Commit graph

2213 commits

Author SHA1 Message Date
Steve Johnson 3363d77f96 Updated Debugging (markdown) 2018-01-01 10:28:23 -07:00
Steve Johnson 1a94c99c3a Updated Debugging (markdown) 2018-01-01 10:27:39 -07:00
Steve Johnson 8c4ba0e2d8 Updated Debugging (markdown) 2018-01-01 10:27:15 -07:00
Marek Walczak 49b3867c1b debian stretch slim (#784)
* Switch to stretch-slim as base image.
 - first step correct the testdata, as newer packages are more strict
about the mail-structure.

* Switch to stretch-slim: correcting the test-environment and the build
 - add missing build-step to make
 - clean the userdb aswell
 - use timeout of netcat, as postgrey would not close the connection
 - there is 2 extra mail-logs -> assert_output 5
 - cosmetic: use "" instead of ''

* Switch to stretch-slim:
new image:
 - smaller size
 - 0 CVEs compared to 11 CVEs in ubuntu 16.04 Image
better backport situation
 - postfix 3.1.6 vs 3.1.0
 - fail2ban 0.9.6 vs 0.9.3
 ...
changes needed because of stretch-slim:
- add missing gnupg and iproute2 package
- remove non-free rar, unrar-free should do
- rsyslog does not add syslog user and has different conf-structure
- pyzor command discover was deprecated and is missing in the new
stretch package

- dovecot does not know SSLv2 anymore. removed because of warnings in
log

- iptables does not know imap3, IMAP working group chose imap2 in favor
of imap3

* Switch to debian stretch slim:
SSLv2 seems to be a not known protocol anymore - good!

* switch to debian stretch slim:
make this test more stable. there might be more than only one mail.log
(mail.info, mail.warn, ...)

* switch to debian stretc slim:
 new openssl 1.1.0 needs stronger ciphers, removed some weekers ones.
Please, look through the new list of cipher! this needs to be done in
another commit for all other SSL/TLS-Endpoints aswell.

* Switch to debian stretch slim:
let our server pre-empt the cipher list.
Did a read through, wwwDOTpostfixDOTorg/FORWARD_SECRECY_READMEDOThtml
and
wwwDOTpostfixDOTorg/TLS_READMEDOThtml

* Switch to debian stretch slim: lets give this openssl-based test a new and independent but identical container.  many other test on the main 'mail' container might interfere here.

* Switch to debian stretch slim: remove unused lines
2017-12-31 12:33:48 +01:00
Toru Hisai b0526d0afe fix arguments for [ command (#783) 2017-12-31 10:49:15 +01:00
Alessio Nava c26d02a910 Changed omitted headers for DKIM with mailtrain (#774)
Added List-ID and List-Unsubscribe omitted headers for DKIM verification.
2017-12-18 21:55:50 +01:00
Damian Moore 01a41e9d93 Use PCRE for alias regular expressions instead of the basic type (#751) 2017-12-07 19:44:45 +01:00
Marek Walczak d62ea049e6 Add ability to override fail2ban.conf with fail2ban.local values. (#769)
* Add ability to override fail2ban.conf with fail2ban.local values.
2017-12-07 19:27:31 +01:00
Marek Walczak 2be8757322 this an explaining PR #769 2017-11-30 22:55:27 +01:00
makloda b7259d2500 Added info on how to use Synology NAS generated letsencrypt certificates and how to find them 2017-11-11 18:38:37 +01:00
Mohammed Chotia c7eef0ab4c Fix small typo 2017-11-02 12:32:42 +02:00
kamuri 835939d856 Issue 747 (#748)
* fix for issue #747 (NOT TESTED YET)

Need to test this. Dont merge it yet.

* Small Cleanup and bug fixes Not done Yet!

Not done yet. Dont merge. See comment in issue #747

* Add --ignore-missing. Now is fixed.
2017-10-18 07:43:30 +02:00
kamuri 420e7741a1 Check for account changes and reload (Closes: #552)
Restart the daemons when changes are made to 'postfix-account.cf' and/or 'postfix-virtual.cf'
2017-10-10 08:15:18 +02:00
Johan Smits e79ee435fb Update dist yaml files (Closes: #740) 2017-10-09 19:16:53 +02:00
kamuri 02e0417bff fixes for #740 2017-10-09 19:00:48 +02:00
Johan Smits 0bacac781c Merge pull request #741 from johansmitsnl/fix-spamassassin-typo
Fix spamassassin directory typo (Closes: #739)
2017-10-08 15:05:49 +02:00
Johan Smits c7311f280f Fix spamassassin directory typo (Closes: #739) 2017-10-08 14:47:45 +02:00
Johan Smits 12f0b5f033 Merge pull request #736 from johansmitsnl/update-readme-731
Update readme of the fetchmail interval variable
2017-10-05 19:01:44 +02:00
Johan Smits 8d7d934267 Update wiki to change the fetchmail poll interval 2017-10-05 08:30:23 +02:00
Johan Smits fe9361524c Update readme according to pr #731 2017-10-05 08:25:29 +02:00
Darren McGrandle 5961b31e91 Enable user definable fetchmail poll times (#731)
* Enable user definable fetchmail poll times
* create new ENV variable FETCHMAIL_POLL in target/start-mailserver.sh
* change --daemon setting in supervisor-app.conf to use ENV var
* Put FETCHMAIL_POLL env variable in Dockerfile to handle case where
  user does not specify it in their docker-compose.yml
2017-10-04 22:10:18 +02:00
presocratics f7e153ed2b I added a sub-section describing how Let's Encrypt certificate generation and renewal for docker-mailserver can be done with nginx-proxy and letsencrypt-nginx-proxy-companion 2017-09-26 14:39:39 -05:00
Johan Smits a2efdab5dd Merge pull request #719 from johansmitsnl/supervisor-sock (closes: #707)
fix(): Supervisor socket issue with overlay (closes: #707)
2017-09-17 08:58:46 +02:00
Johan Smits a3aa8b2bef Merge pull request #715 from danielpanteleit/master (Closes #661)
Prevent syslog logrotate warnings
2017-09-13 08:23:20 +02:00
Johan Smits caaae0eb76 Add note that a container restart is needed 2017-09-13 08:21:32 +02:00
Daniel Panteleit dc6a5fd8e3 Prevent syslog logrotate warnings 2017-09-12 19:50:24 +02:00
Johan Smits feb1586873 Merge pull request #714 from init-js/master
[opendmarc] Skip dmarc checks for email sent over authenticated sockets
2017-09-12 08:23:46 +02:00
Jean-Sebastien Legare c4cf848826 [opendmarc] Skip dmarc checks for email sent over authenticated sockets
opendmarc checks fail for mail sent over (SMTP AUTH) submission
   ports. Adding this directive skips checks for those emails, and
   clears the logs of related errors.

