ERROR: Invalid interpolation format for "unbound-mailcow" option in service "services" #6090

ka5itoshka · 2024-09-25T13:41:22Z

Contribution guidelines

I've read the contribution guidelines and wholeheartedly agree

I've found a bug and checked that ...

... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
... I have understood that answers are voluntary and community-driven, and not commercial support.
... I have verified that my issue has not been already answered in the past. I also checked previous issues.

Description

Hi guys. After update, i saw that my dovecot stopped and SOGo + my PC client can't connected to mail server. 

So i going to ssh console, and check what service works and what not.

Logs:

docker compose up -d
 ✔ Container mailcowdockerized-unbound-mailcow-1    Healthy                                                                                                                                                                                                              0.5s 
 ✔ Container mailcowdockerized-dockerapi-mailcow-1  Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-olefy-mailcow-1      Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-memcached-mailcow-1  Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-netfilter-mailcow-1  Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-clamd-mailcow-1      Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-redis-mailcow-1      Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-mysql-mailcow-1      Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-solr-mailcow-1       Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-sogo-mailcow-1       Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-php-fpm-mailcow-1    Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-postfix-mailcow-1    Running                                                                                                                                                                                                              0.0s 
 ⠴ Container mailcowdockerized-dovecot-mailcow-1    Starting                                                                                                                                                                                                             0.5s 
 ✔ Container mailcowdockerized-rspamd-mailcow-1     Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-nginx-mailcow-1      Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-ofelia-mailcow-1     Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-acme-mailcow-1       Running                                                                                                                                                                                                              0.0s 
 ✔ Container mailcowdockerized-watchdog-mailcow-1   Running  

So the problem with dovecot. Then I go to check dovecot logs, and saw next:

/opt/mailcow-dockerized# docker-compose logs dovecot-mailcow
ERROR: Invalid interpolation format for "unbound-mailcow" option in service "services": "SKIP_UNBOUND_HEALTHCHECK=${SKIP_UNBOUND_HEALTHCHECK:-n}"

Steps to reproduce:

1. Update mailcow via official documentation
2. Wait for a few days
3. Show service status

Which branch are you using?

master

Which architecture are you using?

x86

Operating System:

Ubuntu 22.04

Server/VM specifications:

4

Is Apparmor, SELinux or similar active?

no

Virtualization technology:

no

Docker version:

27.1.2

docker-compose version or docker compose version:

1.26.2

mailcow version:

2024-08a

Reverse proxy:

Nginx

Logs of git diff:

