mailcow: Confirmed A record with IP xxx.xxx.xxx.xxx, but HTTP validation failed

Found this happening in my new mailcow installation and could reproduce following the steps here https://docs.mailcow.email/post_installation/firststeps-ssl/#lets-encrypt-out-of-the-box to re-run the ACME plugin. Found lots of others complaining about this and recommendations to disable IP and HTTP checks.

Don’t do that! Instead fix your NAT reflection rules so that your containers can talk to your external IP address. With OPNsense I had to enable “Reflection for port forwards” AND “Automatic outbound NAT for Reflection.”

YMMV

Leave a Reply

Your email address will not be published. Required fields are marked *