Email receiving (and sending) broken since 0.8.0-r0

[KevinRoebert]

Behaviour

Steps to reproduce this issue

1. Upgrade from anonaddy/anonaddy:0.7.5 to anonaddy/anonaddy:0.8.0
2. Receive Mail
3. Optional: Set ANONADDY_DNS_RESOLVER to any public DNS resolver, e.g., 1.1.1.1 or 8.8.8.8 (Tried with the following settings: 127.0.0.1, 1.1.1.1, 8.8.8.8)
4. Hostname resolution no longer works. Mails are rejected due to missing reverse hostname resolution.

Expected behaviour

Emails should be able to be received and sent via the "Reply" function. In addition, tIn addition, the name resolution should work.

Actual behaviour

Emails can no longer be received because the name resolution does not work. This also leads to the fact that you can no longer reply to emails that have already been received because the mail does not go directly to the sender, but first via AnonAddy to hide the original email address.

Configuration

• Docker version (type docker --version) : Docker version 20.10.7, build f0df350
• Docker compose version if applicable (type docker-compose --version) : docker-compose version 1.27.4, build 40524192
• Platform (Debian 9, Ubuntu 18.04, ...) : Ubuntu 20.04.2 LTS
• System info (type uname -a) : Linux *********.eu 5.4.0-77-generic #86-Ubuntu SMP Thu Jun 17 02:35:03 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
• Include all necessary configuration files : docker-compose.yml, .env, ...

anonaddy.env.txt
docker-compose.yml.txt

Docker info

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
  scan: Docker Scan (Docker Inc., v0.8.0)

Server:
 Containers: 26
  Running: 18
  Paused: 0
  Stopped: 8
 Images: 99
 Server Version: 20.10.7
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 7eba5930496d9bbe375fdf71603e610ad737d2b2
 runc version: v1.0.0-0-g84113ee
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 5.4.0-77-generic
 Operating System: Ubuntu 20.04.2 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 7.775GiB
 Name: **********.eu
 ID: V4TL:AQXJ:UBLT:RUIV:TT7X:CUZK:MCRW:4IDG:4W7H:YN4A:AU5I:A6UQ
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Logs

Jul 29 16:15:10 ******** postfix/smtpd[1023]: connect from unknown[91.216.***.***]

Jul 29 16:15:40 ******** postfix/smtpd[1023]: NOQUEUE: reject: RCPT from unknown[91.216.***.***]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [91.216.***.***]; from=<mail@********.de> to=<test@********.eu> proto=ESMTP helo=<mail-out.********.de>

Jul 29 16:15:40 ******** postfix/cleanup[1041]: 3A8639A0989: message-id=<20210729141540.3A8639A0989@.********..eu>

Jul 29 16:15:40 ******** postfix/qmgr[933]: 3A8639A0989: from=<double-bounce@********.eu>, size=1145, nrcpt=1 (queue active)

Jul 29 16:15:40 ******** postfix/smtpd[1023]: disconnect from unknown[91.216.***.***] ehlo=1 starttls=0/1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=4/7

Jul 29 16:15:40 ******** postfix/error[1042]: 3A8639A0989: to=<postmaster@/etc/mailname>, orig_to=<postmaster>, relay=none, delay=0.03, delays=0.02/0.01/0/0.01, dsn=5.1.3, status=bounced (bad address syntax)

Jul 29 16:15:40 ******** postfix/bounce[1043]: warning: 3A8639A0989: undeliverable postmaster notification discarded

Jul 29 16:15:40 ******** postfix/qmgr[933]: 3A8639A0989: removed

[crazy-max]

@KevinRoebert Maybe linked to #67. Can you try with anonaddy/anonaddy:test?

[KevinRoebert]

@KevinRoebert Maybe linked to #67. Can you try with anonaddy/anonaddy:test?

The error persists even with the anonaddy/anonaddy:test Docker image. The hostnames cannot be resolved. I have attached the log.
_anonaddy_logs.txt

[KevinRoebert]

I've also tried older images like 0.7.4 and forced a redownload. It works with images < 0.8.0.

[KevinRoebert]

_anonaddy_logs(1).txt

[crazy-max]

@KevinRoebert Ok thanks for your feedback! Might be an issue with Postfix since Alpine 3.14. Will take a look and keep you in touch.

