update.sh -c returns "No updates available" when there are updates.

Contribution guidelines

[X] I've read the contribution guidelines and wholeheartedly agree

I've found a bug and checked that ...

[X] ... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
[X] ... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
[X] ... I have understood that answers are voluntary and community-driven, and not commercial support.
[X] ... I have verified that my issue has not been already answered in the past. I also checked previous issues.

Description

Web UI shows current version is 2024-02 and "There is an update available 2024-04", but update.sh -c outputs "No updates available"

Logs:

No logs available.

Steps to reproduce:

1. Check Web UI for available updates -> shows current version is 2024-02 and "There is an update available 2024-04"
2. cd into mailcow-dockerized directory and run ./update.sh -c -> Output is "No updates available"

Which branch are you using?

master

Which architecture are you using?

x86

Operating System:

Ubuntu 22.04.4 LTS

Server/VM specifications:

96 GB RAM, Intel Xeon 3106 @ 1.70 GHz

Is Apparmor, SELinux or similar active?

yes

Virtualization technology:

None

Docker version:

26.0.2

docker-compose version or docker compose version:

2.11.1

mailcow version:

2024-04

Reverse proxy:

Nginx

Logs of git diff:

diff --git a/data/conf/clamav/whitelist.ign2.bak b/data/conf/clamav/whitelist.ign2.bak
new file mode 100644
index 00000000..e54e4c0d
--- /dev/null
+++ b/data/conf/clamav/whitelist.ign2.bak
@@ -0,0 +1,2 @@
+Win.Exploit.CVE_2019_0903-6966169-0
+
diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf
index 729686fb..35e5938d 100644
--- a/data/conf/dovecot/dovecot.conf
+++ b/data/conf/dovecot/dovecot.conf
@@ -239,7 +239,7 @@ plugin {
   # -- Global keys
   mail_crypt_global_private_key = </mail_crypt/ecprivkey.pem
   mail_crypt_global_public_key = </mail_crypt/ecpubkey.pem
-  mail_crypt_save_version = 2
+  mail_crypt_save_version = 0

   # Enable compression while saving, lz4 Dovecot v2.2.11+
   zlib_save = lz4
diff --git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf
index 572300db..995deada 100644
--- a/data/conf/postfix/main.cf
+++ b/data/conf/postfix/main.cf
@@ -30,6 +30,7 @@ delay_warning_time = 4h
 message_size_limit = 104857600
 milter_default_action = tempfail
 milter_protocol = 6
+milter_content_timeout=600s
 minimal_backoff_time = 300s
 plaintext_reject_code = 550
 postscreen_access_list = permit_mynetworks,
@@ -142,7 +143,7 @@ virtual_mailbox_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_mailbox_m
 virtual_minimum_uid = 104
 virtual_transport = lmtp:inet:dovecot:24
 virtual_uid_maps = static:5000
-smtpd_milters = inet:rspamd:9900
+smtpd_milters = inet:10.77.100.9:7076,inet:rspamd:9900
 non_smtpd_milters = inet:rspamd:9900
 milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
 mydestination = localhost.localdomain, localhost
@@ -173,3 +174,36 @@ parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks

 # DO NOT EDIT ANYTHING BELOW #
 # Overrides #
+
+postscreen_dnsbl_sites = wl.mailspike.net=127.0.0.[18;19;20]*-2
+  hostkarma.junkemailfilter.com=127.0.0.1*-2
+  list.dnswl.org=127.0.[0..255].0*-2
+  list.dnswl.org=127.0.[0..255].1*-4
+  list.dnswl.org=127.0.[0..255].2*-6
+  list.dnswl.org=127.0.[0..255].3*-8
+  ix.dnsbl.manitu.net*2
+  bl.spamcop.net*2
+  bl.suomispam.net*2
+  hostkarma.junkemailfilter.com=127.0.0.2*3
+  hostkarma.junkemailfilter.com=127.0.0.4*2
+  hostkarma.junkemailfilter.com=127.0.1.2*1
+  backscatter.spameatingmonkey.net*2
+  bl.ipv6.spameatingmonkey.net*2
+  bl.spameatingmonkey.net*2
+  b.barracudacentral.org=127.0.0.2*7
+  bl.mailspike.net=127.0.0.2*5
+  bl.mailspike.net=127.0.0.[10;11;12]*4
+  dnsbl.sorbs.net=127.0.0.10*8
+  dnsbl.sorbs.net=127.0.0.5*6
+  dnsbl.sorbs.net=127.0.0.7*3
+  dnsbl.sorbs.net=127.0.0.8*2
+  dnsbl.sorbs.net=127.0.0.6*2
+  dnsbl.sorbs.net=127.0.0.9*2
+  zen.spamhaus.org=127.0.0.[10;11]*8
+  zen.spamhaus.org=127.0.0.[4..7]*6
+  zen.spamhaus.org=127.0.0.3*4
+  zen.spamhaus.org=127.0.0.2*3
+
+# User Overrides
+myhostname = mail.edificam.com
+
diff --git a/data/conf/sogo/sogo.conf b/data/conf/sogo/sogo.conf
index d398eb05..b282a5da 100644
--- a/data/conf/sogo/sogo.conf
+++ b/data/conf/sogo/sogo.conf
@@ -5,7 +5,7 @@
         PrivateDAndTViewer
     );

-    WOWorkersCount = "20";
+    WOWorkersCount = "1";
     SOGoACLsSendEMailNotifications = YES;
     SOGoAppointmentSendEMailNotifications = YES;
     SOGoDraftsFolderName = "Drafts";
diff --git a/data/conf/unbound/unbound.conf b/data/conf/unbound/unbound.conf
index 27110c04..ca66b91c 100644
--- a/data/conf/unbound/unbound.conf
+++ b/data/conf/unbound/unbound.conf
@@ -1,5 +1,5 @@
 server:
-  verbosity: 1
+  verbosity: 4
   interface: 0.0.0.0
   interface: ::0
   logfile: /dev/console
@@ -35,6 +35,8 @@ server:
   unwanted-reply-threshold: 10000
   ipsecmod-enabled: no

+#  module-config: "validator iterator"
+
 remote-control:
   control-enable: yes
   control-interface: 127.0.0.1
diff --git a/docker-compose.yml b/docker-compose.yml
index 3efd6a42..f8580761 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -609,36 +609,6 @@ services:
           aliases:
             - ofelia

-    ipv6nat-mailcow:
-      depends_on:
-        - unbound-mailcow
-        - mysql-mailcow
-        - redis-mailcow
-        - clamd-mailcow
-        - rspamd-mailcow
-        - php-fpm-mailcow
-        - sogo-mailcow
-        - dovecot-mailcow
-        - postfix-mailcow
-        - memcached-mailcow
-        - nginx-mailcow
-        - acme-mailcow
-        - netfilter-mailcow
-        - watchdog-mailcow
-        - dockerapi-mailcow
-        - solr-mailcow
-      environment:
-        - TZ=${TZ}
-      image: robbertkl/ipv6nat
-      security_opt:
-        - label=disable
-      restart: always
-      privileged: true
-      network_mode: "host"
-      volumes:
-        - /var/run/docker.sock:/var/run/docker.sock:ro
-        - /lib/modules:/lib/modules:ro
-
 networks:
   mailcow-network:
     driver: bridge

Logs of iptables -L -vn:

