In my testing, from the docker host, I can curl "https://publicsuffix.org" But from inside the container, it just times out.
It looks like mailman needs to contact publicsuffix.org when you set the "DMARC mitigation action" to "replace from with list address" The mailman core log shows
/list/public_suffix_list.dat (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x7f8b38d318a0>, 'Connection to publicsuffix.org timed out. (connect timeout=5)'))
I had another thread for this issue (https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/...), but started this one because it seems to just be an issue with the docker container not being able to get out to publicsuffix.org
I am running the maxking docker images version 0.4.3