Go to file
Sebastian Hugentobler b87444b526 Update README.md
[skip ci]
2017-01-04 15:01:33 +00:00
rootfs/etc Update run 2017-01-04 15:00:58 +00:00
.gitignore initial commit 2016-07-06 11:42:10 +02:00
Dockerfile Update Dockerfile 2016-11-01 15:11:03 +00:00
README.md Update README.md 2017-01-04 15:01:33 +00:00

Postfix with ldap authentication and spamassassin + OpenDKIM in ldap.

Volumes

  • /etc/ssl/mail:ro: certificates have to be here.

Environment Variables

MYHOSTNAME

Fully qualified hostname.

MYDOMAIN

The internet domain name of the mail system.

SMTP_BANNER

Text prepended to $myhostname ESMTP $mail_name for the smtp banner.

SPAMASSASSIN_HOST

Hostname for the spamassassin host.

DOVECOT_HOST

Hostname for the dovecot host.

DOVECOT_AUTH_PORT

Port for the dovecot host.

DKIM_HOST

Hostname for the OpenDkim host.

DKIM_PORT

Port for the OpenDkim host.

LMTP_HOST

Hostname for the lmtp host (probably dovecot).

LMTP_PORT

Port for the lmtp host.

LDAP_URI

Complete uri for the authentication ldap host.

LDAP_BIND_DN

DN used to authenticate against ldap.

LDAP_BIND_PASSWORD

Password used to authenticate against ldap.

LDAP_ALIAS_QUERY_FILTER

Ldap filter for mail aliases.

LDAP_DOMAIN_QUERY_FILTER

Ldap filter for domains.

LDAP_MAILBOX_QUERY_FILTER

Ldap filter for mailboxes.

LDAP_MAILBOX_SEARCH_BASE

Base DN to look for mailboxes on the ldap host.

LDAP_DOMAIN_SEARCH_BASE

Base DN to look for valid domains on the ldap host.

LDAP_DOMAIN_RESULT_ATTRIBUTE

  • default: dc

Ldap attribute that is fetched in the domain query.

LDAP_MAILBOX_RESULT_ATTRIBUTE

  • default: cn

Ldap attribute that is fetched in the mailbox query.

LDAP_STARTTLS

  • default: yes

Whether to use tls when connecting to the ldap host.

CERT_NAME

  • default: fullchain.pem

Name of the certificate file.

KEY_NAME

  • default: privkey.pem

Name of the key file.

MESSAGE_SIZELIMIT

  • default: 20000000

Message size limit in bytes.

MAILBOX_SIZELIMIT

  • default: 0

Mailbox size limit in bytes. 0 disables the limit.

TLS_SECURITY_LEVEL

  • default: may

One of:

  • none: TLS will not be used.
  • may: Opportunistic TLS: announce STARTTLS support to remote SMTP clients, but do not require that clients use TLS encryption.
  • encrypt: Mandatory TLS encryption: announce STARTTLS support to remote SMTP clients, and require that clients use TLS encryption. According to RFC 2487 this MUST NOT be applied in case of a publicly-referenced SMTP server.

TLS_PROTOCOLS

  • default: !SSLv2, !SSLv3

Comma seperated list of accepted TLS protocols.

TLS_CIPHERS

  • default: high

The minimum TLS cipher grade that the Postfix SMTP server will use with opportunistic TLS encryption.

TLS_EXCLUDE_CIPHERS

  • default: aNULL, MD5, 3DES

Comma seperated list of ciphers or cipher types to exclude from the SMTP server cipher list at all TLS security levels.

Ports

  • 25
  • 587

Capabilities

  • DAC_OVERRIDE
  • NET_BIND_SERVICE
  • SETGID
  • SETUID