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
  16M 4759M MAILCOW    all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* mailcow */
  16M 4761M LIBVIRT_INP  all  --  *      *       0.0.0.0/0            0.0.0.0/0
  16M 4761M ts-input   all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
  19M 5590M MAILCOW    all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* mailcow */
  19M 5590M DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0
  19M 5590M DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0
5623K 1381M ACCEPT     all  --  *      br-2ff98027fb62  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
1137K   59M DOCKER     all  --  *      br-2ff98027fb62  0.0.0.0/0            0.0.0.0/0
6721K  516M ACCEPT     all  --  br-2ff98027fb62 !br-2ff98027fb62  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-2ff98027fb62 br-2ff98027fb62  0.0.0.0/0            0.0.0.0/0
2975K 1997M ACCEPT     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
 250K   16M DOCKER     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0
1060K  598M ACCEPT     all  --  br-mailcow !br-mailcow  0.0.0.0/0            0.0.0.0/0
 237K   16M ACCEPT     all  --  br-mailcow br-mailcow  0.0.0.0/0            0.0.0.0/0
 718K  890M ACCEPT     all  --  *      br-4d33a6d1443d  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
11742  705K DOCKER     all  --  *      br-4d33a6d1443d  0.0.0.0/0            0.0.0.0/0
  802 43379 ACCEPT     all  --  br-4d33a6d1443d !br-4d33a6d1443d  0.0.0.0/0            0.0.0.0/0
11742  705K ACCEPT     all  --  br-4d33a6d1443d br-4d33a6d1443d  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  *      br-6961e9e35c77  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      br-6961e9e35c77  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-6961e9e35c77 !br-6961e9e35c77  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-6961e9e35c77 br-6961e9e35c77  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  *      br-59553678f584  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      br-59553678f584  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-59553678f584 !br-59553678f584  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-59553678f584 br-59553678f584  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-04bc0115d108 br-04bc0115d108  0.0.0.0/0            0.0.0.0/0
50445 8486K ACCEPT     all  --  *      br-8d82662c3500  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
 2070  124K DOCKER     all  --  *      br-8d82662c3500  0.0.0.0/0            0.0.0.0/0
  171 18997 ACCEPT     all  --  br-8d82662c3500 !br-8d82662c3500  0.0.0.0/0            0.0.0.0/0
 2070  124K ACCEPT     all  --  br-8d82662c3500 br-8d82662c3500  0.0.0.0/0            0.0.0.0/0
 152K   31M ACCEPT     all  --  *      br-7c6016aa5b83  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
10481  635K DOCKER     all  --  *      br-7c6016aa5b83  0.0.0.0/0            0.0.0.0/0
 145K   90M ACCEPT     all  --  br-7c6016aa5b83 !br-7c6016aa5b83  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-7c6016aa5b83 br-7c6016aa5b83  0.0.0.0/0            0.0.0.0/0
    0     0 LIBVIRT_FWX  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 LIBVIRT_FWI  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 LIBVIRT_FWO  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 ts-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
  14M   74G LIBVIRT_OUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain DOCKER (8 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     tcp  --  !br-59553678f584 br-59553678f584  0.0.0.0/0            172.178.0.2          tcp dpt:9000
    0     0 ACCEPT     tcp  --  !br-6961e9e35c77 br-6961e9e35c77  0.0.0.0/0            172.19.0.2           tcp dpt:80
    0     0 ACCEPT     tcp  --  !br-6961e9e35c77 br-6961e9e35c77  0.0.0.0/0            172.19.0.2           tcp dpt:3012
 9973  606K ACCEPT     tcp  --  !br-7c6016aa5b83 br-7c6016aa5b83  0.0.0.0/0            172.20.0.2           tcp dpt:443
    0     0 ACCEPT     tcp  --  !br-7c6016aa5b83 br-7c6016aa5b83  0.0.0.0/0            172.20.0.2           tcp dpt:81
  508 28479 ACCEPT     tcp  --  !br-7c6016aa5b83 br-7c6016aa5b83  0.0.0.0/0            172.20.0.2           tcp dpt:80
1137K   59M ACCEPT     tcp  --  !br-2ff98027fb62 br-2ff98027fb62  0.0.0.0/0            172.56.238.2         tcp dpt:10051
    0     0 ACCEPT     tcp  --  !br-8d82662c3500 br-8d82662c3500  0.0.0.0/0            172.30.0.3           tcp dpt:80
    0     0 ACCEPT     tcp  --  !br-4d33a6d1443d br-4d33a6d1443d  0.0.0.0/0            172.91.91.91         tcp dpt:80
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.8           tcp dpt:3306
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.249         tcp dpt:6379
    2   128 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.10          tcp dpt:8002
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.13          tcp dpt:8983
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.10          tcp dpt:8001
  683 40564 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:587
   82  4832 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:465
  708 42296 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:25
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:12345
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:4190
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:995
 3286  204K ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:993
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:143
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:110

