github-com-docker-mailserver/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2024-01-19 02:48:50 +00:00
Code Issues Projects Releases Wiki Activity

deploy: c461dabe9e

Browse source
This commit is contained in:
github-actions[bot] 2023-05-10 09:03:19 +00:00
parent 01d120d8ed
commit dbec53166c
20 changed files with 113 additions and 113 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
edge/config/advanced/full-text-search/index.html
View file

@ -1607,7 +1607,7 @@ service indexer-worker {
<p>adjust the settings to tune for your desired memory limits, exclude folders and enable searching text inside of attachments</p>
</li>
<li>
<p>Update <code>docker-compose.yml</code> to load the previously created dovecot plugin config file:</p>
<p>Update <code>compose.yaml</code> to load the previously created dovecot plugin config file:</p>
<div class="highlight"><pre><span></span><code><span class="w"> </span><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ghcr.io/docker-mailserver/docker-mailserver:latest</span>
@ -1635,18 +1635,18 @@ service indexer-worker {
</li>
<li>
<p>Recreate containers:</p>
<div class="highlight"><pre><span></span><code>docker-compose down
docker-compose up -d
<div class="highlight"><pre><span></span><code>docker compose down
docker compose up -d
</code></pre></div>
</li>
<li>
<p>Initialize indexing on all users for all mail:</p>
<div class="highlight"><pre><span></span><code>docker-compose exec mailserver doveadm index -A -q \*
<div class="highlight"><pre><span></span><code>docker compose exec mailserver doveadm index -A -q \*
</code></pre></div>
</li>
<li>
<p>Run the following command in a daily cron job:</p>
<p><div class="highlight"><pre><span></span><code>docker-compose exec mailserver doveadm fts optimize -A
<p><div class="highlight"><pre><span></span><code>docker compose exec mailserver doveadm fts optimize -A
</code></pre></div>
Or like the <a href="../../../faq/#how-can-i-make-spamassassin-better-recognize-spam">Spamassassin example</a> shows, you can instead use <code>cron</code> from within DMS to avoid potential errors if the mail server is not running:</p>
</li>
@ -1654,7 +1654,7 @@ Or like the <a href="../../../faq/#how-can-i-make-spamassassin-better-recognize-
<details class="example">
<summary>Example</summary>
<p>Create a <em>system</em> cron file:</p>
<div class="highlight"><pre><span></span><code><span class="c1"># in the docker-compose.yml root directory</span>
<div class="highlight"><pre><span></span><code><span class="c1"># in the compose.yaml root directory</span>
mkdir<span class="w"> </span>-p<span class="w"> </span>./docker-data/dms/cron<span class="w"> </span><span class="c1"># if you didn&#39;t have this folder before</span>
touch<span class="w"> </span>./docker-data/dms/cron/fts_xapian
chown<span class="w"> </span>root:root<span class="w"> </span>./docker-data/dms/cron/fts_xapian
@ -1669,7 +1669,7 @@ chmod<span class="w"> </span><span class="m">0644</span><span class="w"> </span>
<span class="c1"># Everyday 4:00AM, optimize index files</span>
<span class="na">0 4 * * * root doveadm fts optimize -A</span>
</code></pre></div>
<p>Then with <code>docker-compose.yml</code>:</p>
<p>Then with <code>compose.yaml</code>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ghcr.io/docker-mailserver/docker-mailserver:latest</span>
@ -1684,7 +1684,7 @@ chmod<span class="w"> </span><span class="m">0644</span><span class="w"> </span>
<h4 id="setup_1"><a class="toclink" href="#setup_1">Setup</a></h4>
<ol>
<li>
<p><code>docker-compose.yml</code>:</p>
<p><code>compose.yaml</code>:</p>
<div class="highlight"><pre><span></span><code><span class="w"> </span><span class="nt">solr</span><span class="p">:</span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">lmmdock/dovecot-solr:latest</span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span>
@ -1714,10 +1714,10 @@ chmod<span class="w"> </span><span class="m">0644</span><span class="w"> </span>
</code></pre></div>
</li>
<li>
<p>Recreate containers: <code>docker-compose down ; docker-compose up -d</code></p>
<p>Recreate containers: <code>docker compose down ; docker compose up -d</code></p>
</li>
<li>
<p>Flag all user mailbox FTS indexes as invalid, so they are rescanned on demand when they are next searched: <code>docker-compose exec mailserver doveadm fts rescan -A</code></p>
<p>Flag all user mailbox FTS indexes as invalid, so they are rescanned on demand when they are next searched: <code>docker compose exec mailserver doveadm fts rescan -A</code></p>
</li>
</ol>
<h4 id="further-discussion"><a class="toclink" href="#further-discussion">Further Discussion</a></h4>

2
edge/config/advanced/ipv6/index.html
View file

@ -1489,7 +1489,7 @@
<p>If your container host supports IPv6, then DMS will automatically accept IPv6 connections by way of the docker host's IPv6. However, incoming mail will fail SPF checks because they will appear to come from the IPv4 gateway that docker is using to proxy the IPv6 connection (<code>172.20.0.1</code> is the gateway).</p>
<p>This can be solved by supporting IPv6 connections all the way to the DMS container.</p>
<h2 id="setup-steps"><a class="toclink" href="#setup-steps">Setup steps</a></h2>
<div class="highlight"><pre><span></span><code><span class="gi">+++ b/serv/docker-compose.yml</span>
<div class="highlight"><pre><span></span><code><span class="gi">+++ b/serv/compose.yaml</span>
<span class="gu">@@ ... @@ services:</span>
<span class="gi">+ ipv6nat:</span>

4
edge/config/advanced/mail-fetchmail/index.html
View file

@ -1525,7 +1525,7 @@
<h1>Email Gathering with Fetchmail</h1>
<p>To enable the <a href="https://www.fetchmail.info">fetchmail</a> service to retrieve e-mails set the environment variable <code>ENABLE_FETCHMAIL</code> to <code>1</code>. Your <code>docker-compose.yml</code> file should look like following snippet:</p>
<p>To enable the <a href="https://www.fetchmail.info">fetchmail</a> service to retrieve e-mails set the environment variable <code>ENABLE_FETCHMAIL</code> to <code>1</code>. Your <code>compose.yaml</code> file should look like following snippet:</p>
<div class="highlight"><pre><span></span><code><span class="nt">environment</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ENABLE_FETCHMAIL=1</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">FETCHMAIL_POLL=300</span>
@ -1536,7 +1536,7 @@
│   ├── fetchmail.cf
│   ├── postfix-accounts.cf
│   └── postfix-virtual.cf
├── docker-compose.yml
├── compose.yaml
└── README.md
</code></pre></div>
<h2 id="configuration"><a class="toclink" href="#configuration">Configuration</a></h2>

