Main CalDAV calendar gone after MacOS Sonoma upgrade

Contribution guidelines

[X] I've read the contribution guidelines and wholeheartedly agree

I've found a bug and checked that ...

[X] ... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
[X] ... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
[X] ... I have understood that answers are voluntary and community-driven, and not commercial support.
[X] ... I have verified that my issue has not been already answered in the past. I also checked previous issues.

Description

After upgrading to MacOS Sonoma, Apple Calendar no longer shows my main CalDAV calendar. It also doesn't let me the main calendar of my delegates.

Wonder if this is related to https://bugs.sogo.nu/view.php?id=5639 and whether SOGO 5.9 would hence fix this?

Logs:

mailcowdockerized-watchdog-mailcow-1   | Wed Sep 27 14:02:01 EEST 2023 Fail2ban health level: 100% (1/1), health trend: 0
mailcowdockerized-watchdog-mailcow-1   | Wed Sep 27 14:02:02 EEST 2023 Postfix health level: 100% (8/8), health trend: 0
mailcowdockerized-nginx-mailcow-1      | 172.22.1.4 - - [27/Sep/2023:14:02:02 +0300] "GET / HTTP/1.1" 200 15 "-" "check_http/v (nagios-plugins 2.4.2)"
mailcowdockerized-watchdog-mailcow-1   | Wed Sep 27 14:02:02 EEST 2023 Nginx health level: 100% (5/5), health trend: 0
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:02 1e439c290f4d sogod [57]: mailcowdockerized-watchdog-mailcow-1.mailcowdockerized_mailcow-network "GET /SOGo.index/ HTTP/1.1" 200 2593/0 0.005 - - 0 - 14
mailcowdockerized-watchdog-mailcow-1   | Wed Sep 27 14:02:02 EEST 2023 SOGo health level: 100% (3/3), health trend: 0
mailcowdockerized-watchdog-mailcow-1   | Wed Sep 27 14:02:03 EEST 2023 Mail queue health level: 100% (20/20), health trend: 0
mailcowdockerized-php-fpm-mailcow-1    | fd4d:6169:6c63:6f77::10 -  27/Sep/2023:14:02:03 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - - [27/Sep/2023:14:02:03 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - - [27/Sep/2023:14:02:03 +0300] "REPORT /SOGo/dav/lars%40eggert.org/ HTTP/1.1" 401 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:03 1e439c290f4d sogod [57]: 172.24.0.1 "REPORT /SOGo/dav/lars%40eggert.org/ HTTP/1.0" 401 0/768 0.003 - - 0 - 14
mailcowdockerized-php-fpm-mailcow-1    | 172.22.1.11 - lars@eggert.org 27/Sep/2023:14:02:03 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - lars@eggert.org [27/Sep/2023:14:02:04 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - lars@eggert.org [27/Sep/2023:14:02:04 +0300] "REPORT /SOGo/dav/lars%40eggert.org/ HTTP/1.1" 207 390 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:04 1e439c290f4d sogod [57]: 172.24.0.1 "REPORT /SOGo/dav/lars%40eggert.org/ HTTP/1.0" 207 390/768 0.007 1083 63% 0 - 13