diff --git a/data/assets/ssl-example/cert.pem b/data/assets/ssl-example/cert.pem
index 96d16bec..de4d2026 100644
--- a/data/assets/ssl-example/cert.pem
+++ b/data/assets/ssl-example/cert.pem
@@ -1,19 +1,33 @@
 -----BEGIN CERTIFICATE-----
-MIIDBDCCAe6gAwIBAgIQeJMoL/3dxhxhT9EwuRTL/DALBgkqhkiG9w0BAQswEjEQ
-MA4GA1UEChMHbWFpbGNvdzAeFw0xNjEyMTMxMDExMDBaFw0xOTExMjgxMDExMDBa
-MC0xEDAOBgNVBAoTB21haWxjb3cxGTAXBgNVBAMTEG1haWwuZXhhbXBsZS5vcmcw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRg0xT3At9DSb3H5OMp3K1
-MpXAgYyotSK6TS61fC0QEHy2fMXiws7Agcye6Ln7CG63Fe1eN2jkdlefy9xJivS8
-y5w0M8i168v5znzC8fnylL2iOiSYfK/B/oEqfU7YH4RcegO53oDDIUZmi4Frgnu7
-39VVOU1ZyHEVqGJ2H2aAIkoZRjGzumD9Ym4LWGidtKJzBgFt/qmhUeWXipM8w281
-XkQnJU79+x2ywnJSvEZ3r/ZVJC7kbjiVw+/k15k9Cxk6Ik8wmJ0X/+xWxoZomHQI
-1LM0VKAS/iaU95dn2bplvL6jTiiyWAbrMjSKs4XbPt/fIbOicNkj6+CFy0MVfyyH
-AgMBAAGjPzA9MA4GA1UdDwEB/wQEAwIAqDAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
-KwYBBQUHAwEwDAYDVR0TAQH/BAIwADALBgkqhkiG9w0BAQsDggEBAI/jBJa1P8nB
-eHUN5muQmjBVDVOYyWAAEapOe2HYsBcpjaB2H8Iw3DQzJtz6peYeYSCmHRVqFLCm
-VPrq36l9mPUotyPDPlQQAxCj9R2+WbGaJO+N/E1F8FQ94dr3jqwUyfjVPoqEjmIH
-NFkvbA0RJOeBm9oYGdhM0wjOBV9c9MTHFG82nQ/zQeTuPb7GXuKIOXYCxoLNOZMw
-UJ02Cqjv5ImrgOhcstAKX3Ip0urSvZUGvtPla4CGh+M6yDFJ08GzX6OiMIH207RW
-jAbUXXERSUv/7hysdDjGo5HZjCeMzVu9KAxoZXqnmvkk8g2swKWtWBRcoeU1VGx0
-Bx4Q4KMjuYQ=
+MIIFuzCCA6OgAwIBAgIUK78Mr89NXWeDmamAP2Lv8A/iWgwwDQYJKoZIhvcNAQEL
+BQAwbTELMAkGA1UEBhMCREUxDDAKBgNVBAgMA05SVzEQMA4GA1UEBwwHV2lsbGlj
+aDEQMA4GA1UECgwHbWFpbGNvdzEQMA4GA1UECwwHbWFpbGNvdzEaMBgGA1UEAwwR
+bWFpbC5tb3ZlaXRvbi5uZXQwHhcNMjQwMTIxMTcxODU4WhcNMjUwMTIwMTcxODU4
+WjBtMQswCQYDVQQGEwJERTEMMAoGA1UECAwDTlJXMRAwDgYDVQQHDAdXaWxsaWNo
+MRAwDgYDVQQKDAdtYWlsY293MRAwDgYDVQQLDAdtYWlsY293MRowGAYDVQQDDBFt
+YWlsLm1vdmVpdG9uLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+ANJIlSTYyrHCG9LZfDkhfc0JqfawxJIV12GePPRGj+A5dx72boTKUbBYLtmLBl85
+txKD+L3gFFzmWeEYOCEUHoX/rbDyQbhRCuQ5DJtcGb7qFER5fjukXSuBBZxHT6Es
+C5/BKV0BN6K35knxC6hVUOqwUJWZGgd8e4nnEnl7O6/RFPJbHVc+2+z4qdni7fwY
+7rFJQwy23aJ2pTLksEF7Gaft40mS+Of0lygaPZ+7Mj6yZfjf4uql/coFlhphiM46
+GVHUqTHsFs2/qD6WrNOugHzifklNBsBcxBLXwQd4/XD4vT4cHx9oPmov0wPaiUxq
+KZi1QtZIq4RDTMJV9M3pyk4b2+cS7R/K4cOc5MS2XMncrDoYRFtCnmVFrv7lO/q/
+puFupWd+VOCbDG4gQf39ELi8VnfRCn5FVmg9gX3il/v/aN3Y7PfM27KUhCNg/Mah
+kylpFepXk3elnkxnVYy7A/CRvukXLybi/N9xF7HvOTUNsBCIgPqnk4/aPqUarlPY
+WRdlv1uq1jSWbWHB5/SDfCe8H1CcgwN22+YNgSCeesSJaa946L98voeNnbvoP7rh
+iILegJ2+iNuHhbNWfSp0vbUbheyU1E7UZx4sOjPOGdvouSxNc7/ZxEawkGFnvr0Y
+8vCDBdBG5Co6RhvSOyGlLByi3dD6fp5yWdgOg06ePomjAgMBAAGjUzBRMB0GA1Ud
+DgQWBBTtCu0Nzq7C+x9F2GsCapLNv+C+0zAfBgNVHSMEGDAWgBTtCu0Nzq7C+x9F
+2GsCapLNv+C+0zAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCD
+JDH1cU6lLpN+q7rs6XnQ4FnCUOv8g6zJcXuXPL+0a689tok5qmoelenYFbgelIkr
+vUwWAXOYV2EKigOAywAR11035RaSUqRAwT1JfCSiZ6NqnylsBRrdkAcVgRI49yj/
+NYIA19EjoB444is8ioRfGdfyMuuDG20alpivZxwc/1mZMBSLAHqcpdQvmbF3G2Gi
+5NLnQIYu0IVAoSlHaFH8fz+tM/rMGsdnubezEe9VQkdu6Gg+9bzURGYJqkDJU0uX
+bT4jO/3+whVSM5dHuLVWrW3dyGjYWbNAVYZxq/tgtXKqeWZsIwEsg8HXXpJ0y6sy
+VdST2o5gHt49Nz66/SclfNRQxviQqM+SU62vyZ4SG8ekPJnIHaf1SIVLCchhKcAG
+ozfHNqA0MLnXvNF1thopxCulaxTe+qBHdPuINK3ZuvTwzveo81FScMW8Xfrsu9Jj
+PQgHb8Kz8+zmcPcdihlXeQtMJbIpIfZLZLEyATC9VXtiSpqmV1yBh6qexQ5N99qM
+K2fJMDQ0QxOKm0b/mGtLB8DfcgDt672X4aM1uuqAX+c3Fje1zqHpmOMhs3Q3/Q8O
+m8yfPiljZDv8RVEXEonZ2dZQF6QjYyXWcOEZcdCcUNbeuNSf9ImaUb4baSgMbJPx
+YmCVgy6OxkY75wYXwNKXkvVWc/6vEuIFfp/MKHuAhQ==
 -----END CERTIFICATE-----
diff --git a/data/assets/ssl-example/key.pem b/data/assets/ssl-example/key.pem
index cedf35a0..b73ab1a2 100644
--- a/data/assets/ssl-example/key.pem
+++ b/data/assets/ssl-example/key.pem
@@ -1,27 +1,52 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA0YNMU9wLfQ0m9x+TjKdytTKVwIGMqLUiuk0utXwtEBB8tnzF
-4sLOwIHMnui5+whutxXtXjdo5HZXn8vcSYr0vMucNDPItevL+c58wvH58pS9ojok
-mHyvwf6BKn1O2B+EXHoDud6AwyFGZouBa4J7u9/VVTlNWchxFahidh9mgCJKGUYx
-s7pg/WJuC1honbSicwYBbf6poVHll4qTPMNvNV5EJyVO/fsdssJyUrxGd6/2VSQu
-5G44lcPv5NeZPQsZOiJPMJidF//sVsaGaJh0CNSzNFSgEv4mlPeXZ9m6Zby+o04o
-slgG6zI0irOF2z7f3yGzonDZI+vghctDFX8shwIDAQABAoIBAQC9kiLnIgxXGyZt
-pmmYdA6re1jatZ2zLSp+DcY8ul3/0hs195IKCyCOOSQPiR520Pt0t+duP46uYZIJ
-aakp9gxaI5Vz+oMacH/AyaBDuDTj1Mf9WMSyIOfbDVCMRJOppGLcVh62+Gfjp2EO
-+h2hTJBuvypFkbK2kVIZOaHVpbXWKw1oYuEcTftk9XfxxvfSMw1HQ12/P2CAcbaa
-jPmVbisunv6kpXtewSBTcaLSYWJf1MYD5Hi8fzkD2FJSXYbfQd8RKvT2rj6FA7ux
-CDMzbYhdnd7lc63OARCIjfCRNtDT1cZ3gR1CQHD98lWxmPQIZukv+w7s/bSrFgnQ
-ROZ0ghBJAoGBAOmE/3d5FDmp0aJNxXynKcRGdpEEM4O40RIdqa2eR6Pa7aTRosao