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
6721K  516M DOCKER-ISOLATION-STAGE-2  all  --  br-2ff98027fb62 !br-2ff98027fb62  0.0.0.0/0            0.0.0.0/0
1060K  598M DOCKER-ISOLATION-STAGE-2  all  --  br-mailcow !br-mailcow  0.0.0.0/0            0.0.0.0/0
  802 43379 DOCKER-ISOLATION-STAGE-2  all  --  br-4d33a6d1443d !br-4d33a6d1443d  0.0.0.0/0            0.0.0.0/0
    0     0 DOCKER-ISOLATION-STAGE-2  all  --  br-6961e9e35c77 !br-6961e9e35c77  0.0.0.0/0            0.0.0.0/0
    0     0 DOCKER-ISOLATION-STAGE-2  all  --  br-59553678f584 !br-59553678f584  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      br-04bc0115d108 !172.56.239.0/24      0.0.0.0/0
    0     0 DROP       all  --  br-04bc0115d108 *       0.0.0.0/0           !172.56.239.0/24
  171 18997 DOCKER-ISOLATION-STAGE-2  all  --  br-8d82662c3500 !br-8d82662c3500  0.0.0.0/0            0.0.0.0/0
 145K   90M DOCKER-ISOLATION-STAGE-2  all  --  br-7c6016aa5b83 !br-7c6016aa5b83  0.0.0.0/0            0.0.0.0/0
  19M 5590M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain DOCKER-ISOLATION-STAGE-2 (8 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      br-2ff98027fb62  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      br-4d33a6d1443d  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      br-6961e9e35c77  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      br-59553678f584  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      br-8d82662c3500  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      br-7c6016aa5b83  0.0.0.0/0            0.0.0.0/0
7927K 1205M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination
  19M 5590M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain LIBVIRT_FWI (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  *      virbr0  0.0.0.0/0            192.168.122.0/24     ctstate RELATED,ESTABLISHED
    0     0 REJECT     all  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain LIBVIRT_FWO (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  virbr0 *       192.168.122.0/24     0.0.0.0/0
    0     0 REJECT     all  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain LIBVIRT_FWX (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  virbr0 virbr0  0.0.0.0/0            0.0.0.0/0

Chain LIBVIRT_INP (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:53
    0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:53
    0     0 ACCEPT     udp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
    0     0 ACCEPT     tcp  --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:67

Chain LIBVIRT_OUT (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     udp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            udp dpt:53
    0     0 ACCEPT     tcp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
    0     0 ACCEPT     udp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            udp dpt:68
    0     0 ACCEPT     tcp  --  *      virbr0  0.0.0.0/0            0.0.0.0/0            tcp dpt:68

Chain MAILCOW (2 references)
 pkts bytes target     prot opt in     out     source               destination
   99  6241 DROP       all  --  *      *       137.184.14.87        0.0.0.0/0
 4910  296K DROP       all  --  *      *       194.169.175.17       0.0.0.0/0
    0     0 DROP       tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            0.0.0.0/0            /* mailcow isolation */

Chain ts-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  tailscale0 *       0.0.0.0/0            0.0.0.0/0            MARK xset 0x40000/0xff0000
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x40000/0xff0000
    0     0 DROP       all  --  *      tailscale0  100.64.0.0/10        0.0.0.0/0
    0     0 ACCEPT     all  --  *      tailscale0  0.0.0.0/0            0.0.0.0/0

Chain ts-input (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  lo     *       100.64.0.14          0.0.0.0/0
    0     0 RETURN     all  --  !tailscale0 *       100.115.92.0/23      0.0.0.0/0
    0     0 DROP       all  --  !tailscale0 *       100.64.0.0/10        0.0.0.0/0

Logs of ip6tables -L -vn:

