rootfs/etc | ||
.editorconfig | ||
.gitignore | ||
.gitlab-ci.yml | ||
Dockerfile | ||
README.md |
Dovecot with imap, starttls, ldap authentication, sieve rules in ldap.
Uses SSMTP to send mails (for example if you have a redirect sieve rule).
Volumes
/var/lib/vmail/mail
/etc/ssl/mail:ro
: certificates have to be here.
Environment Variables
HOSTNAME
Fully qualified name of the mail host.
SSMTP_MAIL_RELAY
Hostname and port for the used smtp relay (for example mail.example.com:587
).
SSMTP_USER
User to authenticate agains the smtp relay.
SSMTP_PASSWORD
Password to authenticate agains the smtp relay.
SSMTP_AUTH_METHOD
- default: LOGIN
Which authentication mechanism to use for the smtp relay.
SSMTP_USE_STARTTLS
- default: yes
Whether to use starttls for the smtp relay.
LDAP_HOST
Ldap hostname (can include the port).
LDAP_SIEVE_HOST
Has to be the same as LDAP_URI
but in a different format (like ldap:389
).
LDAP_BIND_DN
DN used to authenticate against ldap.
LDAP_BIND_PASSWORD
Password used to authenticate against ldap.
LDAP_BASE_DN
Base DN to look for users on the ldap host.
LDAP_SCOPE
- default: subtree
Search scope of ldap queries.
LDAP_PASS_FILTER
Specifies the filter on how user is found on the ldap host. Dovecot variables can be used.
LDAP_USER_ATTRIBUTE
- default: cn
The ldap attribute which stands for the username.
LDAP_PASSWORD_ATTRIBUTE
- default: userPassword
The ldap attribute which stands for the password.
LDAP_SIEVE_ATTRIBUTE
- default: sieve
The ldap attribute which contains the sieve rules.
LDAP_USE_TLS
- default: yes
Whether to use tls when connecting to the ldap host.
LDAP_APP_PASSWORDS_BASE_DN
Base DN to look for app passwords for a user.
LDAP_APP_PASSWORDS_FILTER
Specifies the filter on what counts as an app password.
ALLOWED_USERNAME_CHARS
- default: äöüabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
List of characters allowed in a username.
AUTH_MECHANISMS
- default: plain
Space seperated list of supported authentication mechanisms.
CERT_DOMAIN
Name of the certificate domain.
SSL_DH_LENGTH
- default: 2048
Length of the Diffie-Helman key in bits.
SSL_MIN_PROTOCOL
- default: TLSv1.2
Ssl minimum protocol version.
SSL_CIPHERLIST
- default: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
Colon seperated list of supported ciphers (!
disables a cipher).
Go here for a list of ciphers.
IMAP_MAX_USER_CONNECTIONS
- default: 10
Maximum number of connections from the same user + ip.
Ports
- 143
Capabilities
- CHOWN
- DAC_OVERRIDE
- FOWNER
- NET_BIND_SERVICE
- SETGID
- SETUID
- SYS_CHROOT