mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
parent
e7efeda036
commit
62c20295f9
11
Dockerfile
11
Dockerfile
|
@ -1,12 +1,12 @@
|
||||||
FROM ubuntu:14.04
|
FROM ubuntu:14.04
|
||||||
MAINTAINER Thomas VIAL
|
MAINTAINER Thomas VIAL
|
||||||
|
|
||||||
# Default values
|
ENV DEBIAN_FRONTEND noninteractive
|
||||||
ENV VIRUSMAILS_DELETE_DELAY=7 \
|
ENV VIRUSMAILS_DELETE_DELAY=7
|
||||||
ONE_DIR=0
|
ENV ONE_DIR=0
|
||||||
|
|
||||||
# Packages
|
# Packages
|
||||||
RUN DEBIAN_FRONTEND=noninteractive apt-get update -q --fix-missing && \
|
RUN apt-get update -q --fix-missing && \
|
||||||
apt-get -y upgrade && \
|
apt-get -y upgrade && \
|
||||||
apt-get -y install --no-install-recommends \
|
apt-get -y install --no-install-recommends \
|
||||||
amavisd-new \
|
amavisd-new \
|
||||||
|
@ -38,6 +38,7 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get update -q --fix-missing && \
|
||||||
p7zip \
|
p7zip \
|
||||||
postfix \
|
postfix \
|
||||||
postfix-ldap \
|
postfix-ldap \
|
||||||
|
postfix-policyd-spf-python \
|
||||||
pyzor \
|
pyzor \
|
||||||
razor \
|
razor \
|
||||||
rsyslog \
|
rsyslog \
|
||||||
|
@ -144,5 +145,3 @@ CMD /usr/local/bin/start-mailserver.sh
|
||||||
|
|
||||||
|
|
||||||
ADD target/filebeat.yml.tmpl /etc/filebeat/filebeat.yml.tmpl
|
ADD target/filebeat.yml.tmpl /etc/filebeat/filebeat.yml.tmpl
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -42,7 +42,7 @@ smtpd_helo_required = yes
|
||||||
smtpd_delay_reject = yes
|
smtpd_delay_reject = yes
|
||||||
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, permit
|
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, permit
|
||||||
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
|
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
|
||||||
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination,
|
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policyd-spf,
|
||||||
reject_unauth_pipelining, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_recipient_domain,
|
reject_unauth_pipelining, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_recipient_domain,
|
||||||
reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net
|
reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net
|
||||||
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining
|
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining
|
||||||
|
@ -73,3 +73,6 @@ dkim_milter = inet:localhost:8891
|
||||||
dmarc_milter = inet:localhost:8893
|
dmarc_milter = inet:localhost:8893
|
||||||
smtpd_milters = $dkim_milter,$dmarc_milter
|
smtpd_milters = $dkim_milter,$dmarc_milter
|
||||||
non_smtpd_milters = $dkim_milter
|
non_smtpd_milters = $dkim_milter
|
||||||
|
|
||||||
|
# SPF policy settings
|
||||||
|
policyd-spf_time_limit = 3600
|
||||||
|
|
|
@ -63,6 +63,11 @@ mailman unix - n n - - pipe
|
||||||
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
|
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
|
||||||
${nexthop} ${user}
|
${nexthop} ${user}
|
||||||
|
|
||||||
|
#
|
||||||
|
# SPF configuration
|
||||||
|
#
|
||||||
|
policyd-spf unix - n n - 0 spawn
|
||||||
|
user=policyd-spf argv=/usr/bin/policyd-spf
|
||||||
|
|
||||||
#
|
#
|
||||||
# Amavis configuration
|
# Amavis configuration
|
||||||
|
|
|
@ -147,7 +147,7 @@ load 'test_helper/bats-assert/load'
|
||||||
|
|
||||||
@test "checking postgrey: there should be a log entry about a new greylisted e-mail user@external.tld in /var/log/mail/mail.log" {
|
@test "checking postgrey: there should be a log entry about a new greylisted e-mail user@external.tld in /var/log/mail/mail.log" {
|
||||||
#editing the postfix config in order to ensure that postgrey handles the test e-mail. The other spam checks at smtpd_recipient_restrictionswould interfere with it.
|
#editing the postfix config in order to ensure that postgrey handles the test e-mail. The other spam checks at smtpd_recipient_restrictionswould interfere with it.
|
||||||
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/permit_sasl_authenticated.*reject_unauth_destination,$//g' /etc/postfix/main.cf"
|
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/permit_sasl_authenticated.*policyd-spf,$//g' /etc/postfix/main.cf"
|
||||||
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/reject_unauth_pipelining.*reject_unknown_recipient_domain,$//g' /etc/postfix/main.cf"
|
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/reject_unauth_pipelining.*reject_unknown_recipient_domain,$//g' /etc/postfix/main.cf"
|
||||||
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/reject_rbl_client.*inet:127\.0\.0\.1:10023$//g' /etc/postfix/main.cf"
|
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/reject_rbl_client.*inet:127\.0\.0\.1:10023$//g' /etc/postfix/main.cf"
|
||||||
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/smtpd_recipient_restrictions = /smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10023/g' /etc/postfix/main.cf"
|
run docker exec mail_with_postgrey /bin/sh -c "sed -ie 's/smtpd_recipient_restrictions = /smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10023/g' /etc/postfix/main.cf"
|
||||||
|
|
Loading…
Reference in a new issue