ee0d0853dd
Courier and Cyrus Sasl have been removed and substituted with Dovecot which now handle authentication for Postfix, Imap and Pop3, with support for SSL. This allow the use of several encryption schemes for the password as well as a single user db. OpenDKIM keys can now be provided at the startup and will be used instead of generating new ones (so that you don't have to change your DNS configuration). This version builds correctly on Docker but no integration tests have been reworked to accommodate Dovecot instead of Courier and Cyrus Sasl. As such at present no automatic tests can be executed. |
||
---|---|---|
bin | ||
dovecot | ||
postfix | ||
spamassassin | ||
test | ||
.gitignore | ||
.travis.yml | ||
docker-compose.yml.dist | ||
Dockerfile | ||
LICENCE | ||
Makefile | ||
README.md | ||
start-mailserver.sh |
docker-mailserver
A fullstack but simple mail server (smtp, imap, antispam, antivirus...).
Only configuration files, no SQL database. Keep it simple and versioned.
Easy to deploy and upgrade.
Includes:
- postfix with smtp auth
- dovecot for sasl, imap (and optional pop3) with ssl support
- amavis
- spamassasin supporting custom rules
- clamav with automatic updates
- opendkim
- opendmarc
- fail2ban
- LetsEncrypt and self-signed certificates
- integration tests
- automated builds on docker hub
Why I created this image: Simple mail server with Docker
Before you open an issue, please have a look this README
, the FAQ and Postfix documentation.
Usage
# get latest image
docker pull tvial/docker-mailserver
# create a "docker-compose.yml" file containing:
mail:
image: tvial/docker-mailserver
hostname: mail
domainname: domain.com
# your FQDN will be 'mail.domain.com'
ports:
- "25:25"
- "143:143"
- "587:587"
- "993:993"
volumes:
- ./spamassassin:/tmp/spamassassin/
- ./postfix:/tmp/postfix/
# start the container
docker-compose up -d mail
Managing users and aliases
Users
Users are managed in postfix/accounts.cf
.
Just add the full email address and its encrypted password separated by a pipe.
Example:
user1@domain.tld|mypassword-encrypted
user2@otherdomain.tld|myotherpassword-encrypted
To generate the password you could run for example the following:
docker run --rm -ti tvial/docker-mailserver doveadm pw -s MD5-CRYPT -u user1@domain.tld
You will be asked for a password (and for a confirmation of the password). Just copy all the output string in the file postfix/accounts.cf
.
The `doveadm pw` command let you choose between several encryption schemes for the password.
Use doveadm pw -l to get a list of the currently supported encryption schemes.
Aliases
Please first read Postfix documentation on virtual aliases.
Aliases are managed in postfix/virtual
.
An alias is a full email address that will be:
- delivered to an existing account in
postfix/accounts.cf
- redirected to one or more other email adresses
Alias and target are space separated.
Example:
# Alias to existing account
alias1@domain.tld user1@domain.tld
# Forward to external email address
alias2@domain.tld external@gmail.com
Environment variables
- DMS_SSL
- empty (default) => SSL disabled
- letsencrypt => Enables Let's Encrypt certificates
- self-signed => Enables self-signed certificates
- ENABLE_POP3
- empty (default) => POP3 service disabled
- 1 => Enables POP3 service
- SMTP_ONLY
- empty (default) => courier daemons might start
- *1 => do not launch any courier daemons (imap, pop3)
- SA_TAG
- 2.0 (default) => add spam info headers if at, or above that level
- SA_TAG2
- 6.31 (default) => add 'spam detected' headers at that level
- SA_KILL
- 6.31 (default) => triggers spam evasive actions
- SASL_PASSWORD
- empty (default) => No sasl_passwd will be created
- string => A /etc/postfix/sasl_passwd will be created with that content and postmap will be run on it
- ENABLE_FAIL2BAN
- empty (default) => fail2ban service disabled
- 1 => Enables fail2ban service
Please read how the container starts to understand what's expected.
SSL
Please read the SSL page in the wiki for more information.
Todo
Things to do or to improve are stored on Github, some open by myself. Feel free to improve this docker image.
Contribute
- Fork
- Improve
- Add integration tests in
test/tests.bats
- Build image and run tests using
make
- Document your improvements
- Commit, push and make a pull-request