2
edge/config/advanced/mail-sieve/index.html
View file

@ -1548,7 +1548,7 @@ If any filter in this filtering chain discards an incoming mail, the delivery pr
<p>The <a href="https://doc.dovecot.org/admin_manual/pigeonhole_managesieve_server/">Manage Sieve</a> extension allows users to modify their Sieve script by themselves. The authentication mechanisms are the same as for the main dovecot service. ManageSieve runs on port <code>4190</code> and needs to be enabled using the <code>ENABLE_MANAGESIEVE=1</code> environment variable.</p>
<div class="admonition example">
<p class="admonition-title">Example</p>
<div class="highlight"><pre><span></span><code><span class="c1"># docker-compose.yml</span>
<div class="highlight"><pre><span></span><code><span class="c1"># compose.yaml</span>
<span class="nt">ports</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;4190:4190&quot;</span>
<span class="nt">environment</span><span class="p">:</span>

4
edge/config/advanced/maintenance/update-and-cleanup/index.html
View file

@ -1474,7 +1474,7 @@
<h2 id="automatic-update"><a class="toclink" href="#automatic-update">Automatic Update</a></h2>
<p>Docker images are handy but it can become a hassle to keep them updated. Also when a repository is automated you want to get these images when they get out.</p>
<p>One could setup a complex action/hook-based workflow using probes, but there is a nice, easy to use docker image that solves this issue and could prove useful: <a href="https://hub.docker.com/r/containrrr/watchtower"><code>watchtower</code></a>.</p>
<p>A docker-compose example:</p>
<p>A Docker Compose example:</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">watchtower</span><span class="p">:</span>
<span class="w"> </span><span class="nt">restart</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">always</span>
@ -1485,7 +1485,7 @@
<p>For more details, see the <a href="https://containrrr.github.io/watchtower/">manual</a></p>
<h2 id="automatic-cleanup"><a class="toclink" href="#automatic-cleanup">Automatic Cleanup</a></h2>
<p>When you are pulling new images in automatically, it would be nice to have them cleaned up as well. There is also a docker image for this: <a href="https://hub.docker.com/r/spotify/docker-gc/"><code>spotify/docker-gc</code></a>.</p>
<p>A docker-compose example:</p>
<p>A Docker Compose example:</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">docker-gc</span><span class="p">:</span>
<span class="w"> </span><span class="nt">restart</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">always</span>

2
edge/config/advanced/override-defaults/dovecot/index.html
View file

@ -1493,7 +1493,7 @@
│ ├── dovecot.cf
│ ├── postfix-accounts.cf
│ └── postfix-virtual.cf
├── docker-compose.yml
├── compose.yaml
└── README.md
</code></pre></div>
<p>One common option to change is the maximum number of connections per user:</p>

