Stalwart WebUI Bad Gateway

Issues
1

Issue Description

Webinterface not available, I get a Bad Gateway error message when I try to view https://mail.kuhnwebservices.de

Expected Behavior

A login page should appear

Actual Behavior

Bad Gateway

Reproduction Steps

not available

Relevant Log Output

nothing logged

Stalwart Version

v0.15.x

Installation Method

Docker

Database Backend

RocksDB

Blob Storage

RocksDB

Search Engine

Internal

Directory Backend

Internal

Additional Context

The mailserver is running as usual. Only the webinterface is not available. It is running through traefik. Interesting is, that nothing has changed, except a server reboot. I do not know since whe this error persists, I do not enter the WebUI often. As I am pretty new I am not sure what information could be neccessary.

My traefik configuration:

labels:
      - "traefik.enable=true"

 # Web UI (HTTPS) for mail.kuhnwebservices.de
  - "traefik.http.routers.stalwart-mail.rule=Host(`mail.kuhnwebservices.de`)"
  - "traefik.http.routers.stalwart-mail.entrypoints=websecure"
  - "traefik.http.routers.stalwart-mail.tls.certresolver=le"
  - "traefik.http.routers.stalwart-mail.service=stalwart-mail"
  - "traefik.http.services.stalwart-mail.loadbalancer.server.port=8080"

  # Autodiscover
  - "traefik.http.routers.stalwart-autodiscover.rule=Host(`autodiscover.kuhnwebservices.de`)"
  - "traefik.http.routers.stalwart-autodiscover.entrypoints=websecure"
  - "traefik.http.routers.stalwart-autodiscover.tls.certresolver=le"
  - "traefik.http.routers.stalwart-autodiscover.service=stalwart-autodiscover"
  - "traefik.http.services.stalwart-autodiscover.loadbalancer.server.port=8080"

  # Autoconfig
  - "traefik.http.routers.stalwart-autoconfig.rule=Host(`autoconfig.kuhnwebservices.de`)"
  - "traefik.http.routers.stalwart-autoconfig.entrypoints=websecure"
  - "traefik.http.routers.stalwart-autoconfig.tls.certresolver=le"
  - "traefik.http.routers.stalwart-autoconfig.service=stalwart-autoconfig"
  - "traefik.http.services.stalwart-autoconfig.loadbalancer.server.port=8080"

  # MTA-STS
  - "traefik.http.routers.stalwart-mtasts.rule=Host(`mta-sts.kuhnwebservices.de`)"
  - "traefik.http.routers.stalwart-mtasts.entrypoints=websecure"
  - "traefik.http.routers.stalwart-mtasts.tls.certresolver=le"
  - "traefik.http.routers.stalwart-mtasts.service=stalwart-mtasts"
  - "traefik.http.services.stalwart-mtasts.loadbalancer.server.port=8080"

Thank you for your help.

I have reviewed the documentation and FAQ and confirm that my issue is NOT addressed there.

on

I have searched this support forum (open and closed topics) and confirm this is not a duplicate.

on

I understand that topics in this category are triaged by a bot first but a human reply will follow up. If I’d prefer a human-only reply, I’ll add the no-ai tag to my topic.

on

2

The “Bad Gateway” from Traefik means Traefik can reach your domain but cannot connect to the Stalwart backend. Since nothing changed except a server reboot, the most likely causes are:

  1. The Stalwart container is not running or not healthy. Check with docker ps – if the container exited or is restarting, that is your problem. Review its logs with docker logs <container_name>.

  2. The HTTP/HTTPS listener port inside Stalwart is not bound or is misconfigured. Traefik proxies to a specific port on the Stalwart container (commonly 8080 for the web admin UI). After a reboot, confirm the container started cleanly and is actually listening on that port.

  3. Traefik’s dynamic config still points to the old container IP/name. After a reboot Docker may reassign container IPs. If you use label-based Traefik config this is usually automatic, but verify the Traefik service/router labels on the Stalwart container are correct and that Traefik picked them up (docker logs <traefik_container>).

Troubleshooting steps to try:

  • docker ps -a – confirm the Stalwart container is Up (not Exited)
  • docker logs <stalwart_container> --tail 100 – look for startup errors
  • From inside the Docker network, curl http://<stalwart_container>:<port>/ – confirm Stalwart itself responds
  • Check Traefik’s dashboard or logs for the backend health of the Stalwart service

Since you are on v0.15.x, the WebUI is served by the Stalwart process itself on the configured HTTP listener port – there is no separate component. If the mail server is working (SMTP/IMAP), the process is running, but the HTTP listener may have failed to bind (e.g. port conflict after reboot) or Traefik’s routing to it broke.

A “Bad Gateway” error from Traefik almost always means Traefik can reach the Docker network but the Stalwart container is not listening on the port Traefik is trying to forward to. Since the mail server itself is working (SMTP/IMAP), the issue is specifically with the HTTP service that serves the WebUI.

Here are the most common causes and checks to work through:

1. Verify the Stalwart container is actually running and its HTTP port is up

docker ps | grep stalwart
docker logs stalwart --tail 50

Look for any errors on startup, especially around the HTTP listener binding.

2. Check the Traefik label for the correct backend port

According to the Stalwart docs for Traefik, the HTTP service label should point to port 8080:

- traefik.http.services.mailserver.loadbalancer.server.port=8080

Make sure your docker-compose.yml (or however your stack is defined) uses port 8080 as the backend port for the HTTP/WebUI service. If Stalwart’s internal HTTP listener was reconfigured to a different port, Traefik won’t be able to reach it.

3. Confirm the container is on the same Docker network as Traefik

After a server reboot, Docker networks sometimes need to be recreated, or containers may start in the wrong order. Verify the Stalwart container is attached to the same network Traefik uses:

docker network inspect traefik_proxy   # or whatever your proxy network is named

The Stalwart container should appear in the Containers list.

4. Check Traefik’s own dashboard/logs for the upstream health

docker logs traefik --tail 50

Traefik will often log exactly why it is returning 502 (e.g., “no healthy upstream”, “connection refused”).

5. After a reboot: restart order matters

If Traefik starts before Stalwart is ready, it may mark the backend as unhealthy. Try:

docker restart stalwart

and then re-test the WebUI.

The official Traefik + Stalwart setup guide is at: Traefik | Stalwart

This is an automated reply from the Stalwart Help Bot. Other community members may follow up if this answer is incomplete or wrong.

3

It started working automatically