[willbrowningme]

Could you try updating your .env file to:

MAIL_FROM_NAME=Example
MAIL_FROM_ADDRESS=mailer@example.com
MAIL_DRIVER=smtp
MAIL_HOST=localhost
MAIL_PORT=25
MAIL_ENCRYPTION=null

See if that sorts it.

[crazy-max]

@willbrowningme Don't think that's issue, this is already handled.

[crazy-max]

@KevinRoebert I've made some changes in #71, can you try with anonaddy/anonaddy:pr-71? I've also created another image that reverts to Alpine 3.13 with AnonAddy 0.8.0 anonaddy/anonaddy:test-alpine3.13 if you can also try this one. Thanks.

[KevinRoebert]

I've made some changes in #71, can you try with anonaddy/anonaddy:pr-71?

Does not fix the problem. Here is the log:
_anonaddy_logs.txt

I've also created another image that reverts to Alpine 3.13 with AnonAddy 0.8.0 anonaddy/anonaddy:test-alpine3.13 if you can also try this one.

Doesn't work either. The log is attached:
_anonaddy_logs(1).txt

[KevinRoebert]

Could you try updating your .env file to:

MAIL_FROM_NAME=Example
MAIL_FROM_ADDRESS=mailer@example.com
MAIL_DRIVER=smtp
MAIL_HOST=localhost
MAIL_PORT=25
MAIL_ENCRYPTION=null

See if that sorts it.

Tested with anonaddy/anonaddy:latest. Does not fix the problem. The log is attached:
_anonaddy_logs.txt

[crazy-max]

@KevinRoebert Thanks for your feedback! Can you enable POSTFIX_DEBUG with anonaddy/anonaddy:pr-71 and post your logs please?

@willbrowningme I wonder if this is not due to the changes to master.cnf as required by 0.8.0. The config looks good to you?

[KevinRoebert]

Thanks for your feedback! Can you enable POSTFIX_DEBUG with anonaddy/anonaddy:pr-71 and post your logs please?

_anonaddy_logs.txt

[willbrowningme]

@crazy-max yes it seems okay to me, here is a full /etc/postfix/master.cf example from a self-hosted instance I have working (not the Docker version).

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (no)    (never) (100)
# ==========================================================================
smtp      inet  n       -       y       -       -       smtpd
#smtp      inet  n       -       y       -       1       postscreen
#smtpd     pass  -       -       y       -       -       smtpd
#dnsblog   unix  -       -       y       -       0       dnsblog
#tlsproxy  unix  -       -       y       -       0       tlsproxy
#submission inet n       -       y       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_tls_auth_only=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       y       -       -       smtpd
#  -o syslog_name=postfix/smtps
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       y       -       -       qmqpd
pickup    unix  n       -       y       60      1       pickup
cleanup   unix  n       -       y       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       y       1000?   1       tlsmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       y       -       0       bounce
verify    unix  -       -       y       -       1       verify
flush     unix  n       -       y       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       y       -       -       smtp
relay     unix  -       -       y       -       -       smtp
        -o syslog_name=postfix/$service_name
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       y       -       -       showq
error     unix  -       -       y       -       -       error
retry     unix  -       -       y       -       -       error
discard   unix  -       -       y       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       y       -       -       lmtp
anvil     unix  -       -       y       -       1       anvil
scache    unix  -       -       y       -       1       scache
postlog   unix-dgram n  -       n       -       1       postlogd
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

anonaddy unix - n n - - pipe
  flags=F user=johndoe argv=php /var/www/anonaddy/artisan anonaddy:receive-email --sender=${sender} --recipient=${recipient} --local_part=${user} --extension=${extension} --domain=${domain} --size=${size}

and here is the /etc/postfix/main.cf

smtpd_banner = $myhostname ESMTP
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2

# SMTPD
smtpd_tls_cert_file=/etc/nginx/conf.d/example.com.d/server.crt
smtpd_tls_key_file=/etc/nginx/conf.d/example.com.d/server.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_security_level = may
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL
smtpd_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_ciphers = high
smtpd_tls_eecdh_grade = ultra
tls_high_cipherlist=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
tls_preempt_cipherlist = yes
tls_ssl_options = NO_COMPRESSION

