container/postfix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
43dd0abc74
postfix/README.md

2.6 KiB
Raw Blame History

Postfix with dovecot authentication and rspamd using postgres.

Database

create table if not exists virtual_domains (
	name text primary key
);

create table if not exists virtual_users (
	email text primary key,
	domain_name text not null references virtual_domains(name)
);

create table if not exists virtual_aliases (
	domain_name text not null references virtual_domains(name),
	source text not null,
	destination text not null
);

Volumes

  • /etc/ssl/mail:ro: certificates have to be here.

Environment Variables

MYHOSTNAME

Fully qualified hostname.

MYDOMAIN

The internet domain name of the mail system.

SMTP_BANNER

Text prepended to $myhostname ESMTP $mail_name for the smtp banner.

DOVECOT_HOST

Hostname for the dovecot host.

DOVECOT_AUTH_PORT

Port for the dovecot host.

LMTP_HOST

Hostname for the lmtp host (probably dovecot).

LMTP_PORT

Port for the lmtp host.

CERT_DOMAIN

Name of the certificate domain.

Name of the key file.

DB_HOST

Postgre database host.

DB_USER

  • default: email

User to connect to the database.

DB_PASSWORD

Password to use for the database user.

DB_NAME

  • default: email

Name of the postgre database to connect to.

MESSAGE_SIZELIMIT

  • default: 20000000

Message size limit in bytes.

MAILBOX_SIZELIMIT

  • default: 0

Mailbox size limit in bytes. 0 disables the limit.

TLS_SECURITY_LEVEL

  • default: may

One of:

  • none: TLS will not be used.
  • may: Opportunistic TLS: announce STARTTLS support to remote SMTP clients, but do not require that clients use TLS encryption.
  • encrypt: Mandatory TLS encryption: announce STARTTLS support to remote SMTP clients, and require that clients use TLS encryption. According to RFC 2487 this MUST NOT be applied in case of a publicly-referenced SMTP server.

TLS_PROTOCOLS

  • default: !SSLv2, !SSLv3, !TLSv1, !TLSv1.1

Comma seperated list of accepted TLS protocols.

TLS_CIPHERS

  • default: high

The minimum TLS cipher grade that the Postfix SMTP server will use with opportunistic TLS encryption.

TLS_EXCLUDE_CIPHERS

  • default: aNULL, MD5, 3DES

Comma seperated list of ciphers or cipher types to exclude from the SMTP server cipher list at all TLS security levels.

RSPAMD_ADDRESS

  • default: inet:127.0.0.1:11332

Where to connect to rspamd.

EXTERNAL_IP

The network interface addresses that this mail system receives mail on by way of a proxy or network address translation unit.

Ports

  • 25
  • 587

Capabilities

  • DAC_OVERRIDE
  • NET_BIND_SERVICE
  • SETGID
  • SETUID