Skip to content
Snippets Groups Projects
Commit 03e6e982 authored by Pierre Ozoux's avatar Pierre Ozoux
Browse files

Upgrades postfix

parent d89e0ac8
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 114 additions and 42 deletions
dockerfiles/email/postfix/Dockerfile
+ 58
16
View file @ 03e6e982
FROM debian:jessie
FROM pierreozoux/base-email
# Borrows from https://registry.hub.docker.com/u/previousnext/postfix
# Borrows from https://registry.hub.docker.com/u/catatnight/postfix
RUN apt-get update && \
apt-get install -q -y \
postfix \
postfix-pcre \
postfix-mysql \
supervisor \
ca-certificates && \
rm -rf /var/lib/apt/lists/*
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update \
&& echo "postfix postfix/main_mailer_type string 'Internet site'" | debconf-set-selections \
&& echo "postfix postfix/mailname string 'HOSTNAME.EXAMPLE.COM'" | debconf-set-selections \
&& echo "postfix postfix/root_address string 'ROOTMAIL@EXAMPLE.COM'" | debconf-set-selections \
&& apt-get install -q -y \
postfix \
supervisor \
&& rm -rf /var/lib/apt/lists/*
COPY install.sh /install.sh
COPY postfix_outgoing_mail_header_filters /etc/postfix/outgoing_mail_header_filters
COPY virtual-mailbox-domains.cf /etc/postfix/virtual-mailbox-domains.cf
COPY virtual-mailbox-maps.cf /etc/postfix/virtual-mailbox-maps.cf
COPY virtual-alias-maps.cf /etc/postfix/virtual-alias-maps.cf
COPY install.sh install.sh
RUN \
chmod u+x /install.sh && \
/opt/editconf.py /etc/postfix/main.cf \
inet_interfaces=all \
myhostname=##HOSTNAME##\
smtpd_banner="\$myhostname ESMTP Hi, I'm a hosted by an IndieHoster (Debian/Postfix; see https://indiehosters.net/)" \
mydestination=localhost && \
/opt/editconf.py /etc/postfix/master.cf -s -w \
"submission=inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_ciphers=high -o smtpd_tls_protocols=!SSLv2,!SSLv3 -o cleanup_service_name=authclean" && \
/opt/editconf.py /etc/postfix/master.cf -s -w \
"authclean=unix n - - - 0 cleanup -o header_checks=pcre:/etc/postfix/outgoing_mail_header_filters" && \
/opt/editconf.py /etc/postfix/main.cf \
smtpd_tls_security_level=may\
smtpd_tls_auth_only=yes \
smtpd_tls_cert_file=/ssl/ssl_certificate.pem \
smtpd_tls_key_file=/ssl/ssl_private_key.pem \
smtpd_tls_dh1024_param_file=/ssl/dh2048.pem \
smtpd_tls_received_header=yes && \
/opt/editconf.py /etc/postfix/main.cf \
smtpd_relay_restrictions=permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination && \
/opt/editconf.py /etc/postfix/main.cf \
smtp_tls_CAfile=/etc/ssl/certs/ca-certificates.crt \
smtp_tls_loglevel=2 && \
/opt/editconf.py /etc/postfix/main.cf virtual_transport=lmtp:[127.0.0.1]:10025 && \
/opt/editconf.py /etc/postfix/main.cf virtual_transport=lmtp:unix:dovecot/lmtp && \
/opt/editconf.py /etc/postfix/main.cf \
smtpd_sender_restrictions="reject_non_fqdn_sender,reject_unknown_sender_domain,reject_rhsbl_sender dbl.spamhaus.org" \
smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,"reject_rbl_client zen.spamhaus.org",reject_unlisted_recipient && \
/opt/editconf.py /etc/postfix/main.cf \
message_size_limit=134217728 && \
/opt/editconf.py /etc/postfix/main.cf \
smtpd_sasl_type=dovecot \
smtpd_sasl_path=dovecot/auth \
smtpd_sasl_auth_enable=yes && \
/opt/editconf.py /etc/postfix/main.cf \
virtual_mailbox_domains=mysql:/etc/postfix/virtual-mailbox-domains.cf \
virtual_mailbox_maps=mysql:/etc/postfix/virtual-mailbox-maps.cf \
virtual_alias_maps=mysql:/etc/postfix/virtual-alias-maps.cf \
local_recipient_maps=\$virtual_mailbox_maps && \
/opt/editconf.py /etc/postfix/main.cf \
mynetworks="127.0.0.0/8 172.17.42.0/24"
RUN chmod 755 /install.sh
#RUN /opt/editconf.py /etc/postfix/main.cf \
#smtp_tls_security_level=dane \
#smtp_dns_support_level=dnssec
VOLUME ["/var/spool/postfix/"]
EXPOSE 25
CMD /install.sh;/usr/bin/supervisord -c /etc/supervisor/supervisord.conf
