docker-mailserver/README.md
2016-04-22 17:51:14 +02:00

167 lines
5.4 KiB
Markdown

# docker-mailserver
```
#
# CURRENTLY IN BETA
#
```
[![Build Status](https://travis-ci.org/tomav/docker-mailserver.svg?branch=v2)](https://travis-ci.org/tomav/docker-mailserver)
A fullstack but simple mail server (smtp, imap, antispam, antivirus...).
Only configuration files, no SQL database. Keep it simple and versioned.
Easy to deploy and upgrade.
Includes:
- postfix with smtp auth
- dovecot for sasl, imap (and optional pop3) with ssl support
- amavis
- spamassasin supporting custom rules
- clamav with automatic updates
- opendkim
- opendmarc
- fail2ban
- [LetsEncrypt](https://letsencrypt.org/) and self-signed certificates
- [integration tests](https://travis-ci.org/tomav/docker-mailserver)
- [automated builds on docker hub](https://hub.docker.com/r/tvial/docker-mailserver/)
Why I created this image: [Simple mail server with Docker](http://tvi.al/simple-mail-server-with-docker/)
Before you open an issue, please have a look this `README`, the [FAQ](https://github.com/tomav/docker-mailserver/wiki/FAQ) and Postfix/Dovecot documentation.
## Project architecture
├── config # User: personal configurations
├── docker-compose.yml.dist # User: 'docker-compose.yml' example
├── target # Developer: default server configurations
└── test # Developer: integration tests
## Basic usage
# get v2 image
docker pull tvial/docker-mailserver:v2
# create a "docker-compose.yml" file containing:
mail:
image: tvial/docker-mailserver:v2
hostname: mail
domainname: domain.com
# your FQDN will be 'mail.domain.com'
ports:
- "25:v25"
- "143:143"
- "587:587"
- "993:993"
volumes:
- ./config/:/tmp/docker-mailserver/
# Create your first mail account
# Don't forget to adapt MAIL_USER and MAIL_PASS to your needs
mkdir -p config
docker run --rm \
-e MAIL_USER=username@domain.tld \
-e MAIL_PASS=mypassword \
-ti tvial/docker-mailserver:v2 \
/bin/sh -c 'echo "$MAIL_USER|$(doveadm pw -s CRAM-MD5 -u $MAIL_USER -p $MAIL_PASS)"' >> config/postfix-accounts.cf
# start the container
docker-compose up -d mail
You're done!
## Managing users and aliases
### Users
As you've seen above, users are managed in `config/postfix-accounts.cf`.
Just add the full email address and its encrypted password separated by a pipe.
Example:
user1@domain.tld|{CRAM-MD5}mypassword-cram-md5-encrypted
user2@otherdomain.tld|{CRAM-MD5}myotherpassword-cram-md5-encrypted
To generate the password you could run for example the following:
docker run --rm -ti tvial/docker-mailserver:v2 doveadm pw -s CRAM-MD5 -u user1@domain.tld
You will be asked for a password. Just copy all the output string in the file `config/postfix-accounts.cf`.
The `doveadm pw` command let you choose between several encryption schemes for the password.
Use doveadm pw -l to get a list of the currently supported encryption schemes.
### Aliases
Please first read [Postfix documentation on virtual aliases](http://www.postfix.org/VIRTUAL_README.html#virtual_alias).
Aliases are managed in `config/postfix-virtual.cf`.
An alias is a full email address that will be:
* delivered to an existing account in `config/postfix-accounts.cf`
* redirected to one or more other email adresses
Alias and target are space separated.
Example:
# Alias to existing account
alias1@domain.tld user1@domain.tld
# Forward to external email address
alias2@domain.tld external@gmail.com
## Environment variables
* DMS_SSL
* *empty* (default) => SSL disabled
* letsencrypt => Enables Let's Encrypt certificates
* self-signed => Enables self-signed certificates
* ENABLE_POP3
* *empty* (default) => POP3 service disabled
* 1 => Enables POP3 service
* SMTP_ONLY
* *empty* (default) => courier daemons might start
* *1 => do not launch any courier daemons (imap, pop3)
* SA_TAG
* *2.0* (default) => add spam info headers if at, or above that level
* SA_TAG2
* *6.31* (default) => add 'spam detected' headers at that level
* SA_KILL
* *6.31* (default) => triggers spam evasive actions
* SASL_PASSWD
* *empty* (default) => No sasl_passwd will be created
* *string* => A /etc/postfix/sasl_passwd will be created with that content and postmap will be run on it
* ENABLE_FAIL2BAN
* *empty* (default) => fail2ban service disabled
* 1 => Enables fail2ban service
Please check [how the container starts](https://github.com/tomav/docker-mailserver/blob/v2/start-mailserver.sh) to understand what's expected.
## OpenDKIM
You have prepared your mail accounts? Now you can generate DKIM keys using the following command:
docker run --rm \
-v "$(pwd)/config":/tmp/docker-mailserver \
-ti tvial/docker-mailserver:v2 generate-dkim-config
Now the keys are generated, you can configure your DNS server by just pasting the content of `config/opedkim/keys/domain.tld/mail.txt` in your `domain.tld.hosts` zone.
## SSL
Please read [the SSL page in the wiki](https://github.com/tomav/docker-mailserver/wiki/SSL) for more information.
## Todo
Things to do or to improve are stored on [Github](https://github.com/tomav/docker-mailserver/issues).
Feel free to improve this docker image.
## Contribute
- Fork
- Improve
- Add integration tests in `test/tests.bats`
- Build image and run tests using `make`
- Document your improvements
- Commit, push and make a pull-request