-z0qVgdFuJrqjlB3jgedxXEX1M0abCUzzM9Q5F7JLl+KsjwRwpkIOkPiyUncLp7LK
-QbY3tvYBIdpjlF1USOMGRL4j11hqr4vQC/yPBF7jj81kCZDTbmZhp82jAoGBAOWu
-ql5QFUOlmqkuWIAFkiLEZhOu+ptqkE+zG50CCGMJIX0dJ2PHXFyNGInomAeT0nbI
-pbnK3x7KeEKiGrAqZFNCTHhApTwkrIj0L/RQbMDZ7u7j1AEUVNFEhIm62kg84FtG
-xtfxVxredE+NQc/tyV3hXegdNZxegALirlcMKIvNAoGAWFwIxk48Ru1o8z72QQqH
-lUsMRicOzwK5qV8r+xPvC6MlVL42F3F8rj4QFwzU/r4yp3SUjNyqC5aSRl8Xj9Re
-gijwPHi6Cf09SHLPliMo29GtvnnchJxfbPF7+23GP3p6gy4HPk/65u9s5nnH3uFk
-B7ad8sGsgg0eSXyXQ4okEn0CgYEAnogPuedGthlxBgMiPMMbmfm7hyyId4t3Ljuu
-/JExnsHnpobf8EPjoVIWNOIhRWGnrCtUEEhR9tvDZCKljyDDfKBPTdU496lMmX8K
-NnToi7gg7iy84T3aSVMktDgPgDrclMPmbZh8CeSvnVUfrtgu3Ci4+4Rlw5eKffNe
-aGDQ/6UCgYAbUq9mRT2WOXIo+Dchi9VzDWgtfOw5VEyqkSpb7hPiIYx5jNaENnVK
-cAi3iqbBgPJBuMlTrKmmaxdmssGOEZNJLuuXLDbCU+f5cpu5PQ4crC6UtRI5rlhp
-8Yc+oiv3HWbSw3sVRpMFB6NP4DnvgFW3B2Wdfb/lNzPCKWqBsX7gWw==
------END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQDSSJUk2MqxwhvS
+2Xw5IX3NCan2sMSSFddhnjz0Ro/gOXce9m6EylGwWC7ZiwZfObcSg/i94BRc5lnh
+GDghFB6F/62w8kG4UQrkOQybXBm+6hREeX47pF0rgQWcR0+hLAufwSldATeit+ZJ
+8QuoVVDqsFCVmRoHfHuJ5xJ5ezuv0RTyWx1XPtvs+KnZ4u38GO6xSUMMtt2idqUy
+5LBBexmn7eNJkvjn9JcoGj2fuzI+smX43+Lqpf3KBZYaYYjOOhlR1Kkx7BbNv6g+
+lqzTroB84n5JTQbAXMQS18EHeP1w+L0+HB8faD5qL9MD2olMaimYtULWSKuEQ0zC
+VfTN6cpOG9vnEu0fyuHDnOTEtlzJ3Kw6GERbQp5lRa7+5Tv6v6bhbqVnflTgmwxu
+IEH9/RC4vFZ30Qp+RVZoPYF94pf7/2jd2Oz3zNuylIQjYPzGoZMpaRXqV5N3pZ5M
+Z1WMuwPwkb7pFy8m4vzfcRex7zk1DbAQiID6p5OP2j6lGq5T2FkXZb9bqtY0lm1h
+wef0g3wnvB9QnIMDdtvmDYEgnnrEiWmveOi/fL6HjZ276D+64YiC3oCdvojbh4Wz
+Vn0qdL21G4XslNRO1GceLDozzhnb6LksTXO/2cRGsJBhZ769GPLwgwXQRuQqOkYb
+0jshpSwcot3Q+n6eclnYDoNOnj6JowIDAQABAoICAESbvuGPRA7cRKS2JdQkC74G
+nagpw3DgZG3qqXuPvCiNx0JYZ/W2ZxGwq9R5iiIum/8UBOe6gRpQY9nPw5xzSoQw
+x/RYDj47XuDYhjb4RUQnbmZq91cxSN7FUVXMZHwy+TXt2XeJSqQx+RZ96W5KK8Tu
+stQkaDwyDsKPHFV7ch1qi7mJJdkN3saB2TUIV9ptLg+01gYDceusZzjkKWer6NKE
+CKi8Ja7UfC7u5NVFR97x6Nha/9fMQbIUwYUo9nBGv3UV/AAYRdZqZlPJaGkGYdCd
+O1PiKEZB3g1BzK6J+LLPzTrDBRqDsf2GTgRPXIWMi7bRyRVOD3vvU0+CqQU39rOO
+z4VXGDEpfCa9hn7U9h7gM7RgAxwKn9XfEdU4Zd49CplhiD37PwkGOldwux9gOus1
+N//akiObwOvxm2HuDIDw0gNp/k4KTTI6s25hzcG5TKkFxF74U6JsmZJxCq69Gxe+
+O3Gepm8MVwcmkvUbRusVYsNhUm2Mq2OSZZ/SEuVK4VtJ0oDSkCXqQg8/iY8oTI6Q
+BpVShlMD4p0L+Fyp52wIrohbEvIafS6sjXIc0/UexTkBCIomzLjdG0VdJViC26mW
+W3KOZZwev6pLSrOW2lRYYdLNS8AuD+bltOya8FC66Epq+SZ1M0kAUqgsm6FCnnEV
+Y0MzNoTiLUFPtVtgESd9AoIBAQDyzKZaiun3KqCTurMf2qzNP3ZCZ14vAyI/1siy
+0q6irHOLZQJpAIvVrGDOKQF3wkmzvaAQgWq/Axdp6/lg0efy38IAF+L7WizTbRUu
+uiOBztJJu3sgaRpHE9pgUVGHWW+mfrrMZ5Uhut/YX+UXggYTR+uk/ZCLOHZlNhbz
+XWYQQaOuRmWs3NdRcdtyEAGlLf6GGopJ1eQVgox1P5acFLgbm5EmkKRN8FnZQqY5
+bqILE5nFNXOsq+jFcZgcYEi/2inCfpCGlZDtzIyzsPp8dM8WalOkD8ZQkN6hw8tF
+/5g9+X4MpPvZWUtrt/sxPGrAn5+i+4Exsw2KFS5mlVuJzoHnAoIBAQDdt14X2enO
+XCZcrM8hLeIzNZz4anEiYcU2QKfP8v2HA4kCdk5zGmS3EFTtQl4lP4v5qLMJsWQl
+72vs+segBE+eqlRTpg8tmEmi0+/oyLKp4czxnSv54KK4/5U8pTua/WuZIr4RT7YR
+5y0Exg0YgorhdUlfpUMUXXFx6AF1HDjPM5Ez3MFTHb+tg4+hmXTWJ9Ck5jwi2ckA
+uWMwi87ua/CRYV9j8ivFeYaSqHRT1OYdJ9dDSUtfecjsLxMWNgcfuPiaC2OsBX7b
+FTmcogUqnZtbQiKq7ahgkktVrxa0hHD0jyb2FMORCallixYk1NxHlQWtuCA2WJgH
+ThXMFAJBejrlAoIBAGpnl4vcjxZb3w1+55tRKSO16SzGwjbWJ79UcJY10ITIEMcJ
+GFpN+/pDVhVjURpb0hLsSmaRYOefAjbQTHTK6Ny+hPWngjjnVve9OWhF+OOdcPkR
+Ka+VgAegQratTI6FenG73j9QMcIbdJgNxodb2y+9+B5RZXQt5W0LnFlBGEaNjZ8F
+iO+NxOsTe7lsHFx4YLACl5IuI4vtr4J+wJFcXybyMVV2VBs39xhIpjJLMsap61zK
+xQvqNtO4qZHd/GPfxydOciYZC++7Efp51/yM8GiBZnBi3WVXZ8n61W2yytR2L3B5
+KUoiYPQvJ+127c3G5p31nLPcJVXbXH9mezxUfQcCggEABVvZOlpZ/FLd2n+SwgqJ
+3RL+qEJqWZpjWdxWMgB9gDXlqdmSK9YHeSU76EAiZmQSzgX1zdYrxX7z7NZi3Ms9
+4WfcgekRlNiJbxYQRmATcWezvGNAHNoBFNeYk86qkiRt5VWhoml6zRP5UpQ23NDK
+6ogbLeSgqm1XwJkK7/mupdNpPwem5Itjhp4XaqB64nIz6Mhny6/X29yfOR0n8ztI
+pTrlQ1UnGa7GQeUwapZKuYms+kNbPwOCh7Lbkz3bDjk6SP7dedroJgNtUQvZdB47
+EwmWLOtxlmPyzi9dLR/GWyLanjgCQg8puPqTnnBGorRHXtuEa8vYYNTSUgxpwYti
+wQKCAQBUGuaY+DucdDHLQnjUJoPuQ2vJ3TUhBjvcULZkM5iw9ufh68slDHdsYilb
+oeitxEG1PI0CzIXeYrFAA4N/8qnk1U3p8+GcV0t/H+wsyQwxWJDQqQDwNKr8xAcN
+VypU/98UsYUPvkF10wt2ET79A55walIOr2tlwF9ld1jlXq5acUbo908IF1MYKnzf
+f8wksf+IhRGdTQnGqQ5zU4yGQzYAqXGrdz8w/+qeHmhxbwjIeE0iPPBKJ8ifoEhL
+yaHSroW628wCCOdWUj1geEn5LWIER10F6iaOM7+t/0hANdgKDIyzkWlNWIPGbzrI
+UjeKMkKf5cN8UGo43577Ey4JCQFm
+-----END PRIVATE KEY-----
diff --git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf
index 6a87f2ec..209b7536 100644
--- a/data/conf/postfix/main.cf
+++ b/data/conf/postfix/main.cf
@@ -173,3 +173,36 @@ parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks
 
