mailcow / mailcow-dockerized

mailcow: dockerized - ๐Ÿฎ + ๐Ÿ‹ = ๐Ÿ’•
https://mailcow.email
GNU General Public License v3.0
9.09k stars 1.19k forks source link

mailcow-dockerized behind firewall. Cant send e-mail, but receive #603

Closed kfnba closed 6 years ago

kfnba commented 7 years ago
ifconfig
br-8e4773bb431c Link encap:Ethernet  HWaddr 02:42:24:d1:a7:31
          inet addr:172.22.1.1  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::1/64 Scope:Link
          inet6 addr: fd4d:6169:6c63:6f77::1/64 Scope:Global
          inet6 addr: fe80::42:24ff:fed1:a731/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:82301 errors:0 dropped:0 overruns:0 frame:0
          TX packets:136565 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:7727496 (7.7 MB)  TX bytes:206773128 (206.7 MB)

docker0   Link encap:Ethernet  HWaddr 02:42:fa:80:36:6c
          inet addr:172.17.0.1  Bcast:0.0.0.0  Mask:255.255.0.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

ens160    Link encap:Ethernet  HWaddr 00:0c:29:cb:9b:2b
          inet addr:192.168.1.7  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fecb:9b2b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:337382 errors:0 dropped:0 overruns:0 frame:0
          TX packets:203542 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:433203507 (433.2 MB)  TX bytes:29013546 (29.0 MB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:481 errors:0 dropped:0 overruns:0 frame:0
          TX packets:481 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:41408 (41.4 KB)  TX bytes:41408 (41.4 KB)

veth1a3294b Link encap:Ethernet  HWaddr 9e:b6:9f:36:ae:52
          inet6 addr: fe80::9cb6:9fff:fe36:ae52/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:72377 errors:0 dropped:0 overruns:0 frame:0
          TX packets:127756 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:4916013 (4.9 MB)  TX bytes:203351815 (203.3 MB)

veth23fa2ac Link encap:Ethernet  HWaddr ea:87:7e:50:86:cc
          inet6 addr: fe80::e887:7eff:fe50:86cc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3711 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4338 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3266617 (3.2 MB)  TX bytes:2481593 (2.4 MB)

veth24666f2 Link encap:Ethernet  HWaddr f2:c3:90:a8:4a:35
          inet6 addr: fe80::f0c3:90ff:fea8:4a35/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3915 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4904 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:582371 (582.3 KB)  TX bytes:515249 (515.2 KB)

veth324bc7d Link encap:Ethernet  HWaddr 46:d9:35:d4:43:6f
          inet6 addr: fe80::44d9:35ff:fed4:436f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3917 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3865 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:458776 (458.7 KB)  TX bytes:804542 (804.5 KB)

veth6553e1c Link encap:Ethernet  HWaddr ae:50:e4:0b:6d:f3
          inet6 addr: fe80::ac50:e4ff:fe0b:6df3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:59 errors:0 dropped:0 overruns:0 frame:0
          TX packets:175 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:11465 (11.4 KB)  TX bytes:24392 (24.3 KB)

veth92aed63 Link encap:Ethernet  HWaddr 0a:5c:3c:3e:f1:90
          inet6 addr: fe80::85c:3cff:fe3e:f190/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:914 errors:0 dropped:0 overruns:0 frame:0
          TX packets:652 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:95619 (95.6 KB)  TX bytes:57023 (57.0 KB)

veth930ae78 Link encap:Ethernet  HWaddr 6e:8f:c1:bd:a6:d6
          inet6 addr: fe80::6c8f:c1ff:febd:a6d6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:675 errors:0 dropped:0 overruns:0 frame:0
          TX packets:635 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:108529 (108.5 KB)  TX bytes:94026 (94.0 KB)

veth9a8a812 Link encap:Ethernet  HWaddr be:c9:a2:df:2f:9f
          inet6 addr: fe80::bcc9:a2ff:fedf:2f9f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:10891 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8778 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1246793 (1.2 MB)  TX bytes:2900009 (2.9 MB)

vethea24d61 Link encap:Ethernet  HWaddr 6a:30:7f:1f:2d:80
          inet6 addr: fe80::6830:7fff:fe1f:2d80/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3338 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4876 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1785376 (1.7 MB)  TX bytes:466597 (466.5 KB)