# SMTP
smtp_tls_CApath = /etc/ssl/certs
smtp_use_tls=yes
smtp_tls_loglevel = 1
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1
smtp_tls_mandatory_ciphers = high
smtp_tls_ciphers = high
smtp_tls_mandatory_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL
smtp_tls_exclude_ciphers = MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL
smtp_tls_security_level = may

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail.example.com
mydomain = example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname

mydestination = localhost.$mydomain, localhost

virtual_transport = anonaddy:
virtual_mailbox_domains = $mydomain, unsubscribe.$mydomain, mysql:/etc/postfix/mysql-virtual-alias-domains-and-subdomains.cf

relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

local_recipient_maps =

smtpd_helo_required = yes
smtpd_helo_restrictions =
    permit_mynetworks
    permit_sasl_authenticated
    reject_invalid_helo_hostname
    reject_non_fqdn_helo_hostname
    reject_unknown_helo_hostname

smtpd_sender_restrictions =
   permit_mynetworks
   permit_sasl_authenticated
   reject_non_fqdn_sender
   reject_unknown_sender_domain
   reject_unknown_reverse_client_hostname

smtpd_recipient_restrictions =
   permit_mynetworks,
   reject_unauth_destination,
   check_recipient_access mysql:/etc/postfix/mysql-recipient-access.cf,
   reject_rhsbl_helo dbl.spamhaus.org,
   reject_rhsbl_reverse_client dbl.spamhaus.org,
   reject_rhsbl_sender dbl.spamhaus.org,
   reject_rbl_client zen.spamhaus.org
   reject_rbl_client dul.dnsbl.sorbs.net

# Block clients that speak too early.
smtpd_data_restrictions = reject_unauth_pipelining

# Milter configuration
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:11332
non_smtpd_milters = $smtpd_milters
milter_mail_macros =  i {mail_addr} {client_addr} {client_name} {auth_authen}

disable_vrfy_command = yes
strict_rfc821_envelopes = yes

The only other change I can think of is the one I mentioned above in this thread, to try changing the values in .env file from:

MAIL_HOST=mail.example.com
MAIL_ENCRYPTION=tls

to:

MAIL_HOST=localhost
MAIL_ENCRYPTION=null

[Imaskiller]

0.8 does not work for me either
in 0.8 i cannot establish a trusted tls connection and thus mail forwarding does not work

but in 0.7.5 the tls conenction works and thus mail forwarding works as well

[willbrowningme]

@Imaskiller have you tried changing your .env variables to:

MAIL_HOST=localhost
MAIL_ENCRYPTION=null

This is the only thing I can think it could be.

[crazy-max]

@willbrowningme I will make a change and push that. Btw MAIL_HOST=localhost is already enforced.

[crazy-max]

@KevinRoebert Can you try with anonaddy/anonaddy:pr-72 (and POSTFIX_DEBUG enabled) please? Thanks!

[Imaskiller]

@Imaskiller have you tried changing your .env variables to:

MAIL_HOST=localhost
MAIL_ENCRYPTION=null

This is the only thing I can think it could be.

Nope this does not help either.
I use arm64 and I host it on my home network and reverse lookup fails for my hostname cause of my isp.
This is pretty much the error

Aug 06 17:35:03 anonaddy postfix/smtpd[1025]: reject_unknown_mailhost: yandex.com
Aug 06 17:35:03 anonaddy postfix/smtpd[1025]: lookup yandex.com type MX flags 
Aug 06 17:35:08 anonaddy postfix/smtpd[1025]: dns_query: yandex.com (MX): Host not found, try again
Aug 06 17:35:08 anonaddy postfix/smtpd[1025]: lookup yandex.com type A flags 
Aug 06 17:35:13 anonaddy postfix/smtpd[1025]: dns_query: yandex.com (A): Host not found, try again
Aug 06 17:35:13 anonaddy postfix/smtpd[1025]: lookup yandex.com type AAAA flags 
Aug 06 17:35:18 anonaddy postfix/smtpd[1025]: dns_query: yandex.com (AAAA): Host not found, try again

Aug 06 17:35:18 anonaddy postfix/smtpd[1025]: > unknown[77.88.28.109]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [77.88.28.109]

[willbrowningme]

@Imaskiller it is related to the change from using sendmail to smtp as the Laravel mail driver then.

