Home / server / Questions / 1166445
Accepted
0x5041594f
Asked: 2024-10-11 01:38:00 +0800 CST

Docker mail server suddenly stopped receiving mails - Sender address rejected: Domain not found

  • 772

I run a mail server on a small VPS running docker-mail-server.

It was working perfectly fine until 2024-10-02, where it started rejecting email.

I renewed the certificates, even though they expired on 2024-10-15 (two weeks after it stopped working).

Whenever I receive an email, the following trace appears in the log (here an email sent from my protonmail address):

NOQUEUE: reject: RCPT from unknown[185.70.43.21]: 450 4.1.8 <[email protected]>: Sender address rejected: Domain not found; from=<[email protected]> to=<contact@$MY_DOMAIN> proto=ESMTP helo=<mail-4321.protonmail.ch>

Interpreting that as "I don't know what that domain is so I reject the email", I ran dig protonmail.com, which gave a correct ouput:

; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> protonmail.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12017
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;protonmail.com.            IN  A

;; ANSWER SECTION:
protonmail.com.     1200    IN  A   185.70.42.12

;; Query time: 31 msec
;; SERVER: 213.186.33.99#53(213.186.33.99) (UDP)
;; WHEN: Thu Oct 10 17:32:34 UTC 2024
;; MSG SIZE  rcvd: 59

Pinging protonmail.com also works. Any idea of a fix/workaround for that issue or where it might be coming from ? I want to be sure it doesn't come from a user error before opening an issue on github.

EDIT: it appears the container itself does not have access to the internet. I cannot ping a domain nor an IP address. Here is the docker compose I am using:

services:
  mailserver:
    image: ghcr.io/docker-mailserver/docker-mailserver:latest
    container_name: mailserver
    # Provide the FQDN of your mail server here (Your DNS MX record should point to this value)
    hostname: mail.$MY_DOMAIN.fr
    env_file: mailserver.env
    # More information about the mail-server ports:
    # https://docker-mailserver.github.io/docker-mailserver/latest/config/security/understanding-the-ports/
    ports:
      - "143:143"  # IMAP4 (explicit TLS => STARTTLS)
      - "465:465"  # ESMTP (implicit TLS)
      - "587:587"  # ESMTP (explicit TLS => STARTTLS)
      - "993:993"  # IMAP4 (implicit TLS)
      - "25:25"
    volumes:
      - ./docker-data/dms/mail-data/:/var/mail/
      - ./docker-data/dms/mail-state/:/var/mail-state/
      - ./docker-data/dms/mail-logs/:/var/log/mail/
      - ./docker-data/dms/config/:/tmp/docker-mailserver/
      - /etc/localtime:/etc/localtime:ro
      - /docker/vol/dms/cert:/var/cert
      - /etc/letsencrypt:/etc/letsencrypt
    restart: always
    stop_grace_period: 1m
    healthcheck:
      test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
      timeout: 3s
      retries: 0

I tried creating an external network and binding the service to it, didn't work.

docker

1 Answers

  1. Best Answer

    Removing the ports block and setting network_mode to host did the trick as a workaround. Thanks to Jaromanda X.

    • 0