mailcowdockerized-php-fpm-mailcow-1    | fd4d:6169:6c63:6f77::10 -  27/Sep/2023:14:02:04 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - - [27/Sep/2023:14:02:04 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - - [27/Sep/2023:14:02:04 +0300] "PROPFIND /SOGo/dav/lars%40eggert.org/Calendar/ HTTP/1.1" 401 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:04 1e439c290f4d sogod [57]: 172.24.0.1 "PROPFIND /SOGo/dav/lars%40eggert.org/Calendar/ HTTP/1.0" 401 0/2237 0.002 - - 0 - 13
mailcowdockerized-php-fpm-mailcow-1    | fd4d:6169:6c63:6f77::10 - lars@eggert.org 27/Sep/2023:14:02:04 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - lars@eggert.org [27/Sep/2023:14:02:04 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - lars@eggert.org [27/Sep/2023:14:02:04 +0300] "PROPFIND /SOGo/dav/lars%40eggert.org/Calendar/ HTTP/1.1" 207 1904 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:04 1e439c290f4d sogod [57]: 172.24.0.1 "PROPFIND /SOGo/dav/lars%40eggert.org/Calendar/ HTTP/1.0" 207 1904/2237 0.059 19373 90% 0 - 14
mailcowdockerized-php-fpm-mailcow-1    | 172.22.1.11 -  27/Sep/2023:14:02:04 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - - [27/Sep/2023:14:02:04 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - - [27/Sep/2023:14:02:04 +0300] "PROPFIND /SOGo/dav/eija%40eggert.org/Calendar/ HTTP/1.1" 401 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:04 1e439c290f4d sogod [57]: 172.24.0.1 "PROPFIND /SOGo/dav/eija%40eggert.org/Calendar/ HTTP/1.0" 401 0/2237 0.006 - - 0 - 14
mailcowdockerized-php-fpm-mailcow-1    | 172.22.1.11 - lars@eggert.org 27/Sep/2023:14:02:04 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - lars@eggert.org [27/Sep/2023:14:02:04 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - lars@eggert.org [27/Sep/2023:14:02:04 +0300] "PROPFIND /SOGo/dav/eija%40eggert.org/Calendar/ HTTP/1.1" 207 1317 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:04 1e439c290f4d sogod [57]: 172.24.0.1 "PROPFIND /SOGo/dav/eija%40eggert.org/Calendar/ HTTP/1.0" 207 1317/2237 0.028 6810 80% 0 - 13
mailcowdockerized-php-fpm-mailcow-1    | fd4d:6169:6c63:6f77::10 -  27/Sep/2023:14:02:04 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - - [27/Sep/2023:14:02:04 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - - [27/Sep/2023:14:02:04 +0300] "MKCALENDAR /SOGo/dav/eija%40eggert.org/Calendar/E4ACBF47-492C-479C-B6D0-8A18370B01F0/ HTTP/1.1" 401 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:04 1e439c290f4d sogod [57]: 172.24.0.1 "MKCALENDAR /SOGo/dav/eija%40eggert.org/Calendar/E4ACBF47-492C-479C-B6D0-8A18370B01F0/ HTTP/1.0" 401 0/1105 0.003 - - 0 - 13
