container/postfix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Sebastian Hugentobler 2016-10-31 10:14:36 +00:00
parent 6cc370b4de
commit cc0699d895
1 changed files with 32 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
README.md
View File

@ -1,96 +1,96 @@
[Postfix](http://www.postfix.org/) with ldap authentication and [spamassassin](http://spamassassin.apache.org/) + [OpenDKIM](http://www.opendkim.org/) in ldap. [Postfix](http://www.postfix.org/) with ldap authentication and [spamassassin](http://spamassassin.apache.org/) + [OpenDKIM](http://www.opendkim.org/) in ldap.
## Volumes # Volumes
- `/etc/ssl/mail:ro`: certificates have to be here. - `/etc/ssl/mail:ro`: certificates have to be here.
## Environment Variables # Environment Variables
### MYHOSTNAME ## MYHOSTNAME
Fully qualified hostname. Fully qualified hostname.
### MYDOMAIN ## MYDOMAIN
The internet domain name of the mail system. The internet domain name of the mail system.
### SMTP_BANNER ## SMTP_BANNER
Text prepended to `$myhostname ESMTP $mail_name` for the smtp banner. Text prepended to `$myhostname ESMTP $mail_name` for the smtp banner.
### DOVECOT_HOST ## DOVECOT_HOST
Hostname for the dovecot host. Hostname for the dovecot host.
### DOVECOT_AUTH_PORT ## DOVECOT_AUTH_PORT
Port for the dovecot host. Port for the dovecot host.
### DKIM_HOST ## DKIM_HOST
Hostname for the OpenDkim host. Hostname for the OpenDkim host.
### DKIM_PORT ## DKIM_PORT
Port for the OpenDkim host. Port for the OpenDkim host.
### LMTP_HOST ## LMTP_HOST
Hostname for the lmtp host (probably dovecot). Hostname for the lmtp host (probably dovecot).
### LMTP_PORT ## LMTP_PORT
Port for the lmtp host. Port for the lmtp host.
### LDAP_URI ## LDAP_URI
Complete uri for the authentication ldap host. Complete uri for the authentication ldap host.
### LDAP_BIND_DN ## LDAP_BIND_DN
DN used to authenticate against ldap. DN used to authenticate against ldap.
### LDAP_BIND_PASSWORD ## LDAP_BIND_PASSWORD
Password used to authenticate against ldap. Password used to authenticate against ldap.
### LDAP_ALIAS_QUERY_FILTER ## LDAP_ALIAS_QUERY_FILTER
Ldap filter for mail aliases. Ldap filter for mail aliases.
### LDAP_DOMAIN_QUERY_FILTER ## LDAP_DOMAIN_QUERY_FILTER
Ldap filter for domains. Ldap filter for domains.
### LDAP_MAILBOX_QUERY_FILTER ## LDAP_MAILBOX_QUERY_FILTER
Ldap filter for mailboxes. Ldap filter for mailboxes.
### LDAP_MAILBOX_SEARCH_BASE ## LDAP_MAILBOX_SEARCH_BASE
Base DN to look for mailboxes on the ldap host. Base DN to look for mailboxes on the ldap host.
### LDAP_DOMAIN_SEARCH_BASE ## LDAP_DOMAIN_SEARCH_BASE
Base DN to look for valid domains on the ldap host. Base DN to look for valid domains on the ldap host.
### LDAP_DOMAIN_RESULT_ATTRIBUTE ## LDAP_DOMAIN_RESULT_ATTRIBUTE
- default: dc - default: dc
Ldap attribute that is fetched in the domain query. Ldap attribute that is fetched in the domain query.
### LDAP_MAILBOX_RESULT_ATTRIBUTE ## LDAP_MAILBOX_RESULT_ATTRIBUTE
- default: cn - default: cn
Ldap attribute that is fetched in the mailbox query. Ldap attribute that is fetched in the mailbox query.
### LDAP_STARTTLS ## LDAP_STARTTLS
- default: yes - default: yes
Whether to use tls when connecting to the ldap host. Whether to use tls when connecting to the ldap host.
### CERTNAME ## CERT_NAME
- default: fullchain.pem - default: fullchain.pem
Name of the certificate file. Name of the certificate file.
### Keyname ## KEY_NAME
- default: privkey.pem - default: privkey.pem
Name of the key file. Name of the key file.
### MESSAGE_SIZELIMIT ## MESSAGE_SIZELIMIT
- default: 20000000 - default: 20000000
Message size limit in bytes. Message size limit in bytes.
### MAILBOX_SIZELIMIT ## MAILBOX_SIZELIMIT
- default: 0 - default: 0
Mailbox size limit in bytes. `0` disables the limit. Mailbox size limit in bytes. `0` disables the limit.
### TLS_SECURITY_LEVEL ## TLS_SECURITY_LEVEL
- default: may - default: may
One of: One of:
@ -99,26 +99,26 @@ One of:
- encrypt: Mandatory TLS encryption: announce STARTTLS support to remote SMTP clients, and require that clients use TLS encryption. - encrypt: Mandatory TLS encryption: announce STARTTLS support to remote SMTP clients, and require that clients use TLS encryption.
According to [RFC 2487](http://tools.ietf.org/html/rfc2487) this MUST NOT be applied in case of a publicly-referenced SMTP server. According to [RFC 2487](http://tools.ietf.org/html/rfc2487) this MUST NOT be applied in case of a publicly-referenced SMTP server.
### TLS_PROTOCOLS ## TLS_PROTOCOLS
- default: !SSLv2, !SSLv3 - default: !SSLv2, !SSLv3
Comma seperated list of accepted TLS protocols. Comma seperated list of accepted TLS protocols.
### TLS_CIPHERS ## TLS_CIPHERS
- default: high - default: high
The minimum TLS cipher grade that the Postfix SMTP server will use with opportunistic TLS encryption. The minimum TLS cipher grade that the Postfix SMTP server will use with opportunistic TLS encryption.
### TLS_EXCLUDE_CIPHERS ## TLS_EXCLUDE_CIPHERS
- default: aNULL, MD5, 3DES - default: aNULL, MD5, 3DES
Comma seperated list of ciphers or cipher types to exclude from the SMTP server cipher list at all TLS security levels. Comma seperated list of ciphers or cipher types to exclude from the SMTP server cipher list at all TLS security levels.
## Ports # Ports
- 25 - 25
- 587 - 587
## Capabilities # Capabilities
- DAC_OVERRIDE - DAC_OVERRIDE
- NET_BIND_SERVICE - NET_BIND_SERVICE
- SETGID - SETGID