20
edge/config/advanced/podman/index.html
View file

@ -1622,7 +1622,7 @@ Make sure to read the related documentation.</p>
</div>
<h2 id="installation-in-rootfull-mode"><a class="toclink" href="#installation-in-rootfull-mode">Installation in Rootfull Mode</a></h2>
<p>While using Podman, you can just manage docker-mailserver as what you did with Docker. Your best friend <code>setup.sh</code> includes the minimum code in order to support Podman since it's 100% compatible with the Docker CLI.</p>
<p>The installation is basically the same. Podman v3.2 introduced a RESTful API that is 100% compatible with the Docker API, so you can use docker-compose with Podman easily. Install Podman and docker-compose with your package manager first.</p>
<p>The installation is basically the same. Podman v3.2 introduced a RESTful API that is 100% compatible with the Docker API, so you can use Docker Compose with Podman easily. Install Podman and Docker Compose with your package manager first.</p>
<div class="highlight"><pre><span></span><code>sudo<span class="w"> </span>dnf<span class="w"> </span>install<span class="w"> </span>podman<span class="w"> </span>docker-compose
</code></pre></div>
<p>Then enable <code>podman.socket</code> using <code>systemctl</code>.</p>
@ -1630,8 +1630,8 @@ Make sure to read the related documentation.</p>
</code></pre></div>
<p>This will create a unix socket locate under <code>/run/podman/podman.sock</code>, which is the entrypoint of Podman's API. Now, configure docker-mailserver and start it.</p>
<div class="highlight"><pre><span></span><code><span class="nb">export</span><span class="w"> </span><span class="nv">DOCKER_HOST</span><span class="o">=</span><span class="s2">&quot;unix:///run/podman/podman.sock&quot;</span>
docker-compose<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>mailserver
docker-compose<span class="w"> </span>ps
docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>mailserver
docker<span class="w"> </span>compose<span class="w"> </span>ps
</code></pre></div>
<p>You should see that docker-mailserver is running now.</p>
<h3 id="self-start-in-rootfull-mode"><a class="toclink" href="#self-start-in-rootfull-mode">Self-start in Rootfull Mode</a></h3>
@ -1655,7 +1655,7 @@ systemctl<span class="w"> </span><span class="nb">enable</span><span class="w">
<p>First, enable <code>podman.socket</code> in systemd's userspace with a non-root user.</p>
<div class="highlight"><pre><span></span><code>systemctl<span class="w"> </span><span class="nb">enable</span><span class="w"> </span>--now<span class="w"> </span>--user<span class="w"> </span>podman.socket
</code></pre></div>
<p>The socket file should be located at <code>/var/run/user/$(id -u)/podman/podman.sock</code>. Then, modify <code>docker-compose.yml</code> to make sure all ports are bindings are on non-privileged ports.</p>
<p>The socket file should be located at <code>/var/run/user/$(id -u)/podman/podman.sock</code>. Then, modify <code>compose.yaml</code> to make sure all ports are bindings are on non-privileged ports.</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">ports</span><span class="p">:</span>
@ -1665,21 +1665,21 @@ systemctl<span class="w"> </span><span class="nb">enable</span><span class="w">
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;10587:587&quot;</span><span class="w"> </span><span class="c1"># ESMTP (explicit TLS =&gt; STARTTLS)</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;10993:993&quot;</span><span class="w"> </span><span class="c1"># IMAP4 (implicit TLS)</span>
</code></pre></div>
<p>Then, setup your <code>mailserver.env</code> file follow the documentation and use docker-compose to start the container.</p>
<p>Then, setup your <code>mailserver.env</code> file follow the documentation and use Docker Compose to start the container.</p>
<div class="highlight"><pre><span></span><code><span class="nb">export</span><span class="w"> </span><span class="nv">DOCKER_HOST</span><span class="o">=</span><span class="s2">&quot;unix:///var/run/user/</span><span class="k">$(</span>id<span class="w"> </span>-u<span class="k">)</span><span class="s2">/podman/podman.sock&quot;</span>
docker-compose<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>mailserver
docker-compose<span class="w"> </span>ps
docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>mailserver
docker<span class="w"> </span>compose<span class="w"> </span>ps
</code></pre></div>
<h3 id="security-in-rootless-mode"><a class="toclink" href="#security-in-rootless-mode">Security in Rootless Mode</a></h3>
<p>In rootless mode, podman resolves all incoming IPs as localhost, which results in an open gateway in the default configuration. There are two workarounds to fix this problem, both of which have their own drawbacks.</p>
<h4 id="enforce-authentication-from-localhost"><a class="toclink" href="#enforce-authentication-from-localhost">Enforce authentication from localhost</a></h4>
<p>The <code>PERMIT_DOCKER</code> variable in the <code>mailserver.env</code> file allows to specify trusted networks that do not need to authenticate. If the variable is left empty, only requests from localhost and the container IP are allowed, but in the case of rootless podman any IP will be resolved as localhost. Setting <code>PERMIT_DOCKER=none</code> enforces authentication also from localhost, which prevents sending unauthenticated emails.</p>
<h4 id="use-the-slip4netns-network-driver"><a class="toclink" href="#use-the-slip4netns-network-driver">Use the slip4netns network driver</a></h4>
<p>The second workaround is slightly more complicated because the <code>docker-compose.yml</code> has to be modified.
<p>The second workaround is slightly more complicated because the <code>compose.yaml</code> has to be modified.
As shown in the <a href="../../security/fail2ban/#podman-with-slirp4netns-port-driver">fail2ban section</a> the <code>slirp4netns</code> network driver has to be enabled.
This network driver enables podman to correctly resolve IP addresses but it is not compatible with
user defined networks which might be a problem depending on your setup.</p>
<p><a href="https://github.com/containers/podman/blob/v3.4.1/docs/source/markdown/podman-run.1.md#--networkmode---net">Rootless Podman</a> requires adding the value <code>slirp4netns:port_handler=slirp4netns</code> to the <code>--network</code> CLI option, or <code>network_mode</code> setting in your <code>docker-compose.yml</code>.</p>
<p><a href="https://github.com/containers/podman/blob/v3.4.1/docs/source/markdown/podman-run.1.md#--networkmode---net">Rootless Podman</a> requires adding the value <code>slirp4netns:port_handler=slirp4netns</code> to the <code>--network</code> CLI option, or <code>network_mode</code> setting in your <code>compose.yaml</code>.</p>
<p>You must also add the ENV <code>NETWORK_INTERFACE=tap0</code>, because Podman uses a <a href="https://github.com/containers/podman/blob/v3.4.1/libpod/networking_slirp4netns.go#L264">hard-coded interface name</a> for <code>slirp4netns</code>.</p>
<div class="admonition example">
<p class="admonition-title">Example</p>
@ -1719,7 +1719,7 @@ firewall-cmd<span class="w"> </span>--reload
<span class="c1"># After you set all ports up.</span>
firewall-cmd<span class="w"> </span>--reload
</code></pre></div>
<p>Just map all the privilege port with non-privilege port you set in docker-compose.yml before as root user.</p>
<p>Just map all the privilege port with non-privilege port you set in compose.yaml before as root user.</p>

2
edge/config/best-practices/dkim_dmarc_spf/index.html
View file

@ -1853,7 +1853,7 @@
<span class="na">Whitelist</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">192.168.0.0/31,192.168.1.0/30</span>
<span class="c1"># Domain_Whitelist = mx1.not-example.com,mx2.not-example.com</span>
</code></pre></div>
<p>Then add this line to <code>docker-compose.yml</code>:</p>
<p>Then add this line to <code>compose.yaml</code>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">volumes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./docker-data/dms/config/postfix-policyd-spf.conf:/etc/postfix-policyd-spf-python/policyd-spf.conf</span>
</code></pre></div>

8
edge/config/environment/index.html
View file

@ -3413,7 +3413,7 @@
</div>
<h4 id="general"><a class="toclink" href="#general">General</a></h4>
<h5 id="override_hostname"><a class="toclink" href="#override_hostname">OVERRIDE_HOSTNAME</a></h5>
<p>If you can't set your hostname (<em>eg: you're in a container platform that doesn't let you</em>) specify it via this environment variable. It will have priority over <code>docker run --hostname</code>, or the equivalent <code>hostname:</code> field in <code>docker-compose.yml</code>.</p>
<p>If you can't set your hostname (<em>eg: you're in a container platform that doesn't let you</em>) specify it via this environment variable. It will have priority over <code>docker run --hostname</code>, or the equivalent <code>hostname:</code> field in <code>compose.yaml</code>.</p>
<ul>
<li><strong>empty</strong> =&gt; Uses the <code>hostname -f</code> command to get canonical hostname for DMS to use.</li>
<li>=&gt; Specify an FQDN (fully-qualified domain name) to serve mail for. The hostname is required for DMS to function correctly.</li>
@ -3516,7 +3516,7 @@
<li><strong>0</strong> =&gt; fail2ban service disabled</li>
<li>1 =&gt; Enables fail2ban service</li>
</ul>
<p>If you enable Fail2Ban, don't forget to add the following lines to your <code>docker-compose.yml</code>:</p>
<p>If you enable Fail2Ban, don't forget to add the following lines to your <code>compose.yaml</code>:</p>
<div class="highlight"><pre><span></span><code>cap_add:
<span class="w"> </span>-<span class="w"> </span>NET_ADMIN
</code></pre></div>
@ -3786,7 +3786,7 @@ If this is not set and reports are enabled with the old options, logrotate will
<p class="admonition-title">Note</p>
<p><code>LOGROTATE_INTERVAL</code> only manages <code>logrotate</code> within the container for services we manage internally.</p>
<p>The entire log output for the container is still available via <code>docker logs mailserver</code> (or your respective container name). If you want to configure external log rotation for that container output as well, : <a href="https://docs.docker.com/config/containers/logging/configure/">Docker Logging Drivers</a>.</p>
<p>By default, the logs are lost when the container is destroyed (eg: re-creating via <code>docker-compose down &amp;&amp; docker-compose up -d</code>). To keep the logs, mount a volume (to <code>/var/log/mail/</code>).</p>
<p>By default, the logs are lost when the container is destroyed (eg: re-creating via <code>docker compose down &amp;&amp; docker compose up -d</code>). To keep the logs, mount a volume (to <code>/var/log/mail/</code>).</p>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
@ -3872,7 +3872,7 @@ If this is not set and reports are enabled with the old options, logrotate will
<ul>
<li><strong>empty</strong> =&gt; mail.example.com</li>
<li>=&gt; Specify the dns-name/ip-address where the ldap-server is listening, or an URI like <code>ldaps://mail.example.com</code></li>
<li>NOTE: If you going to use DMS in combination with <code>docker-compose.yml</code> you can set the service name here</li>
<li>NOTE: If you going to use DMS in combination with <code>compose.yaml</code> you can set the service name here</li>
</ul>
<h5 id="ldap_search_base"><a class="toclink" href="#ldap_search_base">LDAP_SEARCH_BASE</a></h5>
<ul>