dockerfiles/email/postfix/install.sh 100755 → 100644
+ 18
24
View file @ 03e6e982
#!/bin/bash
#!/bin/bash -eux
#judgement
if [[ -a /etc/supervisor/conf.d/supervisord.conf ]]; then
exit 0
fi
export DB_PORT=3306
export DB_HOST=db
export DB_USER=admin
echo $HOSTNAME
sed -i "s/##DB_USER##/$DB_USER/" /etc/postfix/virtual-mailbox-domains.cf
sed -i "s/##DB_PASS##/$DB_PASS/" /etc/postfix/virtual-mailbox-domains.cf
sed -i "s/##DB_USER##/$DB_USER/" /etc/postfix/virtual-mailbox-maps.cf
sed -i "s/##DB_PASS##/$DB_PASS/" /etc/postfix/virtual-mailbox-maps.cf
sed -i "s/##DB_USER##/$DB_USER/" /etc/postfix/virtual-alias-maps.cf
sed -i "s/##DB_PASS##/$DB_PASS/" /etc/postfix/virtual-alias-maps.cf
sed -i "s/##HOSTNAME##/$HOSTNAME/" /etc/postfix/virtual-alias-maps.cf
sed -i "s/##HOSTNAME##/$HOSTNAME/" /etc/postfix/main.cf
/opt/mysql-check.sh
chown -R postfix:postfix /var/spool/postfix/dovecot
#supervisor
cat > /etc/supervisor/conf.d/supervisord.conf <<EOF
......@@ -18,22 +31,3 @@ autorestart = false
EOF
# put the same FQDN in /data/hostname and in reverse DNS
# for the public IP address on which this server will be
# receiving smtp traffic.
cp /data/hostname /etc/mailname
/usr/sbin/postconf -e "myhostname=`cat /data/hostname`"
# put all relevant domains in /data/destinations.
/usr/sbin/postconf -e "virtual_alias_domains=`cat /data/destinations`"
# put your forwarding addresses in /data/forwards.
cp /data/forwards /etc/postfix/virtual
/usr/sbin/postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
# accept mails from docker networked machines:
/usr/sbin/postconf -e "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.17.42.0/24"
# configure virtual
postmap /etc/postfix/virtual
dockerfiles/email/postfix/postfix_outgoing_mail_header_filters 0 → 100644
+ 11
0
View file @ 03e6e982
# Remove the first line of the Received: header. Note that we cannot fully remove the Received: header
# because OpenDKIM requires that a header be present when signing outbound mail. The first line is
# where the user's home IP address would be.
/^\s*Received:[^\n]*(.*)/ REPLACE Received: from authenticated-user (unknown [127.0.0.1])$1
# Remove other typically private information.
/^\s*User-Agent:/ IGNORE
/^\s*X-Enigmail:/ IGNORE
/^\s*X-Mailer:/ IGNORE
/^\s*X-Originating-IP:/ IGNORE
dockerfiles/email/postfix/virtual-alias-maps.cf 0 → 100644
+ 6
0
View file @ 03e6e982
user = ##DB_USER##
password = ##DB_PASS##
hosts = db
dbname = servermail
query = SELECT destination FROM virtual_aliases WHERE source='%s'
dockerfiles/email/postfix/virtual-mailbox-domains.cf 0 → 100644
+ 6
0
View file @ 03e6e982
user = ##DB_USER##
password = ##DB_PASS##
hosts = db
dbname = servermail
query = SELECT 1 FROM virtual_domains WHERE name='%s'
dockerfiles/email/postfix/virtual-mailbox-maps.cf 0 → 100644
+ 6
0
View file @ 03e6e982
user = ##DB_USER##
password = ##DB_PASS##
hosts = db
dbname = servermail
query = SELECT 1 FROM virtual_users WHERE email='%s'
unit-files/postfix.service
+ 9
2
View file @ 03e6e982
......@@ -3,10 +3,12 @@ Description=%p
# Requirements
Requires=docker.service
Requires=dovecot.service
# Dependency ordering
After=docker.service
After=rsyslog.service
After=dovecot.service
[Service]
Restart=always
......@@ -17,10 +19,15 @@ ExecStartPre=-/usr/bin/docker rm %p
ExecStart=/usr/bin/docker run \
--rm \
--name %p \
--env-file=/data/domains/mail/.env \
-v /data/runtime/dev/log:/dev/log \
-v /data/runtime/postfix/:/data \
-v /data/runtime/postfix-spool/:/var/spool/postfix \
-v /data/runtime/postfix:/data \
-v /data/runtime/mail:/var/mail \
-v /data/domains/mail/TLS:/ssl \
--volumes-from=dovecot \
-p 25:25 \
-p 587:587 \
-link=mysql-mail:db \
pierreozoux/postfix
ExecReload=/usr/bin/docker restart %p
ExecStop=/usr/bin/docker stop %p
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment