diff --git a/README.md b/README.md index fcce5b2..36ced63 100644 --- a/README.md +++ b/README.md @@ -1,96 +1,96 @@ [Postfix](http://www.postfix.org/) with ldap authentication and [spamassassin](http://spamassassin.apache.org/) + [OpenDKIM](http://www.opendkim.org/) in ldap. -## Volumes +# Volumes - `/etc/ssl/mail:ro`: certificates have to be here. -## Environment Variables -### MYHOSTNAME +# Environment Variables +## MYHOSTNAME Fully qualified hostname. -### MYDOMAIN +## MYDOMAIN The internet domain name of the mail system. -### SMTP_BANNER +## SMTP_BANNER Text prepended to `$myhostname ESMTP $mail_name` for the smtp banner. -### DOVECOT_HOST +## DOVECOT_HOST Hostname for the dovecot host. -### DOVECOT_AUTH_PORT +## DOVECOT_AUTH_PORT Port for the dovecot host. -### DKIM_HOST +## DKIM_HOST Hostname for the OpenDkim host. -### DKIM_PORT +## DKIM_PORT Port for the OpenDkim host. -### LMTP_HOST +## LMTP_HOST Hostname for the lmtp host (probably dovecot). -### LMTP_PORT +## LMTP_PORT Port for the lmtp host. -### LDAP_URI +## LDAP_URI Complete uri for the authentication ldap host. -### LDAP_BIND_DN +## LDAP_BIND_DN DN used to authenticate against ldap. -### LDAP_BIND_PASSWORD +## LDAP_BIND_PASSWORD Password used to authenticate against ldap. -### LDAP_ALIAS_QUERY_FILTER +## LDAP_ALIAS_QUERY_FILTER Ldap filter for mail aliases. -### LDAP_DOMAIN_QUERY_FILTER +## LDAP_DOMAIN_QUERY_FILTER Ldap filter for domains. -### LDAP_MAILBOX_QUERY_FILTER +## LDAP_MAILBOX_QUERY_FILTER Ldap filter for mailboxes. -### LDAP_MAILBOX_SEARCH_BASE +## LDAP_MAILBOX_SEARCH_BASE Base DN to look for mailboxes on the ldap host. -### LDAP_DOMAIN_SEARCH_BASE +## LDAP_DOMAIN_SEARCH_BASE Base DN to look for valid domains on the ldap host. -### LDAP_DOMAIN_RESULT_ATTRIBUTE +## LDAP_DOMAIN_RESULT_ATTRIBUTE - default: dc Ldap attribute that is fetched in the domain query. -### LDAP_MAILBOX_RESULT_ATTRIBUTE +## LDAP_MAILBOX_RESULT_ATTRIBUTE - default: cn Ldap attribute that is fetched in the mailbox query. -### LDAP_STARTTLS +## LDAP_STARTTLS - default: yes Whether to use tls when connecting to the ldap host. -### CERTNAME +## CERT_NAME - default: fullchain.pem Name of the certificate file. -### Keyname +## KEY_NAME - default: privkey.pem Name of the key file. -### MESSAGE_SIZELIMIT +## MESSAGE_SIZELIMIT - default: 20000000 Message size limit in bytes. -### MAILBOX_SIZELIMIT +## MAILBOX_SIZELIMIT - default: 0 Mailbox size limit in bytes. `0` disables the limit. -### TLS_SECURITY_LEVEL +## TLS_SECURITY_LEVEL - default: may One of: @@ -99,26 +99,26 @@ One of: - encrypt: Mandatory TLS encryption: announce STARTTLS support to remote SMTP clients, and require that clients use TLS encryption. According to [RFC 2487](http://tools.ietf.org/html/rfc2487) this MUST NOT be applied in case of a publicly-referenced SMTP server. -### TLS_PROTOCOLS +## TLS_PROTOCOLS - default: !SSLv2, !SSLv3 Comma seperated list of accepted TLS protocols. -### TLS_CIPHERS +## TLS_CIPHERS - default: high The minimum TLS cipher grade that the Postfix SMTP server will use with opportunistic TLS encryption. -### TLS_EXCLUDE_CIPHERS +## TLS_EXCLUDE_CIPHERS - default: aNULL, MD5, 3DES Comma seperated list of ciphers or cipher types to exclude from the SMTP server cipher list at all TLS security levels. -## Ports +# Ports - 25 - 587 -## Capabilities +# Capabilities - DAC_OVERRIDE - NET_BIND_SERVICE - SETGID