 # DO NOT EDIT ANYTHING BELOW #
 # Overrides #
+postscreen_dnsbl_sites = wl.mailspike.net=127.0.0.[18;19;20]*-2
+  hostkarma.junkemailfilter.com=127.0.0.1*-2
+  list.dnswl.org=127.0.[0..255].0*-2
+  list.dnswl.org=127.0.[0..255].1*-4
+  list.dnswl.org=127.0.[0..255].2*-6
+  list.dnswl.org=127.0.[0..255].3*-8
+  ix.dnsbl.manitu.net*2
+  bl.spamcop.net*2
+  bl.suomispam.net*2
+  hostkarma.junkemailfilter.com=127.0.0.2*3
+  hostkarma.junkemailfilter.com=127.0.0.4*2
+  hostkarma.junkemailfilter.com=127.0.1.2*1
+  backscatter.spameatingmonkey.net*2
+  bl.ipv6.spameatingmonkey.net*2
+  bl.spameatingmonkey.net*2
+  b.barracudacentral.org=127.0.0.2*7
+  bl.mailspike.net=127.0.0.2*5
+  bl.mailspike.net=127.0.0.[10;11;12]*4
+  dnsbl.sorbs.net=127.0.0.10*8
+  dnsbl.sorbs.net=127.0.0.5*6
+  dnsbl.sorbs.net=127.0.0.7*3
+  dnsbl.sorbs.net=127.0.0.8*2
+  dnsbl.sorbs.net=127.0.0.6*2
+  dnsbl.sorbs.net=127.0.0.9*2
+  zen.spamhaus.org=127.0.0.[10;11]*8
+  zen.spamhaus.org=127.0.0.[4..7]*6
+  zen.spamhaus.org=127.0.0.3*4
+  zen.spamhaus.org=127.0.0.2*3
+
+# User Overrides
+myhostname = mail.moveiton.net
+
diff --git a/docker-compose.yml b/docker-compose.yml
index cf0a028f..16789083 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -613,36 +613,6 @@ services:
           aliases:
             - ofelia
 