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
48077 4402K MAILCOW    all      *      *       ::/0                 ::/0                 /* mailcow */
48145 4406K LIBVIRT_INP  all      *      *       ::/0                 ::/0
48149 4406K ts-input   all      *      *       ::/0                 ::/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
 518K  804M MAILCOW    all      *      *       ::/0                 ::/0                 /* mailcow */
 520K  804M DOCKER-USER  all      *      *       ::/0                 ::/0
 520K  804M DOCKER-ISOLATION-STAGE-1  all      *      *       ::/0                 ::/0
    0     0 ACCEPT     all      *      docker0  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all      *      docker0  ::/0                 ::/0
    0     0 ACCEPT     all      docker0 !docker0  ::/0                 ::/0
    0     0 ACCEPT     all      docker0 docker0  ::/0                 ::/0
 422K  797M ACCEPT     all      *      br-mailcow  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
97755 6878K DOCKER     all      *      br-mailcow  ::/0                 ::/0
    0     0 ACCEPT     all      br-mailcow !br-mailcow  ::/0                 ::/0
97755 6878K ACCEPT     all      br-mailcow br-mailcow  ::/0                 ::/0
    0     0 LIBVIRT_FWX  all      *      *       ::/0                 ::/0
    0     0 LIBVIRT_FWI  all      *      *       ::/0                 ::/0
    0     0 LIBVIRT_FWO  all      *      *       ::/0                 ::/0
    0     0 ts-forward  all      *      *       ::/0                 ::/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
79062 8972K LIBVIRT_OUT  all      *      *       ::/0                 ::/0

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::f  tcp dpt:8002
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::f  tcp dpt:8001
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::e  tcp dpt:587
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::e  tcp dpt:465
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::e  tcp dpt:25
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::c  tcp dpt:4190
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::c  tcp dpt:993

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER-ISOLATION-STAGE-2  all      docker0 !docker0  ::/0                 ::/0
    0     0 DOCKER-ISOLATION-STAGE-2  all      br-2ff98027fb62 !br-2ff98027fb62  ::/0                 ::/0
    0     0 DOCKER-ISOLATION-STAGE-2  all      br-mailcow !br-mailcow  ::/0                 ::/0
    0     0 DOCKER-ISOLATION-STAGE-2  all      br-4d33a6d1443d !br-4d33a6d1443d  ::/0                 ::/0
    0     0 DOCKER-ISOLATION-STAGE-2  all      br-6961e9e35c77 !br-6961e9e35c77  ::/0                 ::/0
    0     0 DOCKER-ISOLATION-STAGE-2  all      br-59553678f584 !br-59553678f584  ::/0                 ::/0
    0     0 DOCKER-ISOLATION-STAGE-2  all      br-8d82662c3500 !br-8d82662c3500  ::/0                 ::/0
    0     0 DOCKER-ISOLATION-STAGE-2  all      br-7c6016aa5b83 !br-7c6016aa5b83  ::/0                 ::/0
 520K  804M RETURN     all      *      *       ::/0                 ::/0

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination
 520K  804M RETURN     all      *      *       ::/0                 ::/0

Chain LIBVIRT_FWI (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain LIBVIRT_FWO (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain LIBVIRT_FWX (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain LIBVIRT_INP (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain LIBVIRT_OUT (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain MAILCOW (2 references)
 pkts bytes target     prot opt in     out     source               destination

Chain ts-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all      tailscale0 *       ::/0                 ::/0                 MARK xset 0x40000/0xff0000
    0     0 ACCEPT     all      *      *       ::/0                 ::/0                 mark match 0x40000/0xff0000
    0     0 ACCEPT     all      *      tailscale0  ::/0                 ::/0

Chain ts-input (1 references)
 pkts bytes target     prot opt in     out     source               destination

Logs of iptables -L -vn -t nat:

