diff --git a/Dockerfile b/Dockerfile index 093269a..a058c3c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,12 @@ -FROM thallian/confd-env:latest +FROM docker.io/thallian/confd-env:3.16 RUN apk add --no-cache \ postfix \ postfix-pgsql \ openssl \ libstdc++ \ - libmilter + libmilter \ + icu-data-full RUN addgroup -g 2222 access RUN addgroup postfix access diff --git a/README.md b/README.md index 7ae5c91..57cc753 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,8 @@ create table if not exists virtual_domains ( create table if not exists virtual_users ( email text primary key, - domain_name text not null references virtual_domains(name) + domain_name text not null references virtual_domains(name), + wildcard_sender bool default false ); create table if not exists virtual_aliases ( @@ -17,9 +18,6 @@ create table if not exists virtual_aliases ( destination text not null ); -create table if not exists virtual_senders ( - email text not null references virtual_users(email) -); ``` # Volumes diff --git a/rootfs/etc/confd/templates/main.cf.tmpl b/rootfs/etc/confd/templates/main.cf.tmpl index 37aaeb6..85e9ff5 100644 --- a/rootfs/etc/confd/templates/main.cf.tmpl +++ b/rootfs/etc/confd/templates/main.cf.tmpl @@ -1,15 +1,13 @@ -compatibility_level = 2 +compatibility_level = 3.7 + +inet_protocols = all mail_owner = postfix myhostname = {{getenv "MYHOSTNAME"}} mydomain = {{getenv "MYDOMAIN"}} myorigin = $mydomain -mydestination = $myhostname, localhost - -proxy_interfaces = {{getenv "EXTERNAL_IP"}} unknown_local_recipient_reject_code = 550 -mynetworks_style = host relay_domains = $mydestination recipient_delimiter = + @@ -22,8 +20,8 @@ virtual_mailbox_domains = pgsql:/etc/postfix/pgsql-virtual-mailbox-domains.cf virtual_alias_maps = pgsql:/etc/postfix/pgsql-virtual-alias-maps.cf virtual_transport = lmtp:inet:{{getenv "LMTP_HOST"}}:{{getenv "LMTP_PORT"}} -smtpd_tls_key_file=/etc/ssl/mail/tls.key -smtpd_tls_cert_file=/etc/ssl/mail/tls.crt +smtpd_tls_key_file=/etc/ssl/mail/key.pem +smtpd_tls_cert_file=/etc/ssl/mail/cert.pem smtp_tls_security_level = {{getenv "TLS_SECURITY_LEVEL" "may"}} smtp_tls_auth_only = yes @@ -59,18 +57,19 @@ smtpd_sasl_auth_enable = yes smtpd_tls_auth_only = yes smtpd_sasl_tls_security_options = noanonymous -smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination -smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination, reject_unverified_recipient +smtpd_relay_restrictions = + permit_mynetworks + permit_sasl_authenticated + defer_unauth_destination + reject_sender_login_mismatch smtpd_sender_restrictions = reject_sender_login_mismatch smtpd_sender_login_maps = pgsql:/etc/postfix/pgsql-login-maps.cf smtpd_milters={{getenv "RSPAMD_ADDRESS" "inet:127.0.0.1:11332"}} non_smtpd_milters=$smtpd_milters -milter_mail_macros="i {mail_addr} {client_addr} {client_name} {auth_authen}" milter_default_action = accept milter_macro_daemon_name = ORIGINATING -milter_connect_macros = "i j {daemon_name} v {if_name} _" message_size_limit = {{getenv "MESSAGE_SIZELIMIT" "20000000"}} diff --git a/rootfs/etc/confd/templates/pgsql-login-maps.cf.tmpl b/rootfs/etc/confd/templates/pgsql-login-maps.cf.tmpl index 98f90dd..29ce91c 100644 --- a/rootfs/etc/confd/templates/pgsql-login-maps.cf.tmpl +++ b/rootfs/etc/confd/templates/pgsql-login-maps.cf.tmpl @@ -2,4 +2,4 @@ hosts = {{ getenv "DB_HOST" }} user = {{ getenv "DB_USER" "email" }} password = {{ getenv "DB_PASSWORD" }} dbname = {{ getenv "DB_NAME" "email" }} -query = SELECT email FROM virtual_users WHERE email='%s' UNION SELECT destination FROM virtual_aliases WHERE email='%s' +query = SELECT email FROM virtual_users WHERE email='%u' UNION SELECT destination FROM virtual_aliases WHERE source='%u' UNION SELECT email FROM virtual_users WHERE wildcard_sender = true AND domain_name = '%d' diff --git a/rootfs/etc/confd/templates/pgsql-virtual-alias-maps.cf.tmpl b/rootfs/etc/confd/templates/pgsql-virtual-alias-maps.cf.tmpl index 302129d..d7e5ef4 100644 --- a/rootfs/etc/confd/templates/pgsql-virtual-alias-maps.cf.tmpl +++ b/rootfs/etc/confd/templates/pgsql-virtual-alias-maps.cf.tmpl @@ -2,4 +2,4 @@ hosts = {{ getenv "DB_HOST" }} user = {{ getenv "DB_USER" "email" }} password = {{ getenv "DB_PASSWORD" }} dbname = {{ getenv "DB_NAME" "email" }} -query = SELECT destination FROM virtual_aliases WHERE email='%s' +query = SELECT destination FROM virtual_aliases WHERE source='%u' diff --git a/rootfs/etc/confd/templates/pgsql-virtual-mailbox-domains.cf.tmpl b/rootfs/etc/confd/templates/pgsql-virtual-mailbox-domains.cf.tmpl index 6fd5b58..89292e5 100644 --- a/rootfs/etc/confd/templates/pgsql-virtual-mailbox-domains.cf.tmpl +++ b/rootfs/etc/confd/templates/pgsql-virtual-mailbox-domains.cf.tmpl @@ -2,4 +2,4 @@ hosts = {{ getenv "DB_HOST" }} user = {{ getenv "DB_USER" "email" }} password = {{ getenv "DB_PASSWORD" }} dbname = {{ getenv "DB_NAME" "email" }} -query = SELECT name FROM virtual_domains WHERE name='%s' +query = SELECT name FROM virtual_domains WHERE name='%u' diff --git a/rootfs/etc/confd/templates/pgsql-virtual-mailbox-maps.cf.tmpl b/rootfs/etc/confd/templates/pgsql-virtual-mailbox-maps.cf.tmpl index 971fa97..addd0fb 100644 --- a/rootfs/etc/confd/templates/pgsql-virtual-mailbox-maps.cf.tmpl +++ b/rootfs/etc/confd/templates/pgsql-virtual-mailbox-maps.cf.tmpl @@ -2,4 +2,4 @@ hosts = {{ getenv "DB_HOST" }} user = {{ getenv "DB_USER" "email" }} password = {{ getenv "DB_PASSWORD" }} dbname = {{ getenv "DB_NAME" "email" }} -query = SELECT email FROM virtual_users WHERE email ='%s' +query = SELECT email FROM virtual_users WHERE email ='%u'