-    ipv6nat-mailcow:
-      depends_on:
-        - unbound-mailcow
-        - mysql-mailcow
-        - redis-mailcow
-        - clamd-mailcow
-        - rspamd-mailcow
-        - php-fpm-mailcow
-        - sogo-mailcow
-        - dovecot-mailcow
-        - postfix-mailcow
-        - memcached-mailcow
-        - nginx-mailcow
-        - acme-mailcow
-        - netfilter-mailcow
-        - watchdog-mailcow
-        - dockerapi-mailcow
-        - solr-mailcow
-      environment:
-        - TZ=${TZ}
-      image: robbertkl/ipv6nat
-      security_opt:
-        - label=disable
-      restart: always
-      privileged: true
-      network_mode: "host"
-      volumes:
-        - /var/run/docker.sock:/var/run/docker.sock:ro
-        - /lib/modules:/lib/modules:ro
-
 networks:
   mailcow-network:
     driver: bridge

Logs of iptables -L -vn:

Chain INPUT (policy DROP 594 packets, 29639 bytes)
 pkts bytes target     prot opt in     out     source               destination         
51136   37M MAILCOW    all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* mailcow */
51937   38M ufw-before-logging-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
51937   38M ufw-before-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  790 39667 ufw-after-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  594 29639 ufw-after-logging-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  594 29639 ufw-reject-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  594 29639 ufw-track-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 135K   48M MAILCOW    all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* mailcow */
 135K   48M DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
 135K   48M DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    2    80 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    1    40 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    1    44 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0           
87949   45M ACCEPT     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
41181 2538K DOCKER     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0           
 5900  503K ACCEPT     all  --  br-mailcow !br-mailcow  0.0.0.0/0            0.0.0.0/0           
19721 1185K ACCEPT     all  --  br-mailcow br-mailcow  0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-before-logging-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-before-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-after-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-after-logging-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-reject-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-track-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 5 packets, 275 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 287K  569M ufw-before-logging-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
 287K  569M ufw-before-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  790 52211 ufw-after-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  790 52211 ufw-after-logging-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  790 52211 ufw-reject-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
  790 52211 ufw-track-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    1    40 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:110
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:143
21419 1351K ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:993
    7   420 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:995
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:4190
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:12345
    1    40 ACCEPT     tcp  --  !docker0 docker0  0.0.0.0/0            172.17.0.2           tcp dpt:3306
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.6           tcp dpt:7080
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.6           tcp dpt:7443
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.249         tcp dpt:6379
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.9           tcp dpt:3306
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.10          tcp dpt:8983
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:25
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:465
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:587

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    1    44 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
 5900  503K DOCKER-ISOLATION-STAGE-2  all  --  br-mailcow !br-mailcow  0.0.0.0/0            0.0.0.0/0           
 135K   48M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0           
 5901  503K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 135K   48M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain MAILCOW (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            0.0.0.0/0            /* mailcow isolation */

Chain ufw-after-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-after-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:137
    0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:138
    0     0 ufw-skip-to-policy-input  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:139
  196 10028 ufw-skip-to-policy-input  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:445
    0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
    0     0 ufw-skip-to-policy-input  udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:68
    0     0 ufw-skip-to-policy-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  249 12352 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-after-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 12
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8
    0     0 ufw-user-forward  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-before-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
14921   24M ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
34776   14M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
   13   580 ufw-logging-deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
   13   580 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 12
  467 32098 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8
  152 53847 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:67 dpt:68
 1608 91135 ufw-not-local  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            224.0.0.251          udp dpt:5353
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            239.255.255.250      udp dpt:1900
 1608 91135 ufw-user-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-before-logging-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-logging-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-logging-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         
14921   24M ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0           
 271K  545M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
  790 52211 ufw-user-output  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-logging-allow (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "

Chain ufw-logging-deny (2 references)
 pkts bytes target     prot opt in     out     source               destination         
   13   580 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID limit: avg 3/min burst 10
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-not-local (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 1608 91135 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type MULTICAST
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type BROADCAST
    0     0 ufw-logging-deny  all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-reject-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-reject-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-reject-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-skip-to-policy-forward (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-skip-to-policy-input (7 references)
 pkts bytes target     prot opt in     out     source               destination         
  196 10028 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-skip-to-policy-output (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-track-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-track-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-track-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  484 29040 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW
  301 22896 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW

Chain ufw-user-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   30  1608 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
  220 13508 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443
    0     0 ACCEPT     tcp  --  *      *       94.158.83.159        0.0.0.0/0            multiport dports 20:21
    0     0 ACCEPT     tcp  --  *      *       94.158.83.159        0.0.0.0/0            multiport dports 49152:65534
    0     0 ACCEPT     tcp  --  *      *       95.158.32.238        0.0.0.0/0            multiport dports 20:21
    0     0 ACCEPT     tcp  --  *      *       95.158.32.238        0.0.0.0/0            multiport dports 49152:65534
    0     0 ACCEPT     tcp  --  *      *       95.158.32.238        0.0.0.0/0            tcp dpt:3306
    0     0 ACCEPT     tcp  --  *      *       94.158.83.159        0.0.0.0/0            tcp dpt:3306
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:465
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:587
  566 36224 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:993
    2   128 ACCEPT     tcp  --  *      *       94.158.83.159        0.0.0.0/0            tcp dpt:22
    0     0 ACCEPT     tcp  --  *      *       95.158.32.238        0.0.0.0/0            tcp dpt:22
    0     0 ACCEPT     tcp  --  *      *       95.158.32.238        0.0.0.0/0            tcp dpt:3310
    0     0 ACCEPT     tcp  --  *      *       94.158.83.159        0.0.0.0/0            tcp dpt:3310
    0     0 ACCEPT     tcp  --  *      *       95.158.32.238        0.0.0.0/0            tcp dpt:8443
    0     0 ACCEPT     tcp  --  *      *       94.158.83.159        0.0.0.0/0            tcp dpt:8443
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:443

Chain ufw-user-limit (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain ufw-user-limit-accept (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-user-logging-forward (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-logging-input (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-logging-output (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-output (1 references)
 pkts bytes target     prot opt in     out     source               destination

Logs of ip6tables -L -vn:

Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  588 36136 MAILCOW    all      *      *       ::/0                 ::/0                 /* mailcow */
  588 36136 ufw6-before-logging-input  all      *      *       ::/0                 ::/0                
  588 36136 ufw6-before-input  all      *      *       ::/0                 ::/0                
    0     0 ufw6-after-input  all      *      *       ::/0                 ::/0                
    0     0 ufw6-after-logging-input  all      *      *       ::/0                 ::/0                
    0     0 ufw6-reject-input  all      *      *       ::/0                 ::/0                
    0     0 ufw6-track-input  all      *      *       ::/0                 ::/0                