   See https://github.com/tomav/docker-mailserver/issues/703
2017-09-11 17:02:47 -07:00
Johan Smits ba62096550 fix(): Supervisor socket issue with overlay 2017-09-10 15:38:21 +02:00
Johan Smits f412f6fc87 Merge pull request #690 from Shemeikka/issue-619
Adding a new command: generate-dkim-domain (Closes: #619)
2017-09-10 10:07:11 +02:00
Johan Smits 20a6eda79b Add newline to the end of the file 2017-09-10 09:52:22 +02:00
Hannu Shemeikka 984537526a New command: generate-dkim-domain
This command can be used for generating DKIM key for a domain,
which is not included in any configuration files. For example,
when using SQL database for transport maps.
2017-09-09 23:35:26 +03:00
Johan Smits 97e296162f Merge pull request #710 from johansmitsnl/improve-security-dhparams
Generate a new dhparams file if one_dir is set. (Resolves: #530)
2017-09-08 18:51:47 +02:00
Johan Smits a1a5c68418 Merge pull request #708 from johansmitsnl/improve-privacy
Improve the privacy of the client by removing sensitive details
2017-09-08 18:51:06 +02:00
Johan Smits af90682d64 Initial wiki page 2017-09-07 19:39:48 +02:00
Johan Smits 4cb8f4d4ae Improve the privacy of the client by removing sensitive details 2017-09-07 19:29:50 +02:00
Johan Smits 0fe86e796b Listen also on the ssl port 465 for clients (#709) 2017-09-07 18:08:25 +02:00
Johan Smits 91d34bc54e Generate a new dhparams file if one_dir is set. (Resolves: #530)
This improves security because each installation has it own generated
dhparams file. See ticket #530 for more details.
2017-09-06 23:41:23 +02:00
alinmear 402f66ad20 Updated Configue LDAP (markdown) 2017-08-31 10:34:31 +02:00
alinmear 28eba2118c Updated Configue LDAP (markdown) 2017-08-31 10:32:43 +02:00
Edmond Varga d513564d98 After running certbot successfully and mounted ~/docker/letsencrypt/etc/letsencrypt, the /etc/letsencrypt in the docker-mailserver was empty. Certificates are now located in ~/docker/letsencrypt/etc/live, reason I suggested the edit for mounting the right path of /home/ubuntu/docker/letsencrypt/etc/ 2017-08-25 09:15:39 +03:00
Johan Smits 1c75cabcfd Clean any leftover pid file from a stop (#700)
* Clean any leftover pid file from a stop

* More time needed for travis. It can be busy and fail tests.
2017-08-24 18:07:20 +02:00
Johan Smits a2f6591212 Fix the hook that restarts the amavis server and causes it to (#699)
detach from supervisor.
2017-08-19 10:49:01 +02:00
Johan Smits 9978bccbb6 Also test on the submission port if the login is succesful (#685)
Fixed location so that opendkim is happy with the correct
file location
2017-08-19 10:32:47 +02:00
Johan Smits 04904e77c4 Also search on the domain name for the virtual domain name in the ldap (Solves: #638) (#642)
Added test to check email delivery for a other domain then the primary
of the mailserver.
2017-08-19 10:32:00 +02:00
Thomas VIAL 8d7579b45e Updated FAQ and Tips (markdown) 2017-08-19 10:07:20 +02:00
Johan Smits 9e7959fafe Issue 631 run services with supervisor (#676)
* installed supervisor. Still need to set tasks to run in foreground.

* setting programs to run in foreground

* seems to work now

* cleanup

* final fixes

* tests

* show startup output on stdout

* set Dovecot config files before starting it

* make all processes log to console

* Use the supervisor as the main process. The start-mailserver is started
from the supervisord and then this process triggers others.

Defined some default variable in the Dockerfile. In order for
supervisored to build the command lines the ENV variable need to be set.
Therefore the defaults are defined.

Some processes are not single processes like postfix and fail2ban and
they have a wrapper. The wrapper takes care of proper shutdown and checking
if the process is running or not. Supervisored will restart the wrapping
script if the process is gone.

Increased some delays between tests because sometimes they where to short
for all containers to be running.

* Remove obsolete comments, reset timeout value to old one, added new lines

* Add more time for analyzing the emails.

Sometimes it fails the tests and gives a wrong state about
the test. During testing 40 seconds was the safe value.
2017-08-07 17:39:40 +02:00
Johan Smits 8b19d54218 Expand the decoders for amavis (Resolves: #659) (#677)
Use the guidelines from Ubuntu and added some more.
Added a test to ensure the number of decoders are present.
Guideline: https://help.ubuntu.com/community/PostfixAmavisNew
2017-08-07 17:37:16 +02:00
Leo Winter 453ee67f23 cd to right path for the next command with $PWD 2017-08-06 22:16:34 +02:00
Johan Smits c9e5a92db3 Add docker size label of the latest version to the README (#675)
* Add docker size label of the latest version to the README

* Update the alt text

* Changed the label as suggested by @tomav
2017-07-30 20:07:32 +02:00