github-com-docker-mailserver/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2024-01-19 02:48:50 +00:00
Code Issues Projects Releases Wiki Activity

deploy: 9446fa9b9a

Browse source
This commit is contained in:
github-actions[bot] 2023-08-28 22:19:33 +00:00
parent 06f95fa6ba
commit 0077f9138c
4 changed files with 4 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
edge/config/advanced/auth-ldap/index.html
View file

@ -1638,8 +1638,7 @@
<details class="example" open="open"> <details class="example" open="open">
<summary>Example</summary> <summary>Example</summary>
<p>A really simple <code>LDAP_QUERY_FILTER</code> configuration, using only the <em>user filter</em> and allowing only <code>admin@*</code> to spoof any sender addresses.</p> <p>A really simple <code>LDAP_QUERY_FILTER</code> configuration, using only the <em>user filter</em> and allowing only <code>admin@*</code> to spoof any sender addresses.</p>
<div class="highlight"><pre><span></span><code><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ENABLE_LDAP=1</span><span class="w"> </span><span class="c1"># with the :edge tag, use ACCOUNT_PROVISIONER</span> <div class="highlight"><pre><span></span><code><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_START_TLS=yes</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_START_TLS=yes</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ACCOUNT_PROVISIONER=LDAP</span> <span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ACCOUNT_PROVISIONER=LDAP</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SERVER_HOST=ldap.example.org</span> <span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SERVER_HOST=ldap.example.org</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SEARCH_BASE=dc=example,dc=org&quot;</span> <span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SEARCH_BASE=dc=example,dc=org&quot;</span>
@ -1787,7 +1786,6 @@ update-ca-certificates
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ENABLE_POSTGREY=1</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ENABLE_POSTGREY=1</span>
<span class="w"> </span><span class="c1"># &gt;&gt;&gt; Postfix LDAP Integration</span> <span class="w"> </span><span class="c1"># &gt;&gt;&gt; Postfix LDAP Integration</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ENABLE_LDAP=1</span><span class="w"> </span><span class="c1"># with the :edge tag, use ACCOUNT_PROVISIONER</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ACCOUNT_PROVISIONER=LDAP</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ACCOUNT_PROVISIONER=LDAP</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SERVER_HOST=ldap.example.org</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SERVER_HOST=ldap.example.org</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_BIND_DN=cn=admin,ou=users,dc=example,dc=org</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_BIND_DN=cn=admin,ou=users,dc=example,dc=org</span>
@ -1855,7 +1853,6 @@ update-ca-certificates
<span class="w"> </span><span class="c1"># &lt;&lt;&lt; SASL Authentication</span> <span class="w"> </span><span class="c1"># &lt;&lt;&lt; SASL Authentication</span>
<span class="w"> </span><span class="c1"># &gt;&gt;&gt; Postfix Ldap Integration</span> <span class="w"> </span><span class="c1"># &gt;&gt;&gt; Postfix Ldap Integration</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ENABLE_LDAP=1</span><span class="w"> </span><span class="c1"># with the :edge tag, use ACCOUNT_PROVISIONER</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ACCOUNT_PROVISIONER=LDAP</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ACCOUNT_PROVISIONER=LDAP</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SERVER_HOST=&lt;yourLdapContainer/yourLdapServer&gt;</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SERVER_HOST=&lt;yourLdapContainer/yourLdapServer&gt;</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SEARCH_BASE=dc=mydomain,dc=loc</span> <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">LDAP_SEARCH_BASE=dc=mydomain,dc=loc</span>