mailcowdockerized-php-fpm-mailcow-1    | 172.22.1.11 - lars@eggert.org 27/Sep/2023:14:02:04 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - lars@eggert.org [27/Sep/2023:14:02:04 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - lars@eggert.org [27/Sep/2023:14:02:04 +0300] "MKCALENDAR /SOGo/dav/eija%40eggert.org/Calendar/E4ACBF47-492C-479C-B6D0-8A18370B01F0/ HTTP/1.1" 403 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:04 1e439c290f4d sogod [57]: 172.24.0.1 "MKCALENDAR /SOGo/dav/eija%40eggert.org/Calendar/E4ACBF47-492C-479C-B6D0-8A18370B01F0/ HTTP/1.0" 403 0/1105 0.001 - - 0 - 13
mailcowdockerized-php-fpm-mailcow-1    | fd4d:6169:6c63:6f77::10 -  27/Sep/2023:14:02:05 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - - [27/Sep/2023:14:02:05 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - - [27/Sep/2023:14:02:05 +0300] "REPORT /SOGo/dav/lars%40eggert.org/ HTTP/1.1" 401 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:05 1e439c290f4d sogod [57]: 172.24.0.1 "REPORT /SOGo/dav/lars%40eggert.org/ HTTP/1.0" 401 0/768 0.004 - - 0 - 13
mailcowdockerized-php-fpm-mailcow-1    | fd4d:6169:6c63:6f77::10 - lars@eggert.org 27/Sep/2023:14:02:05 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - lars@eggert.org [27/Sep/2023:14:02:05 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - lars@eggert.org [27/Sep/2023:14:02:05 +0300] "REPORT /SOGo/dav/lars%40eggert.org/ HTTP/1.1" 207 387 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:05 1e439c290f4d sogod [57]: 172.24.0.1 "REPORT /SOGo/dav/lars%40eggert.org/ HTTP/1.0" 207 387/768 0.009 1083 64% 0 - 13
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - - [27/Sep/2023:14:02:05 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-php-fpm-mailcow-1    | 172.22.1.11 -  27/Sep/2023:14:02:05 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - - [27/Sep/2023:14:02:05 +0300] "PROPFIND /SOGo/dav/lars%40eggert.org/Calendar/ HTTP/1.1" 401 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:05 1e439c290f4d sogod [57]: 172.24.0.1 "PROPFIND /SOGo/dav/lars%40eggert.org/Calendar/ HTTP/1.0" 401 0/2237 0.002 - - 0 - 13
mailcowdockerized-php-fpm-mailcow-1    | fd4d:6169:6c63:6f77::10 - lars@eggert.org 27/Sep/2023:14:02:05 +0300 "GET /sogo-auth.php" 200
mailcowdockerized-nginx-mailcow-1      | 127.0.0.1 - lars@eggert.org [27/Sep/2023:14:02:05 +0300] "GET /sogo-auth HTTP/1.0" 200 0 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-nginx-mailcow-1      | 172.24.0.1 - lars@eggert.org [27/Sep/2023:14:02:05 +0300] "PROPFIND /SOGo/dav/lars%40eggert.org/Calendar/ HTTP/1.1" 207 1904 "-" "macOS/14.0 (23A344) dataaccessd/1.0"
mailcowdockerized-sogo-mailcow-1       | Sep 27 14:02:05 1e439c290f4d sogod [57]: 172.24.0.1 "PROPFIND /SOGo/dav/lars%40eggert.org/Calendar/ HTTP/1.0" 207 1904/2237 0.062 19373 90% 0 - 14
mailcowdockerized-watchdog-mailcow-1   | Wed Sep 27 14:02:06 EEST 2023 PHP-FPM health level: 100% (5/5), health trend: 0

