Yes, that's it. It seems to be a complete recipe that gets a main server online and when I followed, every step worked as documented and it seems to be up.
I created an email user account with username and pw (joe@mydomain.org / 1Password).
The container name is "mailserver".
The container has a hostname "mail", a dedicated docker network ("mail", 10.10.214.0/16, driver: Bridge) and static IP address (ipv4_address: 10.10.214.2). The domain variable is set in the ~/mailserver/compose.yaml (domainname: mydomain.org) file is my registered domain name (it is not mydomain.org, but I'm using that here).
My on-site MS DNS server has an A-record / PTR for "mail.mydomain.org" / 10.10.214.2 and an MX 10 record for mail.mydomain.org and a TXT record.
When I log into the container, the hostname, hostname -f & hostname -i show the expected results.
The "docker inspect mailserver_mail" shows the running container named "mailserver" and it's IP address.
If I use Outlook's new account setup for IMAP and the hostname "mail.mydomin.org" for the IMAP server's for inbound (port 143) and outbound (ports 465, 587 or 993), it seems to connect to the IMAP Outbound port and then fails on of the outbound IMAP ports (using every combination for TLS and with or without the password
If nginx is needed, I would have expected that to be in the recipe for the mail server. At the very least a comment like "An nginex proxy/load balancer is needed" with a link to that recipe.
If I change it to use the docker host's FQDN, then it fails when the cert doesn't match the hostname (there is no cert installed on the host).
This comment has two answers:
- I included the steps to set the docker host's FW (firewallctl) to open all the needed ports (25, 80, 143, 443, 465, 587 & 993) before I really started and then checked the ports are open with a service running behind them with Zenmap on the docker host.
- If the "real" mail server is the docker host (rocky-mini-01), then shouldn't the answer be to add the cert to that host? And then change all the DNS records to a host named "rocky-mini-01" instead of "mail"? And if I did that, could I create an a CNAME for "mail" that uses "rocky-mini-01"?
Thanks