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
1338K   78M DOCKER     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
 7145 1099K DOCKER     all  --  *      *       0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
 1789  272K MASQUERADE  all  --  *      !docker0  172.17.0.0/16        0.0.0.0/0
 417K   30M MASQUERADE  all  --  *      !br-2ff98027fb62  172.56.238.0/24      0.0.0.0/0
 256K   20M MASQUERADE  all  --  *      !br-mailcow  172.22.1.0/24        0.0.0.0/0
    4   240 MASQUERADE  all  --  *      !br-4d33a6d1443d  172.91.0.0/16        0.0.0.0/0
 1790  272K MASQUERADE  all  --  *      !br-6961e9e35c77  172.19.0.0/16        0.0.0.0/0
 1790  272K MASQUERADE  all  --  *      !br-59553678f584  172.178.0.0/16       0.0.0.0/0
    5   300 MASQUERADE  all  --  *      !br-8d82662c3500  172.30.0.0/16        0.0.0.0/0
  225 13500 MASQUERADE  all  --  *      !br-7c6016aa5b83  172.20.0.0/16        0.0.0.0/0
1839K  110M LIBVIRT_PRT  all  --  *      *       0.0.0.0/0            0.0.0.0/0
1839K  110M ts-postrouting  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 MASQUERADE  tcp  --  *      *       172.178.0.2          172.178.0.2          tcp dpt:9000
    0     0 MASQUERADE  tcp  --  *      *       172.19.0.2           172.19.0.2           tcp dpt:80
    0     0 MASQUERADE  tcp  --  *      *       172.19.0.2           172.19.0.2           tcp dpt:3012
    0     0 MASQUERADE  tcp  --  *      *       172.20.0.2           172.20.0.2           tcp dpt:443
    0     0 MASQUERADE  tcp  --  *      *       172.20.0.2           172.20.0.2           tcp dpt:81
    0     0 MASQUERADE  tcp  --  *      *       172.20.0.2           172.20.0.2           tcp dpt:80
    0     0 MASQUERADE  tcp  --  *      *       172.56.238.2         172.56.238.2         tcp dpt:10051
    0     0 MASQUERADE  tcp  --  *      *       172.30.0.3           172.30.0.3           tcp dpt:80
    0     0 MASQUERADE  tcp  --  *      *       172.91.91.91         172.91.91.91         tcp dpt:80
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.8           172.22.1.8           tcp dpt:3306
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.249         172.22.1.249         tcp dpt:6379
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.10          172.22.1.10          tcp dpt:8002
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.13          172.22.1.13          tcp dpt:8983
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.10          172.22.1.10          tcp dpt:8001
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:587
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:465
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:25
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:12345
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:4190
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:995
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:993
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:143
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:110

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     all  --  docker0 *       0.0.0.0/0            0.0.0.0/0
 1925  162K RETURN     all  --  br-2ff98027fb62 *       0.0.0.0/0            0.0.0.0/0
 3410  205K RETURN     all  --  br-mailcow *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  br-4d33a6d1443d *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  br-6961e9e35c77 *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  br-59553678f584 *       0.0.0.0/0            0.0.0.0/0
  219 13140 RETURN     all  --  br-8d82662c3500 *       0.0.0.0/0            0.0.0.0/0
15396  924K RETURN     all  --  br-7c6016aa5b83 *       0.0.0.0/0            0.0.0.0/0
    0     0 DNAT       tcp  --  !br-59553678f584 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:9000 to:172.178.0.2:9000
    0     0 DNAT       tcp  --  !br-6961e9e35c77 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8032 to:172.19.0.2:80
    0     0 DNAT       tcp  --  !br-6961e9e35c77 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:3012 to:172.19.0.2:3012
10037  610K DNAT       tcp  --  !br-7c6016aa5b83 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443 to:172.20.0.2:443
    0     0 DNAT       tcp  --  !br-7c6016aa5b83 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:81 to:172.20.0.2:81
  508 28479 DNAT       tcp  --  !br-7c6016aa5b83 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80 to:172.20.0.2:80
1139K   60M DNAT       tcp  --  !br-2ff98027fb62 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:10051 to:172.56.238.2:10051
    0     0 DNAT       tcp  --  !br-8d82662c3500 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8003 to:172.30.0.3:80
    0     0 DNAT       tcp  --  !br-4d33a6d1443d *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8011 to:172.91.91.91:80
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:13306 to:172.22.1.8:3306
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:7654 to:172.22.1.249:6379
    2   128 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8002 to:172.22.1.10:8002
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:18983 to:172.22.1.13:8983
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8001 to:172.22.1.10:8001
  688 40868 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:587 to:172.22.1.253:587
 3607  216K DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:465 to:172.22.1.253:465
  711 42476 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25 to:172.22.1.253:25
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:19991 to:172.22.1.250:12345
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:4190 to:172.22.1.250:4190
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:995 to:172.22.1.250:995
 3331  207K DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:993 to:172.22.1.250:993
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:143 to:172.22.1.250:143
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:110 to:172.22.1.250:110

