The root cause for this was the Cloudron server had the hostname as "box.domain.com" (same as the relay). Debian/Ubuntu has a quirk that it will put the hostname in /etc/hosts to resolve as 127.0.1.1. This meant that when we try to set it as relay, it resolves to 127.0.1.1 instead of the actual IP.
To add to the confusion, I suggested using the host command which does not use /etc/hosts (i.e the nsswitch mechanisms) and uses only the DNS. If I had suggested using ping then we would have narrowed down the issue more quickly...
Anyway, the fix is simply to hostnamectl set-hostname somethingelse.domain.com and also edit /etc/hosts (for some reason, hostnamectl doesn't change hosts file even after reboot, 🤷 ).
@freetommy If I understand you correctly, what you are saying is that when email forwarding is enabled in rainloop, then the forwarding is done directly to the destination domain via port 25 instead of using Cloudron's email relay. Did I get that right?
@marcusquinn I think DNS automation (provider specific) atleast needs to come from elasticemail itself ideally. It's not possible to keep track of all the DNS records each provider wants to set and if it's even available with API. It's basically impossible to test on our side atleast.
@edapm Personally, I'm all-in with Hetzner, not free but the best value for features I've found, particularly having network DDoS protection as standard. Others recommended include Contabo and Scaleway.
If you're getting free (inclusive) stuff from Microsoft then I suppose that's decent. Personally, I'm all GitLab, so anything GitHub is second-choice.
I guess there's nothing truly free, including your time, but those are the options I recommend, otherwise it's support tickets to Azure and hope for their ability to allow for port needs.
And no, my mail relay does not accept IP whitelisting. It's not a proper mail relay service to be exact, but just a regular mail service with outgoing smtp for authenticated users.
Ah yes, someone was trying to do this with a gmail account as well sometime back (and more recently with a mailbox.org account). I think we have to implement this feature in Cloudron to make this use case work.