vethed8797e Link encap:Ethernet  HWaddr 4a:02:f6:dd:b6:c0
          inet6 addr: fe80::4802:f6ff:fedd:b6c0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5524 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5009 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2621012 (2.6 MB)  TX bytes:2250720 (2.2 MB)

vethf723a56 Link encap:Ethernet  HWaddr 7a:07:5c:b2:29:c4
          inet6 addr: fe80::7807:5cff:feb2:29c4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1747 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1662 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:225163 (225.1 KB)  TX bytes:225751 (225.7 KB)
-------------------------------------------------------------------------------------------------
 sysctl -p
net.ipv4.tcp_syncookies = 1
net.ipv4.ip_forward = 1
net.ipv4.conf.all.log_martians = 1

docker-compose ps Name Command State Ports

mailcowdockerized_acme-mailcow_1 /srv/docker-entrypoint.sh Exit 1 mailcowdockerized_clamd-mailcow_1 /bootstrap.sh Up 3310/tcp mailcowdockerized_dovecot-mailcow_1 /docker-entrypoint.sh /bin ... Up 10001/tcp, 0.0.0.0:110->110/tcp, 127.0.0.1:19991->12345/tcp, 0.0.0.0:143->143/tcp, 24/tcp, 0.0.0.0:4190->4190/tcp, 0.0.0.0:993->993/tcp, 0.0.0.0:995->995/tcp mailcowdockerized_fail2ban-mailcow_1 python2 -u /logwatch.py Up mailcowdockerized_ipv6nat_1 /docker-ipv6nat --retry Up mailcowdockerized_memcached-mailcow_1 docker-entrypoint.sh memcached Up 11211/tcp mailcowdockerized_mysql-mailcow_1 docker-entrypoint.sh mysql ... Up 3306/tcp mailcowdockerized_nginx-mailcow_1 /bin/sh -c envsubst < /etc ... Up 0.0.0.0:443->443/tcp, 0.0.0.0:80->80/tcp mailcowdockerized_php-fpm-mailcow_1 /docker-entrypoint.sh php- ... Up 9000/tcp mailcowdockerized_postfix-mailcow_1 /bin/sh -c exec /usr/bin/s ... Up 0.0.0.0:25->25/tcp, 0.0.0.0:465->465/tcp, 0.0.0.0:587->587/tcp, 588/tcp mailcowdockerized_redis-mailcow_1 docker-entrypoint.sh redis ... Up 6379/tcp mailcowdockerized_rspamd-mailcow_1 /docker-entrypoint.sh /bin ... Up mailcowdockerized_sogo-mailcow_1 /bin/sh -c exec /usr/bin/s ... Up mailcowdockerized_unbound-mailcow_1 /docker-entrypoint.sh /usr ... Up 53/tcp, 53/udp

iptables -t nat -S POSTROUTING -P POSTROUTING ACCEPT -A POSTROUTING -s 172.22.1.0/24 ! -o br-8e4773bb431c -j MASQUERADE -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE -A POSTROUTING -s 172.22.1.3/32 -d 172.22.1.3/32 -p tcp -m tcp --dport 12345 -j MASQUERADE -A POSTROUTING -s 172.22.1.3/32 -d 172.22.1.3/32 -p tcp -m tcp --dport 4190 -j MASQUERADE -A POSTROUTING -s 172.22.1.3/32 -d 172.22.1.3/32 -p tcp -m tcp --dport 995 -j MASQUERADE -A POSTROUTING -s 172.22.1.3/32 -d 172.22.1.3/32 -p tcp -m tcp --dport 993 -j MASQUERADE -A POSTROUTING -s 172.22.1.3/32 -d 172.22.1.3/32 -p tcp -m tcp --dport 143 -j MASQUERADE -A POSTROUTING -s 172.22.1.3/32 -d 172.22.1.3/32 -p tcp -m tcp --dport 110 -j MASQUERADE -A POSTROUTING -s 172.22.1.4/32 -d 172.22.1.4/32 -p tcp -m tcp --dport 587 -j MASQUERADE -A POSTROUTING -s 172.22.1.4/32 -d 172.22.1.4/32 -p tcp -m tcp --dport 465 -j MASQUERADE -A POSTROUTING -s 172.22.1.4/32 -d 172.22.1.4/32 -p tcp -m tcp --dport 25 -j MASQUERADE -A POSTROUTING -s 172.22.1.251/32 -d 172.22.1.251/32 -p tcp -m tcp --dport 443 -j MASQUERADE -A POSTROUTING -s 172.22.1.251/32 -d 172.22.1.251/32 -p tcp -m tcp --dport 80 -j MASQUERADE

netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 ens160 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.22.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-8e4773bb431c 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ens160

docker-compose logs --tail=100 postfix-mailcow Attaching to mailcowdockerized_postfix-mailcow_1 postfix-mailcow_1 | 2017-09-15 04:07:21,620 CRIT Supervisor running as root (no user in config file) postfix-mailcow_1 | 2017-09-15 04:07:21,629 INFO RPC interface 'supervisor' initialized postfix-mailcow_1 | 2017-09-15 04:07:21,629 CRIT Server 'unix_http_server' running without any HTTP authentication checking postfix-mailcow_1 | 2017-09-15 04:07:21,629 INFO supervisord started with pid 1 postfix-mailcow_1 | 2017-09-15 04:07:22,630 INFO spawned: 'postfix' with pid 7 postfix-mailcow_1 | 2017-09-15 04:07:22,639 INFO spawned: 'syslog-ng' with pid 8 postfix-mailcow_1 | Sep 15 04:07:22 mail syslog-ng[8]: syslog-ng starting up; version='3.8.1' postfix-mailcow_1 | Sep 15 04:07:23 mail postfix[251]: Postfix is running with backwards-compatible default settings postfix-mailcow_1 | Sep 15 04:07:23 mail postfix[251]: See http://www.postfix.org/COMPATIBILITY_README.html for details postfix-mailcow_1 | Sep 15 04:07:23 mail postfix[251]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload" postfix-mailcow_1 | Sep 15 04:07:23 mail postfix/postfix-script[337]: starting the Postfix mail system postfix-mailcow_1 | Sep 15 04:07:23 mail postfix/master[339]: daemon started -- version 3.1.4, configuration /opt/postfix/conf postfix-mailcow_1 | 2017-09-15 04:07:24,481 INFO success: postfix entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) postfix-mailcow_1 | 2017-09-15 04:07:24,481 INFO success: syslog-ng entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) postfix-mailcow_1 | Sep 15 04:10:11 mail postfix/postscreen[345]: cache proxy:btree:/var/lib/postfix/postscreen_cache full cleanup: retained=0 dropped=0 entries ..... postfix-mailcow_1 | Sep 15 04:22:24 mail postfix/qmgr[342]: E960B7219FE: from=admin@sibint.com, size=1117, nrcpt=1 (queue active) postfix-mailcow_1 | Sep 15 04:22:54 mail postfix/smtp[370]: connect to 30047900.in1.mandrillapp.com[52.35.209.90]:25: Connection timed out postfix-mailcow_1 | Sep 15 04:23:24 mail postfix/smtp[370]: connect to 30047900.in1.mandrillapp.com[52.36.64.127]:25: Connection timed out postfix-mailcow_1 | Sep 15 04:23:54 mail postfix/smtp[370]: connect to 30047900.in1.mandrillapp.com[52.35.107.200]:25: Connection timed out postfix-mailcow_1 | Sep 15 04:24:24 mail postfix/smtp[370]: connect to 30047900.in2.mandrillapp.com[52.35.209.90]:25: Connection timed out postfix-mailcow_1 | Sep 15 04:24:54 mail postfix/smtp[370]: connect to 30047900.in2.mandrillapp.com[52.36.64.127]:25: Connection timed out postfix-mailcow_1 | Sep 15 04:24:54 mail postfix/smtp[370]: E960B7219FE: to=zu49V8GiZXlNtD@dkimvalidator.com, relay=none, delay=76749, delays=76598/0.05/151/0, dsn=4.4.1, status=deferred (connect to 30047900.in2.mandrillapp.com[52.36.64.127]:25: Connection timed out) ` What wrong? Thanks

kfnba commented 7 years ago

Any idea? )

aquac commented 7 years ago

From within e.g. the postfix image, can you ping the docker host?