18
edge/config/environment/index.html
View file

@ -1063,13 +1063,6 @@
<nav class="md-nav" aria-label="LDAP"> <nav class="md-nav" aria-label="LDAP">
<ul class="md-nav__list"> <ul class="md-nav__list">
<li class="md-nav__item">
<a href="#enable_ldap" class="md-nav__link">
ENABLE_LDAP
</a>
</li>
<li class="md-nav__item"> <li class="md-nav__item">
<a href="#ldap_start_tls" class="md-nav__link"> <a href="#ldap_start_tls" class="md-nav__link">
LDAP_START_TLS LDAP_START_TLS
@ -3036,13 +3029,6 @@
<nav class="md-nav" aria-label="LDAP"> <nav class="md-nav" aria-label="LDAP">
<ul class="md-nav__list"> <ul class="md-nav__list">
<li class="md-nav__item">
<a href="#enable_ldap" class="md-nav__link">
ENABLE_LDAP
</a>
</li>
<li class="md-nav__item"> <li class="md-nav__item">
<a href="#ldap_start_tls" class="md-nav__link"> <a href="#ldap_start_tls" class="md-nav__link">
LDAP_START_TLS LDAP_START_TLS
@ -3554,7 +3540,7 @@
<li>OIDC =&gt; use OIDC authentication (<strong>not yet implemented</strong>)</li> <li>OIDC =&gt; use OIDC authentication (<strong>not yet implemented</strong>)</li>
<li>FILE =&gt; use local files (this is used as the default)</li> <li>FILE =&gt; use local files (this is used as the default)</li>
</ul> </ul>
<p>A second container for the ldap service is necessary (e.g. <a href="https://github.com/osixia/docker-openldap">docker-openldap</a>)</p> <p>A second container for the ldap service is necessary (e.g. <a href="https://hub.docker.com/r/bitnami/openldap/"><code>bitnami/openldap</code></a>).</p>
<h5 id="permit_docker"><a class="toclink" href="#permit_docker">PERMIT_DOCKER</a></h5> <h5 id="permit_docker"><a class="toclink" href="#permit_docker">PERMIT_DOCKER</a></h5>
<p>Set different options for mynetworks option (can be overwrite in postfix-main.cf) <strong>WARNING</strong>: Adding the docker network's gateway to the list of trusted hosts, e.g. using the <code>network</code> or <code>connected-networks</code> option, can create an <a href="https://en.wikipedia.org/wiki/Open_mail_relay"><strong>open relay</strong></a>, for instance if IPv6 is enabled on the host machine but not in Docker.</p> <p>Set different options for mynetworks option (can be overwrite in postfix-main.cf) <strong>WARNING</strong>: Adding the docker network's gateway to the list of trusted hosts, e.g. using the <code>network</code> or <code>connected-networks</code> option, can create an <a href="https://en.wikipedia.org/wiki/Open_mail_relay"><strong>open relay</strong></a>, for instance if IPv6 is enabled on the host machine but not in Docker.</p>
<ul> <ul>
@ -4004,8 +3990,6 @@ If this is not set and reports are enabled with the old options, logrotate will
<li><strong>5</strong> =&gt; <code>getmail</code> The number of minutes for the interval. Min: 1; Max: 30; Default: 5.</li> <li><strong>5</strong> =&gt; <code>getmail</code> The number of minutes for the interval. Min: 1; Max: 30; Default: 5.</li>
</ul> </ul>
<h4 id="ldap"><a class="toclink" href="#ldap">LDAP</a></h4> <h4 id="ldap"><a class="toclink" href="#ldap">LDAP</a></h4>
<h5 id="enable_ldap"><a class="toclink" href="#enable_ldap">ENABLE_LDAP</a></h5>
<p>Deprecated. See <a href="#account_provisioner"><code>ACCOUNT_PROVISIONER</code></a>.</p>
<h5 id="ldap_start_tls"><a class="toclink" href="#ldap_start_tls">LDAP_START_TLS</a></h5> <h5 id="ldap_start_tls"><a class="toclink" href="#ldap_start_tls">LDAP_START_TLS</a></h5>
<ul> <ul>
<li><strong>empty</strong> =&gt; no</li> <li><strong>empty</strong> =&gt; no</li>

3
edge/examples/use-cases/forward-only-mailserver-with-ldap-authentication/index.html
View file

@ -1514,8 +1514,7 @@
</code></pre></div> </code></pre></div>
<h2 id="authenticating-with-ldap"><a class="toclink" href="#authenticating-with-ldap">Authenticating with LDAP</a></h2> <h2 id="authenticating-with-ldap"><a class="toclink" href="#authenticating-with-ldap">Authenticating with LDAP</a></h2>
<p>If you want to send emails from outside the mail server you have to authenticate somehow (with a username and password). One way of doing it is described in <a href="https://github.com/docker-mailserver/docker-mailserver/issues/1247">this discussion</a>. However if there are many user accounts, it is better to use authentication with LDAP. The settings for this on <code>mailserver.env</code> are:</p> <p>If you want to send emails from outside the mail server you have to authenticate somehow (with a username and password). One way of doing it is described in <a href="https://github.com/docker-mailserver/docker-mailserver/issues/1247">this discussion</a>. However if there are many user accounts, it is better to use authentication with LDAP. The settings for this on <code>mailserver.env</code> are:</p>
<div class="highlight"><pre><span></span><code><span class="na">ENABLE_LDAP</span><span class="o">=</span><span class="s">1 # with the :edge tag, use ACCOUNT_PROVISIONER</span> <div class="highlight"><pre><span></span><code><span class="na">ACCOUNT_PROVISIONER</span><span class="o">=</span><span class="s">LDAP</span>
<span class="na">ACCOUNT_PROVISIONER</span><span class="o">=</span><span class="s">LDAP</span>
<span class="na">LDAP_START_TLS</span><span class="o">=</span><span class="s">yes</span> <span class="na">LDAP_START_TLS</span><span class="o">=</span><span class="s">yes</span>
<span class="na">LDAP_SERVER_HOST</span><span class="o">=</span><span class="s">ldap.example.org</span> <span class="na">LDAP_SERVER_HOST</span><span class="o">=</span><span class="s">ldap.example.org</span>
<span class="na">LDAP_SEARCH_BASE</span><span class="o">=</span><span class="s">ou=users,dc=example,dc=org</span> <span class="na">LDAP_SEARCH_BASE</span><span class="o">=</span><span class="s">ou=users,dc=example,dc=org</span>

2
edge/search/search_index.json
View file

File diff suppressed because one or more lines are too long