Chain LIBVIRT_PRT (1 references)
 pkts bytes target     prot opt in     out     source               destination
    1    40 RETURN     all  --  *      *       192.168.122.0/24     224.0.0.0/24
    0     0 RETURN     all  --  *      *       192.168.122.0/24     255.255.255.255
    0     0 MASQUERADE  tcp  --  *      *       192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
    0     0 MASQUERADE  udp  --  *      *       192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
    0     0 MASQUERADE  all  --  *      *       192.168.122.0/24    !192.168.122.0/24

Chain ts-postrouting (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MASQUERADE  all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x40000/0xff0000

Logs of ip6tables -L -vn -t nat:

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER     all      *      *       ::/0                 ::/0                 ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER     all      *      *       ::/0                !::1                  ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MASQUERADE  all      *      !docker0  fd00:dead:beef:c0::/80  ::/0
    0     0 MASQUERADE  all      *      !br-mailcow  fd4d:6169:6c63:6f77::/64  ::/0
42621 3410K LIBVIRT_PRT  all      *      *       ::/0                 ::/0
42623 3410K ts-postrouting  all      *      *       ::/0                 ::/0
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::f  fd4d:6169:6c63:6f77::f  tcp dpt:8002
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::f  fd4d:6169:6c63:6f77::f  tcp dpt:8001
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::e  fd4d:6169:6c63:6f77::e  tcp dpt:587
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::e  fd4d:6169:6c63:6f77::e  tcp dpt:465
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::e  fd4d:6169:6c63:6f77::e  tcp dpt:25
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::c  fd4d:6169:6c63:6f77::c  tcp dpt:4190
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::c  fd4d:6169:6c63:6f77::c  tcp dpt:993

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     all      docker0 *       ::/0                 ::/0
    0     0 RETURN     all      br-mailcow *       ::/0                 ::/0
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:8002 to:[fd4d:6169:6c63:6f77::f]:8002
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:8001 to:[fd4d:6169:6c63:6f77::f]:8001
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:587 to:[fd4d:6169:6c63:6f77::e]:587
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:465 to:[fd4d:6169:6c63:6f77::e]:465
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:25 to:[fd4d:6169:6c63:6f77::e]:25
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:4190 to:[fd4d:6169:6c63:6f77::c]:4190
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:993 to:[fd4d:6169:6c63:6f77::c]:993

Chain LIBVIRT_PRT (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain ts-postrouting (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MASQUERADE  all      *      *       ::/0                 ::/0                 mark match 0x40000/0xff0000

DNS check:

104.18.32.7
172.64.155.249

mailcow / mailcow-dockerized

update.sh -c returns "No updates available" when there are updates. #5852

Contribution guidelines

I've found a bug and checked that ...

Description

Logs:

Steps to reproduce:

Which branch are you using?

Which architecture are you using?

Operating System:

Server/VM specifications:

Is Apparmor, SELinux or similar active?

Virtualization technology:

Docker version:

docker-compose version or docker compose version:

mailcow version:

Reverse proxy:

Logs of git diff:

Logs of iptables -L -vn:

Logs of ip6tables -L -vn:

Logs of iptables -L -vn -t nat:

Logs of ip6tables -L -vn -t nat:

DNS check: