dovecot/README.md
Sebastian Hugentobler f45cab5235
All checks were successful
Build Multiarch Container Image / call-reusable-workflow (push) Successful in 1m0s
use alpine packages, no longer need to compile ourselves
2024-04-26 14:55:30 +02:00

2.4 KiB

Dovecot with imap, starttls, oauth2 proxy auth and sieve rules.

Uses SSMTP to send mails (for example if you have a redirect sieve rule).

Reuses the same database schema as the {postfix container](/container/postfix).

Volumes

  • /var/lib/vmail/mail

Environment Variables

HOSTNAME

Fully qualified name of the mail host.

GRANT_URL

OAuth2 url for token grants (password grant type).

INTROSPECTION_URL

OAuth2 url for token information. Must include client id and client secret in basic auth format.

TOKENINFO_URL

OAuth2 url for requestion information about a token. Must include client id and client secret in basic auth format.

DB_HOST

Postgre database host.

DB_USER

User to connect to the database.

DB_PW

Password to use for the database user.

DB_NAME

  • default: email

Name of the postgre database to connect to.

SSMTP_MAIL_RELAY

Hostname and port for the used smtp relay (for example mail.example.com:587).

SSMTP_USER

User to authenticate agains the smtp relay.

SSMTP_PASSWORD

Password to authenticate agains the smtp relay.

SSMTP_AUTH_METHOD

  • default: LOGIN

Which authentication mechanism to use for the smtp relay.

SSMTP_USE_STARTTLS

  • default: yes

Whether to use starttls for the smtp relay.

ALLOWED_USERNAME_CHARS

  • default: äöüabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@

List of characters allowed in a username.

AUTH_MECHANISMS

  • default: plain

Space seperated list of supported authentication mechanisms.

SSL_MIN_PROTOCOL

  • default: TLSv1.2

Ssl minimum protocol version.

SSL_CIPHERLIST

  • default: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256

Colon seperated list of supported ciphers (!disables a cipher).

Go here for a list of ciphers.

IMAP_MAX_USER_CONNECTIONS

  • default: 10

Maximum number of connections from the same user + ip.

Ports

  • 143

Capabilities

  • CHOWN
  • DAC_OVERRIDE
  • FOWNER
  • NET_BIND_SERVICE
  • SETGID
  • SETUID
  • SYS_CHROOT