postfix/run.sh

#!/bin/bash

[ "${DEBUG}" == "yes" ] && set -x

function add_config_value() {
  local key=${1}
  local value=${2}
  # local config_file=${3:-/etc/postfix/main.cf}
  [ "${key}" == "" ] && echo "ERROR: No key set !!" && exit 1
  [ "${value}" == "" ] && echo "ERROR: No value set !!" && exit 1

  echo "Setting configuration option ${key} with value: ${value}"
 postconf -e "${key} = ${value}"
}

# Read password from file to avoid unsecure env variables
if [ -n "${SMTP_PASSWORD_FILE}" ]; then [ -f "${SMTP_PASSWORD_FILE}" ] && read SMTP_PASSWORD < ${SMTP_PASSWORD_FILE} || echo "SMTP_PASSWORD_FILE defined, but file not existing, skipping."; fi

[ -z "${SMTP_SERVER}" ] && echo "SMTP_SERVER is not set" && exit 1
[ -z "${SERVER_HOSTNAME}" ] && echo "SERVER_HOSTNAME is not set" && exit 1
[ ! -z "${SMTP_USERNAME}" -a -z "${SMTP_PASSWORD}" ] && echo "SMTP_USERNAME is set but SMTP_PASSWORD is not set" && exit 1

SMTP_PORT="${SMTP_PORT:-587}"

#Get the domain from the server host name
DOMAIN=`echo ${SERVER_HOSTNAME} | awk 'BEGIN{FS=OFS="."}{print $(NF-1),$NF}'`

# Set needed config options
add_config_value "maillog_file" "/dev/stdout"
add_config_value "myhostname" ${SERVER_HOSTNAME}
add_config_value "mydomain" ${DOMAIN}
add_config_value "mydestination" 'localhost'
add_config_value "myorigin" '$mydomain'
add_config_value "relayhost" "[${SMTP_SERVER}]:${SMTP_PORT}"
add_config_value "smtp_use_tls" "yes"
if [ ! -z "${SMTP_USERNAME}" ]; then
  add_config_value "smtp_sasl_auth_enable" "yes"
  add_config_value "smtp_sasl_password_maps" "lmdb:/etc/postfix/sasl_passwd"
  add_config_value "smtp_sasl_security_options" "noanonymous"
fi
add_config_value "always_add_missing_headers" "${ALWAYS_ADD_MISSING_HEADERS:-no}"
#Also use "native" option to allow looking up hosts added to /etc/hosts via
# docker options (issue #51)
add_config_value "smtp_host_lookup" "native,dns"

if [ "${SMTP_PORT}" = "465" ]; then
  add_config_value "smtp_tls_wrappermode" "yes"
  add_config_value "smtp_tls_security_level" "encrypt"
fi

# Create sasl_passwd file with auth credentials
if [ ! -f /etc/postfix/sasl_passwd -a ! -z "${SMTP_USERNAME}" ]; then
  grep -q "${SMTP_SERVER}" /etc/postfix/sasl_passwd  > /dev/null 2>&1
  if [ $? -gt 0 ]; then
    echo "Adding SASL authentication configuration"
    echo "[${SMTP_SERVER}]:${SMTP_PORT} ${SMTP_USERNAME}:${SMTP_PASSWORD}" >> /etc/postfix/sasl_passwd
    postmap /etc/postfix/sasl_passwd
  fi
fi

#Set header tag
if [ ! -z "${SMTP_HEADER_TAG}" ]; then
  postconf -e "header_checks = regexp:/etc/postfix/header_tag"
  echo -e "/^MIME-Version:/i PREPEND RelayTag: $SMTP_HEADER_TAG\n/^Content-Transfer-Encoding:/i PREPEND RelayTag: $SMTP_HEADER_TAG" > /etc/postfix/header_tag
  echo "Setting configuration option SMTP_HEADER_TAG with value: ${SMTP_HEADER_TAG}"
fi

#Check for subnet restrictions
nets='10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16'
if [ ! -z "${SMTP_NETWORKS}" ]; then
        for i in $(sed 's/,/\ /g' <<<$SMTP_NETWORKS); do
                if grep -Eq "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/[0-9]{1,2}" <<<$i ; then
                        nets+=", $i"
                else
                        echo "$i is not in proper IPv4 subnet format. Ignoring."
                fi
        done
fi
add_config_value "mynetworks" "${nets}"

if [ ! -z "${OVERWRITE_FROM}" ]; then
  echo -e "/^From:.*$/ REPLACE From: $OVERWRITE_FROM" > /etc/postfix/smtp_header_checks
  postmap /etc/postfix/smtp_header_checks
  postconf -e 'smtp_header_checks = regexp:/etc/postfix/smtp_header_checks'
  echo "Setting configuration option OVERWRITE_FROM with value: ${OVERWRITE_FROM}"
fi