2
edge/config/pop3/index.html
View file

@ -1412,7 +1412,7 @@
<h1>Mail Delivery with POP3</h1>
<p>If you want to use POP3(S), you have to add the ports 110 and/or 995 (TLS secured) and the environment variable <code>ENABLE_POP3</code> to your <code>docker-compose.yml</code>:</p>
<p>If you want to use POP3(S), you have to add the ports 110 and/or 995 (TLS secured) and the environment variable <code>ENABLE_POP3</code> to your <code>compose.yaml</code>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">ports</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;25:25&quot;</span><span class="w"> </span><span class="c1"># SMTP (explicit TLS =&gt; STARTTLS)</span>

4
edge/config/security/fail2ban/index.html
View file

@ -1565,7 +1565,7 @@
<h2 id="configuration"><a class="toclink" href="#configuration">Configuration</a></h2>
<div class="admonition warning">
<p class="admonition-title">Warning</p>
<p>DMS must be launched with the <code>NET_ADMIN</code> capability in order to be able to install the NFTables rules that actually ban IP addresses. Thus, either include <code>--cap-add=NET_ADMIN</code> in the <code>docker run</code> command, or the equivalent in the <code>compose.yml</code>:</p>
<p>DMS must be launched with the <code>NET_ADMIN</code> capability in order to be able to install the NFTables rules that actually ban IP addresses. Thus, either include <code>--cap-add=NET_ADMIN</code> in the <code>docker run</code> command, or the equivalent in the <code>compose.yaml</code>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">cap_add</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">NET_ADMIN</span>
</code></pre></div>
@ -1625,7 +1625,7 @@
</code></pre></div>
</div>
<div class="tabbed-block">
<p><a href="https://github.com/containers/podman/blob/v3.4.1/docs/source/markdown/podman-run.1.md#--networkmode---net">Rootless Podman</a> requires adding the value <code>slirp4netns:port_handler=slirp4netns</code> to the <code>--network</code> CLI option, or <code>network_mode</code> setting in your <code>compose.yml</code>:</p>
<p><a href="https://github.com/containers/podman/blob/v3.4.1/docs/source/markdown/podman-run.1.md#--networkmode---net">Rootless Podman</a> requires adding the value <code>slirp4netns:port_handler=slirp4netns</code> to the <code>--network</code> CLI option, or <code>network_mode</code> setting in your <code>compose.yaml</code>:</p>
<div class="admonition example">
<p class="admonition-title">Example</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>

4
edge/config/security/mail_crypt/index.html
View file

@ -1479,7 +1479,7 @@ plugin {
</code></pre></div>
</li>
<li>
<p>Shutdown your mailserver (<code>docker-compose down</code>)</p>
<p>Shutdown your mailserver (<code>docker compose down</code>)</p>
</li>
<li>
<p>You then need to <a href="https://doc.dovecot.org/configuration_manual/mail_crypt_plugin/#ec-key">generate your global EC key</a>. We named them <code>/certs/ecprivkey.pem</code> and <code>/certs/ecpubkey.pem</code> in step #1.</p>
@ -1496,7 +1496,7 @@ plugin {
</code></pre></div></p>
</li>
<li>
<p>While you're editing the <code>docker-compose.yml</code>, add the configuration file:
<p>While you're editing the <code>compose.yaml</code>, add the configuration file:
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ghcr.io/docker-mailserver/docker-mailserver:latest</span>