Could you try updating your /etc/postfix/main.cf file so that you remove reject_unknown_reverse_client_hostname from smtpd_sender_restrictions:

smtpd_sender_restrictions =
   permit_mynetworks
   permit_sasl_authenticated
   reject_non_fqdn_sender
   reject_unknown_sender_domain

[Imaskiller]

@Imaskiller it is related to the change from using sendmail to smtp as the Laravel mail driver then.

Could you try updating your /etc/postfix/main.cf file so that you remove reject_unknown_reverse_client_hostname from smtpd_sender_restrictions:

smtpd_sender_restrictions =
   permit_mynetworks
   permit_sasl_authenticated
   reject_non_fqdn_sender
   reject_unknown_sender_domain

How do I change it? If i change the file and restart the container i get this error:

/usr/sbin/postconf: warning: /etc/postfix/main.cf, line 794: overriding earlier entry: smtpd_sender_restrictions=permit_mynetworks   permit_sasl_authenticated   reject_non_fqdn_sender   reject_unknown_sender_domain

I also tried volume-binding the changed file but i get the same error and I am not receiving any mails after the change.

[crazy-max]

@Imaskiller

I also tried volume-binding the changed file but i get the same error and I am not receiving any mails after the change.

Can you try with anonaddy/anonaddy:pr-73?

[Imaskiller]

@Imaskiller

I also tried volume-binding the changed file but i get the same error and I am not receiving any mails after the change.

Can you try with anonaddy/anonaddy:pr-73?

Unfortunately that still does not fix it. TLS connections cannot be established and ends with the following error in the end:

Aug 07 19:59:17 anonaddy postfix/bounce[966]: warning: 3252811781D: undeliverable postmaster notification discarded,
Aug 07 19:59:17 anonaddy postfix/error[965]: 3252811781D: to=<postmaster@/etc/mailname>, orig_to=<postmaster>, relay=none, delay=0.1, delays=0.04/0.03/0/0.03, dsn=5.1.3, status=bounced (bad address syntax),
Aug 07 19:59:17 anonaddy postfix/qmgr[930]: 3252811781D: removed

I also tried

MAIL_HOST=localhost
MAIL_ENCRYPTION=null

But it fails with the same error in the end.

Edit:
I fixed the TLS issue after renaming my *.pem files to *.crt and *.key
But I cannot reproduce the error for pr-73. Reverse lookup just fails but I dont get the "removed" log anymore.

0.7.5 works still works fine though

[crazy-max]

@Imaskiller @KevinRoebert Should be fixed with latest release (0.8.1).

[KevinRoebert]

Now there is another error. The log is attached:
_anonaddy_logs.txt

[crazy-max]

@KevinRoebert I've pushed another fix to handle postfix relay restrictions. Can you try with anonaddy/anonaddy:pr-76?

[Imaskiller]

@crazy-max same error for me with pr76

Aug 09 12:00:21 anonaddy postfix/smtpd[939]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 554 5.7.1 <***@***>: Relay access denied; from=<***@***> to=<***@***> proto=ESMTP helo=<[127.0.0.1]>
Aug 09 12:00:21 anonaddy postfix/pipe[944]: ECA2A35EF4B: to=<***@***>, relay=anonaddy, delay=6.7, delays=5.3/0/0/1.4, dsn=4.3.0, status=deferred (An error has occurred, please try again later. )

[willbrowningme]

The updated main.cf with in #76

smtpd_relay_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    defer_unauth_destination

Should mean that permit_mynetworks accepts connections from localhost.

Could there be an issue with the current mynetworks vaiable in main.cf? It looks correct to me.

mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16

Or perhaps the fact that the Postfix does not recognise this as a local connection from mynetworks due to the Docker setup?

I can't recreate this issue with a self-hosted instance that was set up manually.

[KevinRoebert]

@KevinRoebert I've pushed another fix to handle postfix relay restrictions. Can you try with anonaddy/anonaddy:pr-76?

Does not fix the error. The error message is the same as before.

[KevinRoebert]

Docker containers using the private subnet 172.0.0.0/24. Maybe this must be included in mynetworks?
Or is it possible to add a subnet via ENV variable to mynetworks?

[crazy-max]

@KevinRoebert @Imaskiller Ok found the issue. Can you docker pull anonaddy/anonaddy:pr-76 and try again please?

[KevinRoebert]

@KevinRoebert @Imaskiller Ok found the issue. Can you docker pull anonaddy/anonaddy:pr-76 and try again please?

Does fix the problem.