As the message explains, you don't have an A (for IPv4) or AAAA (for IPv6) record in your DNS. The HTTP Challenge requires one or both. And, anyone trying to use your webmail will also need that to locate your IP.
No valid A or AAAA records could be ultimately resolved for webmail.copyself.com. This means that Let's Encrypt would not be able to connect to your domain to perform HTTP validation, since it would not know where to connect to.
No A or AAAA records found.
But webmail shows NXD, so that FQDN must be private.
So, the "and" in my sentence should have been an "or an":
You can't obtain a certificate from a publicly trusted root CA for a private, and or an unregistered, domain using HTTP-01 authentication.
It's probably better to specify "subdomain" in this case instead of "domain" when talking about the webmail subdomain. And perhaps "unregistered" is also not the term I personally would use for a subdomain. Perhaps "unconfigured" or "unknown" is better? This to make the distinction between a subdomain which one usually easily can add to their DNS zone editor and a "registered domain" for which you (usually) need to pay a registar money.
Yeah, no, most of those hosts/values are actually NOT configured in the authorative name servers for copyself.com. E.g., if I look at www.copyself.com, I'm getting an A RR from ns[abc].bookmyname.com and not the CNAME you're showing here. So I have no clue from where these "DNS Settings" are, but they aren't actually working.