Miscellaneous first checks

• I checked that all ports are open and not blocked by my ISP / hosting provider.
• I know that SSL errors are likely the result of a wrong setup on the user side and not caused by DMS itself. I'm confident my setup is correct.

Affected Component(s)

Documentation or setup.sh

What happened and when does this occur?

Docker configures the host firewall to support exposed ports.

While this is nice, it conflicts with UFW, which does not show the firewall rules docker inserts. As a result, the output of ufw status looks like this:

Status: active

To                         Action      From
--                         ------      ----
22/tcp on eth0             ALLOW       Anywhere   

However, all exposed ports of docker-mailserver are actually allowed.

This is of course not a bug in docker-mailserver but an inconsistency between ufw and docker. But since you mentioned in your documentation that the firewall has to be set up to support mailserver and actually use ufw as an example, you should instead mention this problem or solve it, for example using:

• https://github.com/chaifeng/ufw-docker

What did you expect to happen?

I would expect docker not to do it's own firewalling and if a project is based on docker and proposes to use ufw to open the firewall to support the container, then it should mention this issue.

My proposal is to prominently mention that docker does this kind of firewall setup on Linux and conflicts with tools like ufw.

As it stands now, users reading your instructions opening a subset of ports using ufw will almost certainly miss that all ports exposed through port mappings are automagically also accessible from the outside bypassing ufw.

How do we replicate the issue?

1. Install a base ubuntu (or any distro supporting ufw)
2. Install docker-ce using the docker APT repository
3. Configure ufw to deny incoming traffic by default (opening whatever is otherwise needed)
4. Install docker-mailserver normally, but don't do any specific ufw setup for mail-related ports
5. Verify that all exposed ports are accessible despite no specific firewall setup
6. Verify that ufw shows no rules allowing access to mail-related ports.

Looking at iptables -t filter -L shows the rules docker inserts.

DMS version

v11.3.0

What operating system is DMS running on?

Linux

Which operating system version?

Ubuntu 22.04

What instruction set architecture is DMS running on?

AMD64 / x86_64

What container orchestration tool are you using?

Docker

docker-compose.yml

No response

Relevant log output

No response

Other relevant information

No response

What level of experience do you have with Docker and mail servers?

• I am inexperienced with docker
• I am rather experienced with docker
• I am inexperienced with mail servers
• I am rather experienced with mail servers
• I am uncomfortable with the CLI
• I am rather comfortable with the CLI

Code of conduct

• I have read this project's Code of Conduct and I agree
• I have read the README and the documentation and I searched the issue tracker but could not find a solution

Improvements to this form?

No response