30
edge/config/security/ssl/index.html
View file

@ -1751,7 +1751,7 @@
docker<span class="w"> </span>run<span class="w"> </span>--hostname<span class="w"> </span>mail.example.com
</code></pre></div>
<p>or</p>
<div class="highlight"><pre><span></span><code><span class="c1"># docker-compose.yml</span>
<div class="highlight"><pre><span></span><code><span class="c1"># compose.yaml</span>
<span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">hostname</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">mail.example.com</span>
@ -1778,7 +1778,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--hostname<span class="
</div>
<div class="admonition example">
<p class="admonition-title">Example</p>
<p>Add these additions to the <code>mailserver</code> service in your <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/docker-compose.yml"><code>docker-compose.yml</code></a>:</p>
<p>Add these additions to the <code>mailserver</code> service in your <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/compose.yaml"><code>compose.yaml</code></a>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">hostname</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">mail.example.com</span>
@ -1805,7 +1805,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--rm<span class="w"> </
<p>Add a volume for DMS that maps the <em>local <code>certbot/certs/</code> folder</em> to the container path <code>/etc/letsencrypt/</code>.</p>
<div class="admonition example">
<p class="admonition-title">Example</p>
<p>Add these additions to the <code>mailserver</code> service in your <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/docker-compose.yml"><code>docker-compose.yml</code></a>:</p>
<p>Add these additions to the <code>mailserver</code> service in your <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/compose.yaml"><code>compose.yaml</code></a>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">hostname</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">mail.example.com</span>
@ -1862,7 +1862,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--rm<span class="w"> </
</li>
<li>Store the file in a folder if you like, such as <code>docker-data/certbot/secrets/</code>.</li>
<li>
<p>Your <code>docker-compose.yml</code> should include the following:</p>
<p>Your <code>compose.yaml</code> should include the following:</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">environments</span><span class="p">:</span>
@ -1899,7 +1899,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--rm<span class="w"> </
</li>
<li>
<p>Run the service to provision a certificate:</p>
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>run<span class="w"> </span>certbot-cloudflare
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>run<span class="w"> </span>certbot-cloudflare
</code></pre></div>
</li>
<li>
@ -1920,7 +1920,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--rm<span class="w"> </
<details class="tip">
<summary>Renewing a certificate (Optional)</summary>
<p>We've only demonstrated how to provision a certificate, but it will expire in 90 days and need to be renewed before then.</p>
<p>In the following example, add a new service (<code>certbot-cloudflare-renew</code>) into <code>docker-compose.yml</code> that will handle certificate renewals:</p>
<p>In the following example, add a new service (<code>certbot-cloudflare-renew</code>) into <code>compose.yaml</code> that will handle certificate renewals:</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">certbot-cloudflare-renew</span><span class="p">:</span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">certbot/dns-cloudflare:latest</span>
@ -1932,7 +1932,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--rm<span class="w"> </
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">cloudflare-api-token</span>
</code></pre></div>
<p>You can manually run this service to renew the cert within 90 days:</p>
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>run<span class="w"> </span>certbot-cloudflare-renew
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>run<span class="w"> </span>certbot-cloudflare-renew
</code></pre></div>
<p>You should see the following output
(The following log was generated with <code>--dry-run</code> options)</p>
@ -1952,7 +1952,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--rm<span class="w"> </
</code></pre></div>
<p>It is recommended to automate this renewal via a task scheduler like a <em>systemd timer</em> or in <code>crontab</code>
(<code>crontab</code> example: Checks every day if the certificate should be renewed)</p>
<div class="highlight"><pre><span></span><code><span class="m">0</span><span class="w"> </span><span class="m">0</span><span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>docker-compose<span class="w"> </span>-f<span class="w"> </span>PATH_TO_YOUR_DOCKER_COMPOSE_YML<span class="w"> </span>up<span class="w"> </span>certbot-cloudflare-renew
<div class="highlight"><pre><span></span><code><span class="m">0</span><span class="w"> </span><span class="m">0</span><span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>PATH_TO_YOUR_DOCKER_COMPOSE_YML<span class="w"> </span>up<span class="w"> </span>certbot-cloudflare-renew
</code></pre></div>
</details>
<h4 id="example-using-nginx-proxy-and-acme-companion-with-docker"><a class="toclink" href="#example-using-nginx-proxy-and-acme-companion-with-docker">Example using <code>nginx-proxy</code> and <code>acme-companion</code> with Docker</a></h4>
@ -2002,7 +2002,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--detach<span class="w"
<p>You may want to add <code>--env LETSENCRYPT_TEST=true</code> to the above while testing, to avoid the <em>Let's Encrypt</em> certificate generation rate limits.</p>
</li>
<li>
<p>Make sure your mount path to the <code>letsencrypt</code> certificates directory is correct. Edit your <code>docker-compose.yml</code> for the <code>mailserver</code> service to have volumes added like below:</p>
<p>Make sure your mount path to the <code>letsencrypt</code> certificates directory is correct. Edit your <code>compose.yaml</code> for the <code>mailserver</code> service to have volumes added like below:</p>
<div class="highlight"><pre><span></span><code><span class="nt">volumes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./docker-data/dms/mail-data/:/var/mail/</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./docker-data/dms/mail-state/:/var/mail-state/</span>
@ -2011,14 +2011,14 @@ docker<span class="w"> </span>run<span class="w"> </span>--detach<span class="w"
</code></pre></div>
</li>
<li>
<p>Then from the <code>docker-compose.yml</code> project directory, run: <code>docker-compose up -d mailserver</code>.</p>
<p>Then from the <code>compose.yaml</code> project directory, run: <code>docker compose up -d mailserver</code>.</p>
</li>
</ol>
<h4 id="example-using-nginx-proxy-and-acme-companion-with-docker-compose"><a class="toclink" href="#example-using-nginx-proxy-and-acme-companion-with-docker-compose">Example using <code>nginx-proxy</code> and <code>acme-companion</code> with <code>docker-compose</code></a></h4>
<p>The following example is the <a href="https://github.com/nginx-proxy/acme-companion#basic-usage-with-the-nginx-proxy-container">basic setup</a> you need for using <code>nginx-proxy</code> and <code>acme-companion</code> with DMS (<em>Referencing: <a href="https://github.com/nginx-proxy/acme-companion/blob/main/docs"><code>acme-companion</code> documentation</a></em>):</p>
<details class="example" open="open">
<summary>Example: <code>docker-compose.yml</code></summary>
<p>You should have an existing <code>docker-compose.yml</code> with a <code>mailserver</code> service. Below are the modifications to add for integrating with <code>nginx-proxy</code> and <code>acme-companion</code> services:</p>
<summary>Example: <code>compose.yaml</code></summary>
<p>You should have an existing <code>compose.yaml</code> with a <code>mailserver</code> service. Below are the modifications to add for integrating with <code>nginx-proxy</code> and <code>acme-companion</code> services:</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="c1"># Add the following `environment` and `volumes` to your existing `mailserver` service:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
@ -2056,7 +2056,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--detach<span class="w"
<span class="w"> </span><span class="nt">container_name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">nginx-proxy-acme</span>
<span class="w"> </span><span class="nt">restart</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">always</span>
<span class="w"> </span><span class="nt">environment</span><span class="p">:</span>
<span class="w"> </span><span class="c1"># Only docker-compose v2 supports: `volumes_from: [nginx-proxy]`,</span>
<span class="w"> </span><span class="c1"># When `volumes_from: [nginx-proxy]` is not supported,</span>
<span class="w"> </span><span class="c1"># reference the _reverse-proxy_ `container_name` here:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">NGINX_PROXY_CONTAINER=nginx-proxy</span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span>
@ -2124,7 +2124,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--detach<span class="w"
<h4 id="example-using-lets-encrypt-certificates-with-a-synology-nas"><a class="toclink" href="#example-using-lets-encrypt-certificates-with-a-synology-nas">Example using <em>Let's Encrypt</em> Certificates with a <em>Synology NAS</em></a></h4>
<p>Version 6.2 and later of the Synology NAS DSM OS now come with an interface to generate and renew letencrypt certificates. Navigation into your DSM control panel and go to Security, then click on the tab Certificate to generate and manage letsencrypt certificates.</p>
<p>Amongst other things, you can use these to secure your mail server. DSM locates the generated certificates in a folder below <code>/usr/syno/etc/certificate/_archive/</code>.</p>
<p>Navigate to that folder and note the 6 character random folder name of the certificate you'd like to use. Then, add the following to your <code>docker-compose.yml</code> declaration file:</p>
<p>Navigate to that folder and note the 6 character random folder name of the certificate you'd like to use. Then, add the following to your <code>compose.yaml</code> declaration file:</p>
<div class="highlight"><pre><span></span><code><span class="nt">volumes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/usr/syno/etc/certificate/_archive/&lt;your-folder&gt;/:/tmp/dms/custom-certs/</span>
<span class="nt">environment</span><span class="p">:</span>
@ -2319,7 +2319,7 @@ docker<span class="w"> </span>run<span class="w"> </span>--rm<span class="w"> </
<span class="w"> </span>smallstep/step-ca
</code></pre></div>
<h3 id="bring-your-own-certificates"><a class="toclink" href="#bring-your-own-certificates">Bring Your Own Certificates</a></h3>
<p>You can also provide your own certificate files. Add these entries to your <code>docker-compose.yml</code>:</p>
<p>You can also provide your own certificate files. Add these entries to your <code>compose.yaml</code>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">volumes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./docker-data/dms/custom-certs/:/tmp/dms/custom-certs/:ro</span>
<span class="nt">environment</span><span class="p">:</span>