Steps to reproduce:

1. Add Mailcow/SOGO CalDAV calendar to MacOS prior to Sonoma upgrade.
2. Upgrade to MacOS Sonoma.
3. Access Apple Calendar.

Which branch are you using?

master

Operating System:

Ubuntu 22.04.3 LTS

Server/VM specifications:

8GB RAM, 2 cores

Is Apparmor, SELinux or similar active?

Virtualization technology:

KVM

Docker version:

24.0.6

docker-compose version or docker compose version:

v2.21.0

mailcow version:

2023-08

Reverse proxy:

HAproxy

Logs of git diff:

diff --git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf
index 237b4263..e56b570b 100644
--- a/data/conf/postfix/main.cf
+++ b/data/conf/postfix/main.cf
@@ -170,3 +170,36 @@ parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks

 # DO NOT EDIT ANYTHING BELOW #
 # Overrides #
+
+postscreen_dnsbl_sites = wl.mailspike.net=127.0.0.[18;19;20]*-2
+  hostkarma.junkemailfilter.com=127.0.0.1*-2
+  list.dnswl.org=127.0.[0..255].0*-2
+  list.dnswl.org=127.0.[0..255].1*-4
+  list.dnswl.org=127.0.[0..255].2*-6
+  list.dnswl.org=127.0.[0..255].3*-8
+  ix.dnsbl.manitu.net*2
+  bl.spamcop.net*2
+  bl.suomispam.net*2
+  hostkarma.junkemailfilter.com=127.0.0.2*3
+  hostkarma.junkemailfilter.com=127.0.0.4*2
+  hostkarma.junkemailfilter.com=127.0.1.2*1
+  backscatter.spameatingmonkey.net*2
+  bl.ipv6.spameatingmonkey.net*2
+  bl.spameatingmonkey.net*2
+  b.barracudacentral.org=127.0.0.2*7
+  bl.mailspike.net=127.0.0.2*5
+  bl.mailspike.net=127.0.0.[10;11;12]*4
+  dnsbl.sorbs.net=127.0.0.10*8
+  dnsbl.sorbs.net=127.0.0.5*6
+  dnsbl.sorbs.net=127.0.0.7*3
+  dnsbl.sorbs.net=127.0.0.8*2
+  dnsbl.sorbs.net=127.0.0.6*2
+  dnsbl.sorbs.net=127.0.0.9*2
+  zen.spamhaus.org=127.0.0.[10;11]*8
+  zen.spamhaus.org=127.0.0.[4..7]*6
+  zen.spamhaus.org=127.0.0.3*4
+  zen.spamhaus.org=127.0.0.2*3
+
+# User Overrides
+myhostname = mail.eggert.org
+
diff --git a/data/conf/sogo/sogo.conf b/data/conf/sogo/sogo.conf
index 2c042c30..8593a09a 100644
--- a/data/conf/sogo/sogo.conf
+++ b/data/conf/sogo/sogo.conf
@@ -5,7 +5,7 @@
         PrivateDAndTViewer
     );

-    WOWorkersCount = "20";
+    WOWorkersCount = "10";
     SOGoACLsSendEMailNotifications = YES;
     SOGoAppointmentSendEMailNotifications = YES;
     SOGoDraftsFolderName = "Drafts";
diff --git a/docker-compose.yml b/docker-compose.yml
index ac45857f..18bf3c6e 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -584,36 +584,6 @@ services:
           aliases:
             - ofelia

-    ipv6nat-mailcow:
-      depends_on:
-        - unbound-mailcow
-        - mysql-mailcow
-        - redis-mailcow
-        - clamd-mailcow
-        - rspamd-mailcow
-        - php-fpm-mailcow
-        - sogo-mailcow
-        - dovecot-mailcow
-        - postfix-mailcow
-        - memcached-mailcow
-        - nginx-mailcow
-        - acme-mailcow
-        - netfilter-mailcow
-        - watchdog-mailcow
-        - dockerapi-mailcow
-        - solr-mailcow
-      environment:
-        - TZ=${TZ}
-      image: robbertkl/ipv6nat
-      security_opt:
-        - label=disable
-      restart: always
-      privileged: true
-      network_mode: "host"
-      volumes:
-        - /var/run/docker.sock:/var/run/docker.sock:ro
-        - /lib/modules:/lib/modules:ro
-
 networks:
   mailcow-network:
     driver: bridge

Logs of iptables -L -vn:

# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
1592K 1653M DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0
1592K 1653M DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0
 661K   40M ACCEPT     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
 1722  112K DOCKER     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0
 929K 1613M ACCEPT     all  --  br-mailcow !br-mailcow  0.0.0.0/0            0.0.0.0/0
 1614  106K ACCEPT     all  --  br-mailcow br-mailcow  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:12345
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:4190
   11   660 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:995
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.249         tcp dpt:6379
   17  1080 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:993
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:143
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:110
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:587
   74  4444 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:465
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.9           tcp dpt:3306
    4   224 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:25
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.10          tcp dpt:8983
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.11          tcp dpt:443
    2   120 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.11          tcp dpt:80

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
 929K 1613M DOCKER-ISOLATION-STAGE-2  all  --  br-mailcow !br-mailcow  0.0.0.0/0            0.0.0.0/0
1592K 1653M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0
 929K 1613M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination
1592K 1653M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Logs of ip6tables -L -vn:

