Sebastian Hugentobler
f45cab5235
All checks were successful
Build Multiarch Container Image / call-reusable-workflow (push) Successful in 1m0s
124 lines
2.4 KiB
Markdown
124 lines
2.4 KiB
Markdown
[Dovecot](http://www.dovecot.org/) with imap, starttls, oauth2 proxy auth and
|
|
sieve rules.
|
|
|
|
Uses [SSMTP](https://packages.debian.org/stable/mail/ssmtp) to send mails (for
|
|
example if you have a redirect sieve rule).
|
|
|
|
Reuses the same database schema as the {postfix container](/container/postfix).
|
|
|
|
# Volumes
|
|
|
|
- `/var/lib/vmail/mail`
|
|
|
|
# Environment Variables
|
|
|
|
## HOSTNAME
|
|
|
|
Fully qualified name of the mail host.
|
|
|
|
## GRANT_URL
|
|
|
|
OAuth2 url for token grants (password grant type).
|
|
|
|
## INTROSPECTION_URL
|
|
|
|
OAuth2 url for token information. Must include client id and client secret in
|
|
basic auth format.
|
|
|
|
## TOKENINFO_URL
|
|
|
|
OAuth2 url for requestion information about a token. Must include client id and
|
|
client secret in basic auth format.
|
|
|
|
## DB_HOST
|
|
|
|
Postgre database host.
|
|
|
|
## DB_USER
|
|
|
|
User to connect to the database.
|
|
|
|
## DB_PW
|
|
|
|
Password to use for the database user.
|
|
|
|
## DB_NAME
|
|
|
|
- default: email
|
|
|
|
Name of the postgre database to connect to.
|
|
|
|
## SSMTP_MAIL_RELAY
|
|
|
|
Hostname and port for the used smtp relay (for example `mail.example.com:587`).
|
|
|
|
## SSMTP_USER
|
|
|
|
User to authenticate agains the smtp relay.
|
|
|
|
## SSMTP_PASSWORD
|
|
|
|
Password to authenticate agains the smtp relay.
|
|
|
|
## SSMTP_AUTH_METHOD
|
|
|
|
- default: LOGIN
|
|
|
|
Which authentication mechanism to use for the smtp relay.
|
|
|
|
## SSMTP_USE_STARTTLS
|
|
|
|
- default: yes
|
|
|
|
Whether to use starttls for the smtp relay.
|
|
|
|
## ALLOWED_USERNAME_CHARS
|
|
|
|
- default:
|
|
äöüabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
|
|
|
|
List of characters allowed in a username.
|
|
|
|
## AUTH_MECHANISMS
|
|
|
|
- default: plain
|
|
|
|
Space seperated list of supported
|
|
[authentication mechanisms](http://wiki2.dovecot.org/Authentication/Mechanisms).
|
|
|
|
## SSL_MIN_PROTOCOL
|
|
|
|
- default: TLSv1.2
|
|
|
|
Ssl minimum protocol version.
|
|
|
|
## SSL_CIPHERLIST
|
|
|
|
- default:
|
|
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
|
|
|
|
Colon seperated list of supported ciphers (`!`disables a cipher).
|
|
|
|
Go [here](https://www.openssl.org/docs/manmaster/man1/ciphers.html) for a list
|
|
of ciphers.
|
|
|
|
## IMAP_MAX_USER_CONNECTIONS
|
|
|
|
- default: 10
|
|
|
|
Maximum number of connections from the same user + ip.
|
|
|
|
# Ports
|
|
|
|
- 143
|
|
|
|
# Capabilities
|
|
|
|
- CHOWN
|
|
- DAC_OVERRIDE
|
|
- FOWNER
|
|
- NET_BIND_SERVICE
|
|
- SETGID
|
|
- SETUID
|
|
- SYS_CHROOT
|