8
edge/examples/tutorials/basic-installation/index.html
View file

@ -1486,7 +1486,7 @@
<h1>Basic Installation</h1>
<h2 id="a-basic-example-with-relevant-environmental-variables"><a class="toclink" href="#a-basic-example-with-relevant-environmental-variables">A Basic Example With Relevant Environmental Variables</a></h2>
<p>This example provides you only with a basic example of what a minimal setup could look like. We <strong>strongly recommend</strong> that you go through the configuration file yourself and adjust everything to your needs. The default <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/docker-compose.yml">docker-compose.yml</a> can be used for the purpose out-of-the-box, see the <a href="../../../usage/"><em>Usage</em> chapter</a>.</p>
<p>This example provides you only with a basic example of what a minimal setup could look like. We <strong>strongly recommend</strong> that you go through the configuration file yourself and adjust everything to your needs. The default <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/compose.yaml">compose.yaml</a> can be used for the purpose out-of-the-box, see the <a href="../../../usage/"><em>Usage</em> chapter</a>.</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ghcr.io/docker-mailserver/docker-mailserver:latest</span>
@ -1570,7 +1570,7 @@
</div>
<ol>
<li>
<p>Create the file <code>docker-compose.yml</code> with a content like this:</p>
<p>Create the file <code>compose.yaml</code> with a content like this:</p>
<div class="admonition example">
<p class="admonition-title">Example</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
@ -1647,7 +1647,7 @@ mail IN A 10.11.12.13
<p>Get an SSL certificate, <a href="../../../config/security/ssl/#lets-encrypt-recommended">we have a guide for you here</a> (<em>Let's Encrypt</em> is a popular service to get free SSL certificates).</p>
</li>
<li>
<p>Start DMS and check the terminal output for any errors: <code>docker-compose up</code>.</p>
<p>Start DMS and check the terminal output for any errors: <code>docker compose up</code>.</p>
</li>
<li>
<p>Create email accounts and aliases:</p>
@ -1677,7 +1677,7 @@ setup<span class="w"> </span><span class="nb">alias</span><span class="w"> </spa
</div>
</li>
<li>
<p>Send some test emails to these addresses and make other tests. Once everything is working well, stop the container with <code>ctrl+c</code> and start it again as a daemon: <code>docker-compose up -d</code>.</p>
<p>Send some test emails to these addresses and make other tests. Once everything is working well, stop the container with <code>ctrl+c</code> and start it again as a daemon: <code>docker compose up -d</code>.</p>
</li>
</ol>

2
edge/examples/use-cases/imap-folders/index.html
View file

@ -1553,7 +1553,7 @@
<h2 id="adding-a-mailbox-folder"><a class="toclink" href="#adding-a-mailbox-folder">Adding a mailbox folder</a></h2>
<p>See <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/target/dovecot/15-mailboxes.conf"><code>target/dovecot/15-mailboxes.conf</code></a> for existing mailbox folders which you can modify or uncomment to enable some other common mailboxes. For more information try the <a href="https://doc.dovecot.org/configuration_manual/namespace/#mailbox-settings">official Dovecot documentation</a>.</p>
<p>The <code>Archive</code> special IMAP folder may be useful to enable. To do so, make a copy of <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/target/dovecot/15-mailboxes.conf"><code>target/dovecot/15-mailboxes.conf</code></a> and uncomment the <code>Archive</code> mailbox definition. Mail clients should understand that this folder is intended for archiving mail due to the <a href="https://datatracker.ietf.org/doc/html/rfc6154"><code>\Archive</code> <em>"SPECIAL-USE"</em> attribute</a>.</p>
<p>With the provided <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/docker-compose.yml">docker-compose.yml</a> example, a volume bind mounts the host directory <code>docker-data/dms/config/</code> to the container location <code>/tmp/docker-mailserver/</code>. Config file overrides should instead be mounted to a different location as described in <a href="../../../config/advanced/override-defaults/dovecot/#override-configuration">Overriding Configuration for Dovecot</a>:</p>
<p>With the provided <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/compose.yaml">compose.yaml</a> example, a volume bind mounts the host directory <code>docker-data/dms/config/</code> to the container location <code>/tmp/docker-mailserver/</code>. Config file overrides should instead be mounted to a different location as described in <a href="../../../config/advanced/override-defaults/dovecot/#override-configuration">Overriding Configuration for Dovecot</a>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">volumes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./docker-data/dms/config/dovecot/15-mailboxes.conf:/etc/dovecot/conf.d/15-mailboxes.conf:ro</span>
</code></pre></div>