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
14113   11M MAILCOW    all      *      *       ::/0                 ::/0                 /* mailcow */
14187   11M DOCKER-USER  all      *      *       ::/0                 ::/0                
14187   11M DOCKER-ISOLATION-STAGE-1  all      *      *       ::/0                 ::/0                
    0     0 ACCEPT     all      *      docker0  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all      *      docker0  ::/0                 ::/0                
    0     0 ACCEPT     all      docker0 !docker0  ::/0                 ::/0                
    0     0 ACCEPT     all      docker0 docker0  ::/0                 ::/0                
 5674   10M ACCEPT     all      *      br-mailcow  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
 8513  585K DOCKER     all      *      br-mailcow  ::/0                 ::/0                
    0     0 ACCEPT     all      br-mailcow !br-mailcow  ::/0                 ::/0                
 8513  585K ACCEPT     all      br-mailcow br-mailcow  ::/0                 ::/0                
    0     0 ufw6-before-logging-forward  all      *      *       ::/0                 ::/0                
    0     0 ufw6-before-forward  all      *      *       ::/0                 ::/0                
    0     0 ufw6-after-forward  all      *      *       ::/0                 ::/0                
    0     0 ufw6-after-logging-forward  all      *      *       ::/0                 ::/0                
    0     0 ufw6-reject-forward  all      *      *       ::/0                 ::/0                
    0     0 ufw6-track-forward  all      *      *       ::/0                 ::/0                

Chain OUTPUT (policy ACCEPT 13 packets, 1528 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  817 93357 ufw6-before-logging-output  all      *      *       ::/0                 ::/0                
  817 93357 ufw6-before-output  all      *      *       ::/0                 ::/0                
   13  1528 ufw6-after-output  all      *      *       ::/0                 ::/0                
   13  1528 ufw6-after-logging-output  all      *      *       ::/0                 ::/0                
   13  1528 ufw6-reject-output  all      *      *       ::/0                 ::/0                
   13  1528 ufw6-track-output  all      *      *       ::/0                 ::/0                

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER-ISOLATION-STAGE-2  all      docker0 !docker0  ::/0                 ::/0                
    0     0 DOCKER-ISOLATION-STAGE-2  all      br-mailcow !br-mailcow  ::/0                 ::/0                
14187   11M RETURN     all      *      *       ::/0                 ::/0                

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all      *      docker0  ::/0                 ::/0                
    0     0 DROP       all      *      br-mailcow  ::/0                 ::/0                
    0     0 RETURN     all      *      *       ::/0                 ::/0                

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination         
14187   11M RETURN     all      *      *       ::/0                 ::/0                

Chain MAILCOW (2 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-after-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-after-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ufw6-skip-to-policy-input  udp      *      *       ::/0                 ::/0                 udp dpt:137
    0     0 ufw6-skip-to-policy-input  udp      *      *       ::/0                 ::/0                 udp dpt:138
    0     0 ufw6-skip-to-policy-input  tcp      *      *       ::/0                 ::/0                 tcp dpt:139
    0     0 ufw6-skip-to-policy-input  tcp      *      *       ::/0                 ::/0                 tcp dpt:445
    0     0 ufw6-skip-to-policy-input  udp      *      *       ::/0                 ::/0                 udp dpt:546
    0     0 ufw6-skip-to-policy-input  udp      *      *       ::/0                 ::/0                 udp dpt:547

Chain ufw6-after-logging-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all      *      *       ::/0                 ::/0                 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw6-after-logging-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all      *      *       ::/0                 ::/0                 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw6-after-logging-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-after-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-before-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all      *      *       ::/0                 ::/0                 rt type:0
    0     0 ACCEPT     all      *      *       ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 1
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 2
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 3
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 4
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 128
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 129
    0     0 ufw6-user-forward  all      *      *       ::/0                 ::/0                

Chain ufw6-before-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all      lo     *       ::/0                 ::/0                
    0     0 DROP       all      *      *       ::/0                 ::/0                 rt type:0
    0     0 ACCEPT     all      *      *       ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 129
    0     0 ufw6-logging-deny  all      *      *       ::/0                 ::/0                 ctstate INVALID
    0     0 DROP       all      *      *       ::/0                 ::/0                 ctstate INVALID
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 1
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 2
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 3
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 4
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 128
  320 17920 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 133 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 134 HL match HL == 255
  133  9576 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 135 HL match HL == 255
  135  8640 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 136 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 141 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 142 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 130
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 131
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 132
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 143
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 148 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 149 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 151 HL match HL == 1
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 152 HL match HL == 1
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 153 HL match HL == 1
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 144
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 145
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 146
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 147
    0     0 ACCEPT     udp      *      *       fe80::/10            fe80::/10            udp spt:547 dpt:546
    0     0 ACCEPT     udp      *      *       ::/0                 ff02::fb             udp dpt:5353
    0     0 ACCEPT     udp      *      *       ::/0                 ff02::f              udp dpt:1900
    0     0 ufw6-user-input  all      *      *       ::/0                 ::/0                

Chain ufw6-before-logging-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-before-logging-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-before-logging-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-before-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all      *      lo      ::/0                 ::/0                
    0     0 DROP       all      *      *       ::/0                 ::/0                 rt type:0
  507 70817 ACCEPT     all      *      *       ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 1
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 2
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 3
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 4
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 128
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 129
   11   616 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 133 HL match HL == 255
  133  8528 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 136 HL match HL == 255
  140 10080 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 135 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 134 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 141 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 142 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 130
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 131
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 132
   13  1788 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 143
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 148 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       ::/0                 ::/0                 ipv6-icmptype 149 HL match HL == 255
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 151 HL match HL == 1
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 152 HL match HL == 1
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0                 ipv6-icmptype 153 HL match HL == 1
   13  1528 ufw6-user-output  all      *      *       ::/0                 ::/0                

