docker-mailserver/README.md
André Stein 2f9f6b1002 Implement basic sieve support using Dovecot.
The dovecot-sieve plugin is installed and configured to apply sieve
as soon as a .dovecot.sieve file is encountered in the virtual user's
home directory (that is /var/mail/${domain}/${username}/.dovecot.sieve).

Transport has been changed in the postfix configuration to use
Dovecot LDA (see http://wiki.dovecot.org/LDA/Postfix) to actually
enable sieve filtering.

Tests have been added.
2016-04-28 08:57:50 +02:00

3.8 KiB

docker-mailserver Build Status

#
# CURRENTLY IN RELEASE CANDIDATE
#

A fullstack but simple mail server (smtp, imap, antispam, antivirus...). Only configuration files, no SQL database. Keep it simple and versioned. Easy to deploy and upgrade.

Includes:

  • postfix with smtp auth
  • dovecot for sasl, imap (and optional pop3) with ssl support
  • amavis
  • spamassasin supporting custom rules
  • clamav with automatic updates
  • opendkim
  • opendmarc
  • fail2ban
  • basic sieve support using dovecot
  • LetsEncrypt and self-signed certificates
  • integration tests
  • automated builds on docker hub

Why I created this image: Simple mail server with Docker

Before you open an issue, please have a look this README, the Wiki and Postfix/Dovecot documentation.

Usage

Get v2 image

docker pull tvial/docker-mailserver:v2

Create a docker-compose.yml

Adapt this file with your FQDN.

version: '2'

services:
  mail:
    image: tvial/docker-mailserver:v2
    # build: .
    hostname: mail
    domainname: domain.com
    container_name: mail
    volumes:
    - maildata:/var/mail
    ports:
    - "25:25"
    - "143:143"
    - "587:587"
    - "993:993"
    volumes:
    - ./config/:/tmp/docker-mailserver/
    - ./opendkim/:/tmp/docker-mailserver/opendkim/

volumes:
  maildata:
    driver: local

Create your mail accounts

Don't forget to adapt MAIL_USER and MAIL_PASS to your needs

mkdir -p config
docker run --rm \
  -e MAIL_USER=user1@domain.tld \
  -e MAIL_PASS=mypassword \
  -ti tvial/docker-mailserver:v2 \
  /bin/sh -c 'echo "$MAIL_USER|$(doveadm pw -s CRAM-MD5 -u $MAIL_USER -p $MAIL_PASS)"' >> config/postfix-accounts.cf

Generate DKIM keys

docker run --rm \
  -v "$(pwd)/config":/tmp/docker-mailserver \
  -ti tvial/docker-mailserver:v2 generate-dkim-config

Now the keys are generated, you can configure your DNS server by just pasting the content of config/opedkim/keys/domain.tld/mail.txt in your domain.tld.hosts zone.

Start the container

docker-compose up -d mail

You're done!

Environment variables

Please check how the container starts to understand what's expected.

Value in bold is the default value.

ENABLE_POP3
  • empty => POP3 service disabled
  • 1 => Enables POP3 service
ENABLE_FAIL2BAN
  • empty => fail2ban service disabled
  • 1 => Enables fail2ban service

If you enable Fail2Ban, don't forget to add the following lines to your docker-compose.yml:

cap_add:
  - NET_ADMIN

Otherwise, iptables won't be able to ban IPs.

SA_TAG
  • 2.0 => add spam info headers if at, or above that level
SA_TAG2
  • 6.31 => add 'spam detected' headers at that level
SA_KILL
  • 6.31 => triggers spam evasive actions
SASL_PASSWD
  • empty => No sasl_passwd will be created
  • string => /etc/postfix/sasl_passwd will be created with the string as password
SMTP_ONLY
  • empty => all daemons start
  • 1 => only launch postfix smtp
SSL_TYPE
  • empty => SSL disabled
  • letsencrypt => Enables Let's Encrypt certificates
  • custom => Enables custom certificates
  • self-signed => Enables self-signed certificates

Please read the SSL page in the wiki for more information.