18
edge/faq/index.html
View file

@ -2046,9 +2046,9 @@
<h3 id="how-do-i-update-dms"><a class="toclink" href="#how-do-i-update-dms">How do I update DMS?</a></h3>
<p><strong>Make sure to read the <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/CHANGELOG.md">CHANGELOG</a></strong> before updating to new versions, to be prepared for possible breaking changes.</p>
<p>Then, run the following commands:</p>
<div class="highlight"><pre><span></span><code>docker-compose<span class="w"> </span>pull
docker-compose<span class="w"> </span>down
docker-compose<span class="w"> </span>up<span class="w"> </span>-d
<div class="highlight"><pre><span></span><code>docker<span class="w"> </span>compose<span class="w"> </span>pull
docker<span class="w"> </span>compose<span class="w"> </span>down
docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
<p>You should see the new version number on startup, for example: <code>[ INF ] Welcome to docker-mailserver 11.3.1</code>. And you're done! Don't forget to have a look at the remaining functions of the <code>setup.sh</code> script with <code>./setup.sh help</code>.</p>
<h3 id="which-operating-systems-are-supported"><a class="toclink" href="#which-operating-systems-are-supported">Which operating systems are supported?</a></h3>
@ -2100,7 +2100,7 @@ docker-compose<span class="w"> </span>up<span class="w"> </span>-d
</code></pre></div>
<h3 id="what-about-backups"><a class="toclink" href="#what-about-backups">What about backups?</a></h3>
<h4 id="bind-mounts-default"><a class="toclink" href="#bind-mounts-default">Bind mounts (default)</a></h4>
<p>From the location of your <code>docker-compose.yml</code>, create a compressed archive of your <code>docker-data/dms/config/</code> and <code>docker-data/dms/mail-*</code> folders:</p>
<p>From the location of your <code>compose.yaml</code>, create a compressed archive of your <code>docker-data/dms/config/</code> and <code>docker-data/dms/mail-*</code> folders:</p>
<div class="highlight"><pre><span></span><code>tar<span class="w"> </span>--gzip<span class="w"> </span>-cf<span class="w"> </span><span class="s2">&quot;backup-</span><span class="k">$(</span>date<span class="w"> </span>+%F<span class="k">)</span><span class="s2">.tar.gz&quot;</span><span class="w"> </span>./docker-data/dms
</code></pre></div>
<p>Then to restore <code>docker-data/dms/config/</code> and <code>docker-data/dms/mail-*</code> folders from your backup file:</p>
@ -2147,7 +2147,7 @@ find<span class="w"> </span><span class="s2">&quot;</span><span class="si">${</s
<div class="highlight"><pre><span></span><code><span class="go">warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains</span>
</code></pre></div>
<p>Plus of course mail delivery fails.</p>
<p>Also you need to define <code>hostname: example.com</code> in your <code>docker-compose.yml</code>.</p>
<p>Also you need to define <code>hostname: example.com</code> in your <code>compose.yaml</code>.</p>
<div class="admonition tip">
<p class="admonition-title">You might not want a bare domain</p>
<p>We encourage you to consider using a subdomain where possible.</p>
@ -2220,7 +2220,7 @@ Few examples of symptoms can be found <a href="https://github.com/docker-mailser
<h3 id="how-to-adjust-settings-with-the-user-patchessh-script"><a class="toclink" href="#how-to-adjust-settings-with-the-user-patchessh-script">How to adjust settings with the <code>user-patches.sh</code> script</a></h3>
<p>Suppose you want to change a number of settings that are not listed as variables or add things to the server that are not included?</p>
<p>DMS has a built-in way to do post-install processes. If you place a script called <strong><code>user-patches.sh</code></strong> in the config directory it will be run after all configuration files are set up, but before the postfix, amavis and other daemons are started.</p>
<p>It is common to use a local directory for config added to <code>docker-mailsever</code> via a volume mount in your <code>docker-compose.yml</code> (eg: <code>./docker-data/dms/config/:/tmp/docker-mailserver/</code>).</p>
<p>It is common to use a local directory for config added to <code>docker-mailsever</code> via a volume mount in your <code>compose.yaml</code> (eg: <code>./docker-data/dms/config/:/tmp/docker-mailserver/</code>).</p>
<p>Add or create the script file to your config directory:</p>
<div class="highlight"><pre><span></span><code><span class="nb">cd</span><span class="w"> </span>./docker-data/dms/config
touch<span class="w"> </span>user-patches.sh
@ -2282,7 +2282,7 @@ supervisorctl<span class="w"> </span>update
<p>Antispam rules are managed in <code>docker-data/dms/config/spamassassin-rules.cf</code>.</p>
<h4 id="what-are-acceptable-sa_spam_subject-values"><a class="toclink" href="#what-are-acceptable-sa_spam_subject-values">What are acceptable <code>SA_SPAM_SUBJECT</code> values?</a></h4>
<p>For no subject set <code>SA_SPAM_SUBJECT=undef</code>.</p>
<p>For a trailing white-space subject one can define the whole variable with quotes in <code>docker-compose.yml</code>:</p>
<p>For a trailing white-space subject one can define the whole variable with quotes in <code>compose.yaml</code>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">environment</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;SA_SPAM_SUBJECT=[SPAM]</span><span class="nv"> </span><span class="s">&quot;</span>
</code></pre></div>
@ -2303,7 +2303,7 @@ supervisorctl<span class="w"> </span>update
<details class="example">
<summary>Example</summary>
<p>Create a <em>system</em> cron file:</p>
<div class="highlight"><pre><span></span><code><span class="c1"># in the docker-compose.yml root directory</span>
<div class="highlight"><pre><span></span><code><span class="c1"># in the compose.yaml root directory</span>
mkdir<span class="w"> </span>-p<span class="w"> </span>./docker-data/dms/cron
touch<span class="w"> </span>./docker-data/dms/cron/sa-learn
chown<span class="w"> </span>root:root<span class="w"> </span>./docker-data/dms/cron/sa-learn
@ -2333,7 +2333,7 @@ chmod<span class="w"> </span><span class="m">0644</span><span class="w"> </span>
<span class="c1"># ham: inbox subdirectories</span>
<span class="na">30 3 * * * root sa-learn --ham /var/mail/not-example.com/*/cur* --dbpath /var/mail-state/lib-amavis/.spamassassin &gt; /dev/null</span>
</code></pre></div>
<p>Then with <code>docker-compose.yml</code>:</p>
<p>Then with <code>compose.yaml</code>:</p>
<div class="highlight"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">mailserver</span><span class="p">:</span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ghcr.io/docker-mailserver/docker-mailserver:latest</span>