Chain ufw6-logging-allow (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all      *      *       ::/0                 ::/0                 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "

Chain ufw6-logging-deny (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all      *      *       ::/0                 ::/0                 ctstate INVALID limit: avg 3/min burst 10
    0     0 LOG        all      *      *       ::/0                 ::/0                 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw6-reject-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-reject-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-reject-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-skip-to-policy-forward (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all      *      *       ::/0                 ::/0                

Chain ufw6-skip-to-policy-input (6 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all      *      *       ::/0                 ::/0                

Chain ufw6-skip-to-policy-output (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all      *      *       ::/0                 ::/0                

Chain ufw6-track-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-track-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-track-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     tcp      *      *       ::/0                 ::/0                 ctstate NEW
    0     0 ACCEPT     udp      *      *       ::/0                 ::/0                 ctstate NEW

Chain ufw6-user-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-user-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     tcp      *      *       ::/0                 ::/0                 tcp dpt:80
    0     0 ACCEPT     tcp      *      *       ::/0                 ::/0                 tcp dpt:443
    0     0 ACCEPT     udp      *      *       ::/0                 ::/0                 udp dpt:443

Chain ufw6-user-limit (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all      *      *       ::/0                 ::/0                 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
    0     0 REJECT     all      *      *       ::/0                 ::/0                 reject-with icmp6-port-unreachable

Chain ufw6-user-limit-accept (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all      *      *       ::/0                 ::/0                

Chain ufw6-user-logging-forward (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-user-logging-input (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-user-logging-output (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw6-user-output (1 references)
 pkts bytes target     prot opt in     out     source               destination

Logs of iptables -L -vn -t nat:

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 4016  247K DOCKER     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER     all  --  *      *       0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 MASQUERADE  all  --  *      !docker0  172.17.0.0/16        0.0.0.0/0           
 3776  286K MASQUERADE  all  --  *      !br-mailcow  172.22.1.0/24        0.0.0.0/0           
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:110
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:143
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:993
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:995
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:4190
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:12345
    0     0 MASQUERADE  tcp  --  *      *       172.17.0.2           172.17.0.2           tcp dpt:3306
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.6           172.22.1.6           tcp dpt:7080
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.6           172.22.1.6           tcp dpt:7443
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.249         172.22.1.249         tcp dpt:6379
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.9           172.22.1.9           tcp dpt:3306
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.10          172.22.1.10          tcp dpt:8983
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:25
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:465
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:587

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  docker0 *       0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  br-mailcow *       0.0.0.0/0            0.0.0.0/0           
    1    40 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:110 to:172.22.1.250:110
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:143 to:172.22.1.250:143
 2450  157K DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:993 to:172.22.1.250:993
    3   180 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:995 to:172.22.1.250:995
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:4190 to:172.22.1.250:4190
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:19991 to:172.22.1.250:12345
    1    40 DNAT       tcp  --  !docker0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:3310 to:172.17.0.2:3306
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:7080 to:172.22.1.6:7080
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:7443 to:172.22.1.6:7443
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:7654 to:172.22.1.249:6379
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:13306 to:172.22.1.9:3306
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:18983 to:172.22.1.10:8983
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25 to:172.22.1.253:25
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:465 to:172.22.1.253:465
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:587 to:172.22.1.253:587

Logs of ip6tables -L -vn -t nat:

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER     all      *      *       ::/0                 ::/0                 ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER     all      *      *       ::/0                !::1                  ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 MASQUERADE  all      *      !docker0  fd00:dead:beef:c0::/80  ::/0                
    0     0 MASQUERADE  all      *      !br-mailcow  fd4d:6169:6c63:6f77::/64  ::/0                

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all      docker0 *       ::/0                 ::/0                
    0     0 RETURN     all      br-mailcow *       ::/0                 ::/0

DNS check:

104.18.32.7
172.64.155.249

The text was updated successfully, but these errors were encountered:

DerLinkman · 2024-10-01T13:53:16Z

docker-compose version or docker compose version:
1.26.2

Exactly there lies your problem :)

ka5itoshka added the bug label Sep 25, 2024

DerLinkman closed this as not planned Won't fix, can't repro, duplicate, stale Oct 1, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ERROR: Invalid interpolation format for "unbound-mailcow" option in service "services" #6090

ERROR: Invalid interpolation format for "unbound-mailcow" option in service "services" #6090

ka5itoshka commented Sep 25, 2024

DerLinkman commented Oct 1, 2024

ERROR: Invalid interpolation format for "unbound-mailcow" option in service "services" #6090

ERROR: Invalid interpolation format for "unbound-mailcow" option in service "services" #6090

Comments

ka5itoshka commented Sep 25, 2024

Contribution guidelines

I've found a bug and checked that ...

Description

Logs:

Steps to reproduce:

Which branch are you using?

Which architecture are you using?

Operating System:

Server/VM specifications:

Is Apparmor, SELinux or similar active?

Virtualization technology:

Docker version:

docker-compose version or docker compose version:

mailcow version:

Reverse proxy:

Logs of git diff:

Logs of iptables -L -vn:

Logs of ip6tables -L -vn:

Logs of iptables -L -vn -t nat:

Logs of ip6tables -L -vn -t nat:

DNS check:

DerLinkman commented Oct 1, 2024