# Warning: ip6tables-legacy tables present, use ip6tables-legacy to see them
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
 9452 4701K DOCKER-USER  all      *      *       ::/0                 ::/0
 9452 4701K DOCKER-ISOLATION-STAGE-1  all      *      *       ::/0                 ::/0
    0     0 ACCEPT     all      *      docker0  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all      *      docker0  ::/0                 ::/0
    0     0 ACCEPT     all      docker0 !docker0  ::/0                 ::/0
    0     0 ACCEPT     all      docker0 docker0  ::/0                 ::/0
 5015 4383K ACCEPT     all      *      br-mailcow  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
 3871  264K DOCKER     all      *      br-mailcow  ::/0                 ::/0
  566 53815 ACCEPT     all      br-mailcow !br-mailcow  ::/0                 ::/0
 3871  264K ACCEPT     all      br-mailcow br-mailcow  ::/0                 ::/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER-ISOLATION-STAGE-2  all      docker0 !docker0  ::/0                 ::/0
  566 53815 DOCKER-ISOLATION-STAGE-2  all      br-mailcow !br-mailcow  ::/0                 ::/0
 9452 4701K RETURN     all      *      *       ::/0                 ::/0

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all      *      docker0  ::/0                 ::/0
    0     0 DROP       all      *      br-mailcow  ::/0                 ::/0
  566 53815 RETURN     all      *      *       ::/0                 ::/0

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination
 9452 4701K RETURN     all      *      *       ::/0                 ::/0

Logs of iptables -L -vn -t nat:

# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
  116  7024 DOCKER     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER     all  --  *      *       0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MASQUERADE  all  --  *      !docker0  172.17.0.0/16        0.0.0.0/0
 1379  106K MASQUERADE  all  --  *      !br-mailcow  172.22.1.0/24        0.0.0.0/0
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:12345
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:4190
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:995
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.249         172.22.1.249         tcp dpt:6379
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:993
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:143
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:110
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:587
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:465
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.9           172.22.1.9           tcp dpt:3306
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:25
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.10          172.22.1.10          tcp dpt:8983
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.11          172.22.1.11          tcp dpt:443
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.11          172.22.1.11          tcp dpt:80

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     all  --  docker0 *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  br-mailcow *       0.0.0.0/0            0.0.0.0/0
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:19991 to:172.22.1.250:12345
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:4190 to:172.22.1.250:4190
   11   660 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:995 to:172.22.1.250:995
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:7654 to:172.22.1.249:6379
   17  1080 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:993 to:172.22.1.250:993
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:143 to:172.22.1.250:143
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:110 to:172.22.1.250:110
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:587 to:172.22.1.253:587
   80  4804 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:465 to:172.22.1.253:465
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:13306 to:172.22.1.9:3306
    4   224 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:25 to:172.22.1.253:25
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:18983 to:172.22.1.10:8983
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:443 to:172.22.1.11:443
    2   120 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            172.24.0.80          tcp dpt:80 to:172.22.1.11:80

Logs of ip6tables -L -vn -t nat:

# Warning: ip6tables-legacy tables present, use ip6tables-legacy to see them
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    5   412 DOCKER     all      *      *       ::/0                 ::/0                 ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER     all      *      *       ::/0                !::1                  ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MASQUERADE  all      *      !docker0  fd00:dead:beef:c0::/80  ::/0
  538 50618 MASQUERADE  all      *      !br-mailcow  fd4d:6169:6c63:6f77::/64  ::/0

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     all      docker0 *       ::/0                 ::/0
    0     0 RETURN     all      br-mailcow *       ::/0                 ::/0

DNS check:

104.18.22.201
104.18.23.201

mailcow / mailcow-dockerized

Main CalDAV calendar gone after MacOS Sonoma upgrade #5428

Contribution guidelines

I've found a bug and checked that ...

Description

Logs:

Steps to reproduce:

Which branch are you using?

Operating System:

Server/VM specifications:

Is Apparmor, SELinux or similar active?

Virtualization technology:

Docker version:

docker-compose version or docker compose version:

mailcow version:

Reverse proxy:

Logs of git diff:

Logs of iptables -L -vn:

Logs of ip6tables -L -vn:

Logs of iptables -L -vn -t nat:

Logs of ip6tables -L -vn -t nat:

DNS check: