could not resolve host: txt
dovecot-mailcow_1 | curl: (6) Could not resolve host: 1.4.3.spamassassin.heinlein-support.de
dovecot-mailcow_1 | curl: (6) Could not resolve host: +short
dovecot-mailcow_1 | curl: (6) Could not resolve host: ;;
dovecot-mailcow_1 | curl: (6) Could not resolve host: global
dovecot-mailcow_1 | curl: (6) Could not resolve host: options
dovecot-mailcow_1 | curl: (6) Could not resolve host: +cmd
dovecot-mailcow_1 | curl: (6) Could not resolve host: ;;
dovecot-mailcow_1 | curl: (6) Could not resolve host: connection
@andryyy I have fixed the issue by terminating the curl process 馃ぃ
sudo docker exec -it $(sudo docker ps -qf name=dovecot-mailcow) killall curl
ProfFan
on 20 Jan 2020
Please use the original images as provided for download. It kind of sounds like the images were built with broken scripts (line endings?).
If you build them, make sure the format is unchanged. :)
This should not be considered a workaround. The default images work fine. :)
Edit: This is just what I assume might be the error here. I booted an Ubuntu 16.04 with that kernel and it worked fine.
andryyy
on 20 Jan 2020
@andryyy actually the images are pulled right from the docker hub (I deleted all images and repulled), same error.
ProfFan
on 20 Jan 2020
Sorry, don't don't why this would happen then. I cannot replicate that issue locally. Would need to see it on the server and do some tests.
andryyy
on 20 Jan 2020
It is indeed very strange...
BTW, my kernel:
Linux iZj6caj6zr3zokmd4c9y6wZ 4.15.0-75-generic #85~16.04.1-Ubuntu SMP Wed Jan 15 12:30:12 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ sudo apt show docker-ce
Package: docker-ce
Version: 5:19.03.5~3-0~ubuntu-xenial
Priority: optional
Section: admin
Maintainer: Docker <[email protected]>
Installed-Size: 109 MB
Depends: docker-ce-cli, containerd.io (>= 1.2.2-3), iptables, libseccomp2 (>= 2.3.0), libc6 (>= 2.8), libdevmapper1.02.1 (>= 2:1.02.97), libsystemd0
Recommends: aufs-tools, ca-certificates, cgroupfs-mount | cgroup-lite, git, pigz, xz-utils, libltdl7, apparmor
Conflicts: docker (<< 1.5~), docker-engine, docker-engine-cs, docker.io, lxc-docker, lxc-docker-virtual-package
Replaces: docker-engine
Homepage: https://www.docker.com
Download-Size: 22.8 MB
APT-Manual-Installed: yes
APT-Sources: https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages
@andryyy It's fine :) I will investigate further tomorrow to see what the problem actually is.
Plus: it is actually a big plus if you can turn on bash tracing (set -x) in the bash scripts that downloads the spam list in dovecot image :)
ProfFan
on 20 Jan 2020
Where is your VM hosted? Which filesystem? I can try to replicate it there.
andryyy
on 20 Jan 2020
It is hosted on Aliyun (Alibaba Cloud), filesystem is ext4.
