New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mailserver SPF failing - using wrong host interface? #1090
Comments
I managed to find out that docker is using IPtables to route the traffic to/from containers, and that it is using the default interface for outgoing packets. The thing is, I strongly believe this should be implemented to Mailu's setup / config so that users can run multiple instances of it on the same server, even use separate IP('s) from the host main IP (Security aspects). I am nowhere near familiar with setting up IPtables for this service, considering it is already attached to a network and that there are multiple containers involved. Any help would be of great appreciation |
okay so when you try to route over traffic from a subnet over to the correct interface, you end up getting this error when you try to log in to rainloop webmail.
However, if you go to the admin interface (/admin) you can log in with no issues.. Without the rule, all goes fine on webmail..
is what i used for routing. |
You are almost there I believe :) indeed you need to use postrouting in iptables, which is also what I use in production (well, I use nftables but the idea is the same). So, you now simply need to add a |
Got it working, you are right! :) Thanks for the help I hope the above i did and documented can be of help for future users. |
will you post your example? I have been struggling with the correct rules |
Something in the line of: |
1351: Add some faq entries r=mergify[bot] a=kaiyou ## What type of PR? Documentation ## What does this PR do? Add missing faq entries ### Related issue(s) - Closes: #853 - Closes: #897 - Closes: #1090 - Closes: #1315 ## Prerequistes Before we can consider review and merge, please make sure the following list is done and checked. If an entry in not applicable, you can check it or remove it from the list. - [x] In case of feature or enhancement: documentation updated accordingly - [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file. Co-authored-by: kaiyou <pierre@jaury.eu>
So I sent a test email to myself- google lets me know that the SPF failed in the "raw".

Although, my docker compose yml file is set to use another interface on my host:

Here is output of my networking using
ifconfig
As you can see, they are separate interfaces on the same host.
why does SPF fail? The DNS records for MX and resolves to the correct IP, so i am a bit stuck here.
The text was updated successfully, but these errors were encountered: