Go to file
Jack Twilley cd7bc5f6bc Minor tweaks to letsencrypt configuration. (#288)
The letsencrypt-auto client creates cert.pem, chain.pem, fullchain.pem, and
privkey.pem in its default settings.  The simp_le client creates cert.pem,
fullchain.pem, and key.pem in its default settings.

A check for either privkey.pem or key.pem was added.

The chain.pem file was only used by the letsencrypt code for the creation of
combined.pem, which is not used by either postfix or dovecot.

The code to create a combined.pem file for letsencrypt was removed, as was the
corresponding test.
2016-08-29 13:46:16 +02:00
config Implement fetchmail (#260) (#271) 2016-08-21 22:13:13 +02:00
target Minor tweaks to letsencrypt configuration. (#288) 2016-08-29 13:46:16 +02:00
test Minor tweaks to letsencrypt configuration. (#288) 2016-08-29 13:46:16 +02:00
.gitignore Handle missing files more gracefully. (#265) 2016-08-24 10:06:59 +02:00
.travis.yml Added new line when needed and fixed a test 2015-10-18 21:30:53 +02:00
CHANGELOG.md Add changelog 2016-07-03 14:27:03 +02:00
docker-compose.yml.dist Update docker-compose.yml.dist 2016-05-08 19:01:42 +02:00
Dockerfile Implement ./setup.sh email list (#287) 2016-08-29 13:44:36 +02:00
LICENSE Renamed 2016-04-12 09:43:13 +02:00
Makefile Implement fetchmail (#260) (#271) 2016-08-21 22:13:13 +02:00
README.md Add notice to docker-compose version in README (#268 #276) (#277) 2016-08-23 11:51:05 +02:00
setup.sh Implement ./setup.sh email list (#287) 2016-08-29 13:44:36 +02:00

docker-mailserver

Build Status Docker Pulls Github Stars Github Stars Github Forks

A fullstack but simple mail server (smtp, imap, antispam, antivirus...). Only configuration files, no SQL database. Keep it simple and versioned. Easy to deploy and upgrade.

Includes:

Why I created this image: Simple mail server with Docker

Before you open an issue, please have a look this README, the Wiki and Postfix/Dovecot documentation.

Usage

Get latest image

docker pull tvial/docker-mailserver:latest

Create a docker-compose.yml

Adapt this file with your FQDN. Install docker-compose in the version 1.6 or higher.

version: '2'

services:
  mail:
    image: tvial/docker-mailserver:latest
    # build: .
    hostname: mail
    domainname: domain.com
    container_name: mail
    ports:
    - "25:25"
    - "143:143"
    - "587:587"
    - "993:993"
    volumes:
    - maildata:/var/mail
    - ./config/:/tmp/docker-mailserver/

volumes:
  maildata:
    driver: local

Create your mail accounts

Don't forget to adapt MAIL_USER and MAIL_PASS to your needs

mkdir -p config
touch config/postfix-accounts.cf
docker run --rm \
  -e MAIL_USER=user1@domain.tld \
  -e MAIL_PASS=mypassword \
  -ti tvial/docker-mailserver:latest \
  /bin/sh -c 'echo "$MAIL_USER|$(doveadm pw -s SHA512-CRYPT -u $MAIL_USER -p $MAIL_PASS)"' >> config/postfix-accounts.cf

Generate DKIM keys

docker run --rm \
  -v "$(pwd)/config":/tmp/docker-mailserver \
  -ti tvial/docker-mailserver:latest generate-dkim-config

Now the keys are generated, you can configure your DNS server by just pasting the content of config/opendkim/keys/domain.tld/mail.txt in your domain.tld.hosts zone.

Start the container

docker-compose up -d mail

You're done!

Environment variables

Please check how the container starts to understand what's expected.

Value in bold is the default value.

ENABLE_POP3
  • empty => POP3 service disabled
  • 1 => Enables POP3 service
ENABLE_FAIL2BAN
  • empty => fail2ban service disabled
  • 1 => Enables fail2ban service

If you enable Fail2Ban, don't forget to add the following lines to your docker-compose.yml:

cap_add:
  - NET_ADMIN

Otherwise, iptables won't be able to ban IPs.

ENABLE_MANAGESIEVE
  • empty => Managesieve service disabled
  • 1 => Enables Managesieve on port 4190
ENABLE_FETCHMAIL
  • empty => fetchmail disabled
  • 1 => fetchmail enabled
SA_TAG
  • 2.0 => add spam info headers if at, or above that level
SA_TAG2
  • 6.31 => add 'spam detected' headers at that level
SA_KILL
  • 6.31 => triggers spam evasive actions
SASL_PASSWD
  • empty => No sasl_passwd will be created
  • string => /etc/postfix/sasl_passwd will be created with the string as password
SMTP_ONLY
  • empty => all daemons start
  • 1 => only launch postfix smtp
SSL_TYPE
  • empty => SSL disabled
  • letsencrypt => Enables Let's Encrypt certificates
  • custom => Enables custom certificates
  • self-signed => Enables self-signed certificates

Please read the SSL page in the wiki for more information.

PERMIT_DOCKER

Set different options for mynetworks option (can be overwrite in postfix-main.cf)

  • empty => localhost only
  • host => Add docker host (ipv4 only)
  • network => Add all docker containers (ipv4 only)