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.6 LTS
Release: 16.04
Codename: xenial
Last update at:
commit c97dd9b30e310abb2e0b69f2efab6c0e996e241c
Merge: 18ebd53 8b453ab
Author: moo <[email protected]>
Date: Wed Sep 25 07:09:51 2019 +0800
After update on 2019-09-25_07_04_17
commit 18ebd532050d003e025d87055c48132d8f737242
Author: moo <[email protected]>
Date: Wed Sep 25 07:09:48 2019 +0800
Before update on 2019-09-25_07_04_17
commit 8b453ab803a2f9917e8a5e9d77ed585a9e39d60a
Author: andryyy <[email protected]>
Date: Tue Sep 24 19:12:20 2019 +0200
[Web] Allow to set sogo_visible when adding an alias, fixes #2975
commit 14a2a266a1388b195c7cdf419f6ec65c046069a6
Author: andryyy <[email protected]>
Date: Tue Sep 24 18:34:08 2019 +0200
[Web] Improve U2F process and fix Win 1903 hassle
try run "docker-compose logs --tail=100 dovecot-mailcow"
my dovecot can not find the config file, which is not in the right place /var/run/dovecot/dovecot.conf
Tominator89
on 8 Mar 2020
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
![stale[bot] picture](https://avatars3.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 7 May 2020
After half a year I was struck with this again. But this time, I am pretty sure that this is an issue with mailcow itself. Here are my observations and solution:
- This happens each time I try to update mailcow-dockerized
- This:
sudo docker exec -it $(sudo docker ps -qf name=dovecot-mailcow) dig txt 1.4.3.spamassassin.heinlein-support.de +short @172.22.1.254
returns
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> txt 1.4.3.spamassassin.heinlein-support.de +short @172.22.1.254
;; global options: +cmd
;; connection timed out; no servers could be reached
- but if I run this for more than one time, sometimes this works, returning
"1883" - Thus I think this error is caused by the spam list download script not having a sane retry logic, so dovecot is blocked by the download
- The problem is solved by restarting dovecot:
sudo docker restart mailcowdockerized_dovecot-mailcow_1
However, it would be really nice if this can be fixed by the upstream. CC @andryyy
ProfFan
on 4 Jun 2020
Attaching the logs to help reproduce what is happening:
dovecot-mailcow_1 | Uptime: 4 Threads: 8 Questions: 25 Slow queries: 0 Opens: 26 Flush tables: 1 Open tables: 18 Queries per second avg: 6.250
dovecot-mailcow_1 | Adding user `vmail' to group `tty' ...
dovecot-mailcow_1 | Adding user vmail to group tty
dovecot-mailcow_1 | Done.
dovecot-mailcow_1 | % Total % Received % Xferd Average Speed Time Time Time Current
dovecot-mailcow_1 | Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0Warning: Transient problem: timeout Will retry in 1 seconds. 10 retries left.
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0Warning: Transient problem: timeout Will retry in 2 seconds. 9 retries left.
100 43 100 43 0 0 47 0 --:--:-- --:--:-- --:--:-- 47
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 1 seconds. 10 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 2 seconds. 9 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 4 seconds. 8 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 8 seconds. 7 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 16 seconds. 6 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 32 seconds. 5 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 64 seconds. 4 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 128 seconds. 3 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 256 seconds. 2 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 512 seconds. 1 retries left.
dovecot-mailcow_1 | curl: (6) Could not resolve host: ;
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 1 seconds. 10 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 2 seconds. 9 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 4 seconds. 8 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 8 seconds. 7 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 16 seconds. 6 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 32 seconds. 5 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 64 seconds. 4 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 128 seconds. 3 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 256 seconds. 2 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 512 seconds. 1 retries left.
dovecot-mailcow_1 | curl: (6) Could not resolve host: <<>>
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 1 seconds. 10 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 2 seconds. 9 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 4 seconds. 8 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 8 seconds. 7 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 16 seconds. 6 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 32 seconds. 5 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 64 seconds. 4 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 128 seconds. 3 retries left.
dovecot-mailcow_1 | Warning: Transient problem: timeout Will retry in 256 seconds. 2 retries left.
After restart:
dovecot-mailcow_1 | Uptime: 2531 Threads: 16 Questions: 7343 Slow queries: 0 Opens: 92 Flush tables: 3 Open tables: 31 Queries per second avg: 2.901
dovecot-mailcow_1 | The user `vmail' is already a member of `tty'.