2
edge/introduction/index.html
View file

@ -1772,7 +1772,7 @@ Me -- STARTTLS ---&gt; ┤(587) │ ┊
<h2 id="how-does-dms-help-with-setting-everything-up"><a class="toclink" href="#how-does-dms-help-with-setting-everything-up">How Does DMS Help With Setting Everything Up?</a></h2>
<p>As a <em>batteries included</em> container image, DMS provides you with all the required components and a default configuration to run a decent and secure mail server. One may then customize all aspects of its internal components.</p>
<ul>
<li>Simple customization is supported through <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/docker-compose.yml">docker-compose configuration</a> and the <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/mailserver.env">env-mailserver</a> configuration file.</li>
<li>Simple customization is supported through <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/compose.yaml">Docker Compose configuration</a> and the <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/mailserver.env">env-mailserver</a> configuration file.</li>
<li>Advanced customization is supported through providing "monkey-patching" configuration files and/or <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/Dockerfile">deriving your own image</a> from DMS's upstream, for a complete control over how things run.</li>
</ul>
<p>Eventually, it is up to <em>you</em> deciding exactly what kind of transportation/encryption to use and/or enforce, and to customize your instance accordingly (with looser or stricter security). Be also aware that protocols and ports on your server can only go so far with security; third-party MTAs might relay your emails on insecure connections, man-in-the-middle attacks might still prove effective, etc. Advanced counter-measure such as DANE, MTA-STS and/or full body encryption (eg. PGP) should be considered as well for increased confidentiality, but ideally without compromising backwards compatibility so as to not block emails.</p>

2
edge/search/search_index.json
View file

File diff suppressed because one or more lines are too long

80
edge/sitemap.xml
View file

@ -2,202 +2,202 @@
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/faq/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/introduction/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/usage/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/debugging/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/pop3/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/setup.sh/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/user-management/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/auth-ldap/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/dovecot-master-accounts/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/full-text-search/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/ipv6/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/kubernetes/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-fetchmail/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-sieve/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/optional-config/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/podman/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-forwarding/aws-ses/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-forwarding/relay-hosts/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/maintenance/update-and-cleanup/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/override-defaults/dovecot/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/override-defaults/postfix/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/override-defaults/user-patches/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/autodiscover/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/dkim_dmarc_spf/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/fail2ban/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/mail_crypt/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/rspamd/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/ssl/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/contributing/general/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/contributing/issues-and-pull-requests/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/contributing/tests/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/basic-installation/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/blog-posts/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/docker-build/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/mailserver-behind-proxy/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/use-cases/forward-only-mailserver-with-ldap-authentication/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/use-cases/imap-folders/</loc>
<lastmod>2023-05-03</lastmod>
<lastmod>2023-05-10</lastmod>
<changefreq>daily</changefreq>
</url>
</urlset>

10
edge/usage/index.html
View file

@ -1689,9 +1689,9 @@
<li>The host should be able to send/receive on the <a href="../config/security/understanding-the-ports/#overview-of-email-ports">necessary ports for mail</a></li>
<li>You should be able to set a <code>PTR</code> record for your host; security-hardened mail servers might otherwise reject your mail server as the IP address of your host does not resolve correctly/at all to the DNS name of your server.</li>
</ol>
<p>On the host, you should have a suitable container runtime (like <em>Docker</em> or <em>Podman</em>) installed. We assume <a href="https://docs.docker.com/compose/"><em>Docker Compose</em></a> is <a href="https://docs.docker.com/compose/install/">installed</a>.</p>
<div class="admonition info">
<p class="admonition-title">Podman Support</p>
<div class="admonition note">
<p class="admonition-title">About the Container Runtime</p>
<p>On the host, you need to have a suitable container runtime (like <em>Docker</em> or <em>Podman</em>) installed. We assume <a href="https://docs.docker.com/compose/"><em>Docker Compose</em></a> is <a href="https://docs.docker.com/compose/install/">installed</a>. We have aligned file names and configuration conventions with the latest <a href="https://docs.docker.com/compose/compose-file/">Docker Compose (currently V2) specification</a>.</p>
<p>If you're using podman, make sure to read the related <a href="../config/advanced/podman/">documentation</a>.</p>
</div>
<h3 id="minimal-dns-setup"><a class="toclink" href="#minimal-dns-setup">Minimal DNS Setup</a></h3>
@ -1748,12 +1748,12 @@
<h3 id="get-all-files"><a class="toclink" href="#get-all-files">Get All Files</a></h3>
<p>Issue the following commands to acquire the necessary files:</p>
<div class="highlight"><pre><span></span><code><span class="nv">DMS_GITHUB_URL</span><span class="o">=</span><span class="s2">&quot;https://github.com/docker-mailserver/docker-mailserver/blob/latest&quot;</span>
wget<span class="w"> </span><span class="s2">&quot;</span><span class="si">${</span><span class="nv">DMS_GITHUB_URL</span><span class="si">}</span><span class="s2">/docker-compose.yml&quot;</span>
wget<span class="w"> </span><span class="s2">&quot;</span><span class="si">${</span><span class="nv">DMS_GITHUB_URL</span><span class="si">}</span><span class="s2">/compose.yaml&quot;</span>
wget<span class="w"> </span><span class="s2">&quot;</span><span class="si">${</span><span class="nv">DMS_GITHUB_URL</span><span class="si">}</span><span class="s2">/mailserver.env&quot;</span>
</code></pre></div>
<h3 id="configuration-steps"><a class="toclink" href="#configuration-steps">Configuration Steps</a></h3>
<ol>
<li>First edit <code>docker-compose.yml</code> to your liking<ul>
<li>First edit <code>compose.yaml</code> to your liking<ul>
<li>Substitute <code>mail.example.com</code> according to your FQDN.</li>
<li>If you want to use SELinux for the <code>./docker-data/dms/config/:/tmp/docker-mailserver/</code> mount, append <code>-z</code> or <code>-Z</code>.</li>
</ul>