docker-mailserver/README.md
2015-10-22 16:38:27 +02:00

4.1 KiB

docker-mailserver

Build Status

A fullstack but simple mail server (smtp, imap, antispam, antivirus...).
Only configuration files, no SQL database. Keep it simple and versioned.
Easy to deploy and upgrade.

Includes:

  • postfix with smtp auth
  • courier-imap with ssl support
  • amavis
  • spamassasin
  • clamav with automatic updates

Why I created this image: Simple mail server with Docker

informations:

  • only config files, no *sql database required
  • mails are stored in /var/mail/${domain}/${username}
  • you should use a data volume container for /var/mail for data persistence
  • email login are full email address (username1@my-domain.com)
  • user accounts are managed in ./postfix/accounts.cf
  • aliases and fowards/redirects are managed in ./postfix/virtual
  • antispam rules are managed in ./spamassassin/rules.cf
  • files must be mounted to /tmp in your container (see docker-compose.yml template)
  • ssl is strongly recommended, you can provide a self-signed certificate, see below
  • includes integration tests
  • builds automated on docker hub

installation

docker pull tvial/docker-mailserver

build

docker build -t tvial/docker-mailserver .

run

docker run --name mail -v "$(pwd)/postfix":/tmp/postfix -v "$(pwd)/spamassassin":/tmp/spamassassin -p "25:25" -p "143:143" -p "587:587" -p "993:993" -h mail.my-domain.com -t tvial/docker-mailserver
mail:
  # image: tvial/docker-mailserver
  build: .
  hostname: mail
  domainname: my-domain.com
  ports:
  - "25:25"
  - "143:143"
  - "587:587"
  - "993:993"
  volumes:
  - ./spamassassin:/tmp/spamassassin/
  - ./postfix:/tmp/postfix/

Volumes allow to:

  • Insert custom antispam rules
  • Manage mail users, passwords and aliases
  • Manage SSL certificates

usage

docker-compose up -d mail

configure ssl

generate self-signed ssl certificate

You can easily generate a self-signed SSL certificate by using the following command:

docker run -ti --rm -v "$(pwd)"/postfix/ssl:/ssl -h mail.my-domain.com -t tvial/docker-mailserver generate-ssl-certificate

# Press enter
# Enter a password when needed
# Fill information like Country, Organisation name
# Fill "my-domain.com" as FQDN for CA, and "mail.my-domain.com" for the certificate.
# They HAVE to be different, otherwise you'll get a `TXT_DB error number 2`
# Don't fill extras
# Enter same password when needed
# Sign the certificate? [y/n]:y
# 1 out of 1 certificate requests certified, commit? [y/n]y

# will generate:
# postfix/ssl/mail.my-domain.com-key.pem (used in postfix)
# postfix/ssl/mail.my-domain.com-req.pem (only used to generate other files)
# postfix/ssl/mail.my-domain.com-cert.pem (used in postfix)
# postfix/ssl/mail.my-domain.com-combined.pem (used in courier)
# postfix/ssl/demoCA/cacert.pem (certificate authority)

Note that the certificate will be generate for the container fqdn, that is passed as -h argument.

configure ssl certificate (convention over configuration)

If a matching certificate (files listed above) is found in postfix/ssl, it will be automatically setup in postfix and courier-imap-ssl. You just have to place them in postfix/ssl folder.

client configuration

# imap
username:  				<username1@my-domain.com>
password:  				<username1password>
server:    				<your-server-ip-or-hostname>
imap port: 				143 or 993 with ssl (recommended)
imap path prefix:		INBOX
auth method:			md5 challenge-response

# smtp
smtp port:				25 or 587 with ssl (recommended)
username:  				<username1@my-domain.com>
password:  				<username1password>
auth method:			md5 challenge-response

todo

Things to do or to improve are stored on Github, some open by myself. Feel free to improve this docker image.

wanna help?

Fork, improve, add tests and PR. ;-)