dovecot-mailcow_1 | % Total % Received % Xferd Average Speed Time Time Time Current
dovecot-mailcow_1 | Dload Upload Total Spent Left Speed
100 98k 100 98k 0 0 32190 0 0:00:03 0:00:03 --:--:-- 32200
dovecot-mailcow_1 | 20_blatspammer.cf
dovecot-mailcow_1 | 70_HS_body.cf
dovecot-mailcow_1 | 70_HS_header.cf
dovecot-mailcow_1 | {"msg":"command completed successfully","type":"success"}
dovecot-mailcow_1 | 2020-06-05 05:02:55,277 INFO Set uid to user 0 succeeded
dovecot-mailcow_1 | 2020-06-05 05:02:55,287 INFO supervisord started with pid 1
dovecot-mailcow_1 | 2020-06-05 05:02:56,294 INFO spawned: 'processes' with pid 123
dovecot-mailcow_1 | 2020-06-05 05:02:56,296 INFO spawned: 'cron' with pid 124
dovecot-mailcow_1 | 2020-06-05 05:02:56,320 INFO spawned: 'dovecot' with pid 125
dovecot-mailcow_1 | 2020-06-05 05:02:56,322 INFO spawned: 'syslog-ng' with pid 126
dovecot-mailcow_1 | [2020-06-05T05:02:56.965269] WARNING: With use-dns(no), dns-cache() will be forced to 'no' too!;
dovecot-mailcow_1 | Jun 5 05:02:56 mail syslog-ng[126]: syslog-ng starting up; version='3.19.1'
dovecot-mailcow_1 | 2020-06-05 05:02:57,996 INFO success: processes entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
dovecot-mailcow_1 | 2020-06-05 05:02:57,997 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
dovecot-mailcow_1 | 2020-06-05 05:02:57,997 INFO success: dovecot entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
dovecot-mailcow_1 | 2020-06-05 05:02:57,997 INFO success: syslog-ng entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
Please note here:
dovecot-mailcow_1 | curl: (6) Could not resolve host: ;
These are probably caused by the script not checking for wget returning an error and blindly using the data in subsequent calls.
ProfFan
on 4 Jun 2020
Not related to an update at all.
DNS inside the container seems broken.
Again: not related to an update.
andryyy
on 5 Jun 2020
Please check your setup. There are so many possible misconfigurations leading to a failing DNS. All are related to your network and I am not willing to give out free hands-on anymore.
I can assure you it is not a problem _we_ need to fix. But I'm also not able to provide free hands-on support to everyone anymore. I did this too often. :(
The reason you encountered this error _again_ sounds like you never really fixed your system.
Check why resolving fails. The only change in the image was a line in a Python script. ;) I doubt that broke DNS resolving.
There are support packages for exactly these problems. I _will_ find the problem, when getting my hands on it. And it will definitely be a network problem. :)
andryyy
on 5 Jun 2020
I experienced the same symptoms described here and it was because I still had IPv6 enabled in mailcow (the default) but didn鈥檛 have it enabled on the host.
We tried looking at fallback options for Unbound but I don鈥檛 believe there鈥檚 anything that can prevent the issue. So we ended up documenting a fix here.
If you have the ability to support IPv6 turn it on. If not, you should disable it in mailcow.
nightah
on 5 Jun 2020
If you have the ability to support IPv6 turn it on. If not, you should disable it in mailcow.
seconded, since "delivery via IPv6" is less likely to be flagged false positivly as SPAM. there seems to be a "ipv6 bonus".
But to the topic: I would suggest to have more sanity checks in mailcow (each with manual override)
eg.
- testing unbound (ipv4, ipv6)
- testing forward/ptr-dns hosthname for local IPv4 and v6
- testing of architecture of the docker-bridge (to prevent becoming a spam relay)
- warning for low RAM (in conflict with config settings eg. FTS and threadvalues)
Adorfer
on 5 Jun 2020
@nightah was it fixed for you with do-ipv6: no?
andryyy
on 5 Jun 2020
@nightah was it fixed for you with do-ipv6: no?
That鈥檚 right @andryyy.
I鈥檓 not sure if you remember but one of the other symptoms was that often the first PTR lookup for a set of addresses would often take 6-9 seconds, which would also result in additional rspamd headers for not being able to resolve the reverse address in time.
You can disable ipv6 entirely or just change the Unbound setting per your post.
nightah
on 6 Jun 2020
Related issues
phipag
路
3Comments
a3li
路
3Comments
schoebelh
路
3Comments
mritzmann
路
3Comments
patrick7
路
3Comments
Most helpful comment
Please check your setup. There are so many possible misconfigurations leading to a failing DNS. All are related to your network and I am not willing to give out free hands-on anymore.
I can assure you it is not a problem _we_ need to fix. But I'm also not able to provide free hands-on support to everyone anymore. I did this too often. :(
The reason you encountered this error _again_ sounds like you never really fixed your system.
Check why resolving fails. The only change in the image was a line in a Python script. ;) I doubt that broke DNS resolving.
There are support packages for exactly these problems. I _will_ find the problem, when getting my hands on it. And it will definitely be a network problem. :)