rootfs | ||
.editorconfig | ||
.gitignore | ||
.gitlab-ci.yml | ||
Dockerfile | ||
README.md |
Dovecot with imap, starttls, ldap authentication, sieve rules in ldap.
Uses SSMTP to send mails (for example if you have a redirect sieve rule).
Volumes
/var/lib/vmail/mail
/etc/ssl/mail:ro
: certificates have to be here.
Environment Variables
HOSTNAME
Fully qualified name of the mail host.
SSMTP_MAIL_RELAY
Hostname and port for the used smtp relay (for example mail.example.com:587
).
SSMTP_USER
User to authenticate agains the smtp relay.
SSMTP_PASSWORD
Password to authenticate agains the smtp relay.
SSMTP_AUTH_METHOD
- default: LOGIN
Which authentication mechanism to use for the smtp relay.
SSMTP_USE_STARTTLS
- default: yes
Whether to use starttls for the smtp relay.
LDAP_URI
Complete uri for the authentication ldap host.
LDAP_SIEVE_HOST
Has to be the same as LDAP_URI
but in a different format (like ldap:389
).
LDAP_BIND_DN
DN used to authenticate against ldap.
LDAP_BIND_PASSWORD
Password used to authenticate against ldap.
LDAP_BASE_DN
Base DN to look for users on the ldap host.
LDAP_SCOPE
- default: subtree
Search scope of ldap queries.
LDAP_PASS_FILTER
Specifies the filter on how user is found on the ldap host. Dovecot variables can be used.
LDAP_USER_ATTRIBUTE
- default: cn
The ldap attribute which stands for the username.
LDAP_PASSWORD_ATTRIBUTE
- default: userPassword
The ldap attribute which stands for the password.
LDAP_SIEVE_ATTRIBUTE
- default: sieve
The ldap attribute which contains the sieve rules.
LDAP_USE_TLS
- default: yes
Whether to use tls when connecting to the ldap host.
LDAP_DEFAULT_PASSSCHEME
- default: SSHA
Default password scheme used on the ldap host.
ALLOWED_USERNAME_CHARS
- default: äöüabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
List of characters allowed in a username.
AUTH_MECHANISMS
- default: plain login
Space seperated list of supported authentication mechanisms.
CERT_DOMAIN
Name of the certificate domain.
SSL_DH_LENGTH
- default: 2048
Length of the Diffie-Helman key in bits.
SSL_PROTOCOLS
- default: !SSLv2 !SSLv3
Space seperated list of allowed ssl protocols (!
disables a protocol).
SSL_CIPHERLIST
- default: ALL:!ADH:!LOW:!SSLv2:!EXP:!aNULL:!RC4:+HIGH:+MEDIUM
Colon seperated list of supported ciphers (!
disables a cipher).
IMAP_MAX_USER_CONNECTIONS
- default: 10
Maximum number of connections from the same user + ip.
Ports
- 143
Capabilities
- CHOWN
- DAC_OVERRIDE
- FOWNER
- NET_BIND_SERVICE
- SETGID
- SETUID
- SYS_CHROOT