#Start services

# If host mounting /var/spool/postfix, we need to delete old pid file before
# starting services
rm -f /var/spool/postfix/pid/master.pid

exec /usr/sbin/postfix -c /etc/postfix start-fg
First version 2015-04-20 00:30:41 +02:00			`#!/bin/bash`

Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`[ "${DEBUG}" == "yes" ] && set -x`

			`function add_config_value() {`
			`local key=${1}`
			`local value=${2}`
Fix awk expression, it worked before because of a bug, it does not work with more recent awk versions. 2020-03-24 00:30:00 +01:00			`# local config_file=${3:-/etc/postfix/main.cf}`
Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`[ "${key}" == "" ] && echo "ERROR: No key set !!" && exit 1`
			`[ "${value}" == "" ] && echo "ERROR: No value set !!" && exit 1`

			`echo "Setting configuration option ${key} with value: ${value}"`
Convert previous function to using postfix. 2019-02-17 18:50:21 +01:00			`postconf -e "${key} = ${value}"`
Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`}`

Add function to load secret/password from file for security (#25) New feature: Load SMTP password from file to avoid using env variables. 2020-06-19 23:52:21 +02:00			`# Read password from file to avoid unsecure env variables`
			`if [ -n "${SMTP_PASSWORD_FILE}" ]; then [ -f "${SMTP_PASSWORD_FILE}" ] && read SMTP_PASSWORD < ${SMTP_PASSWORD_FILE} \|\| echo "SMTP_PASSWORD_FILE defined, but file not existing, skipping."; fi`

First version 2015-04-20 00:30:41 +02:00			`[ -z "${SMTP_SERVER}" ] && echo "SMTP_SERVER is not set" && exit 1`
Also validate SERVER_HOSTNAME. 2018-03-06 07:18:30 +01:00			`[ -z "${SERVER_HOSTNAME}" ] && echo "SERVER_HOSTNAME is not set" && exit 1`
Allow to use a SMTP server without authentication 2021-03-23 22:41:01 +01:00			`[ ! -z "${SMTP_USERNAME}" -a -z "${SMTP_PASSWORD}" ] && echo "SMTP_USERNAME is set but SMTP_PASSWORD is not set" && exit 1`
First version 2015-04-20 00:30:41 +02:00
fix(postfix): Set correct default value for SMTP_PORT 2020-01-21 10:47:27 +01:00			`SMTP_PORT="${SMTP_PORT:-587}"`
Make the smtp server port configurable. 2018-05-24 05:14:45 +02:00
Also set mydestination. 2015-05-23 06:45:58 +02:00			`#Get the domain from the server host name`
Fix awk expression, it worked before because of a bug, it does not work with more recent awk versions. 2020-03-24 00:30:00 +01:00			DOMAIN=`echo ${SERVER_HOSTNAME} \| awk 'BEGIN{FS=OFS="."}{print $(NF-1),$NF}'`
Also set mydestination. 2015-05-23 06:45:58 +02:00
Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`# Set needed config options`
feat: Removed supervisor and rsyslog As mentioned in discussion #54, since version 3.3.0, postfix can run in foreground mode, and since 3.4.0 it can log directly to stdout. 2021-04-27 23:44:39 +02:00			`add_config_value "maillog_file" "/dev/stdout"`
Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`add_config_value "myhostname" ${SERVER_HOSTNAME}`
			`add_config_value "mydomain" ${DOMAIN}`
Fix issue #35 2020-10-11 05:07:20 +02:00			`add_config_value "mydestination" 'localhost'`
Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`add_config_value "myorigin" '$mydomain'`
Make the smtp server port configurable. 2018-05-24 05:14:45 +02:00			`add_config_value "relayhost" "[${SMTP_SERVER}]:${SMTP_PORT}"`
Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`add_config_value "smtp_use_tls" "yes"`
Allow to use a SMTP server without authentication 2021-03-23 22:41:01 +01:00			`if [ ! -z "${SMTP_USERNAME}" ]; then`
			`add_config_value "smtp_sasl_auth_enable" "yes"`
			`add_config_value "smtp_sasl_password_maps" "lmdb:/etc/postfix/sasl_passwd"`
			`add_config_value "smtp_sasl_security_options" "noanonymous"`
			`fi`
Add option always_add_missing_headers (#32) (adding From:, To:, Date: or Message-ID: headers when not present, cf. http://www.postfix.org/postconf.5.html#always_add_missing_headers) This option always_add_missing_headers is set by the environment variable ALWAYS_ADD_MISSING_HEADERS (default: no) 2020-08-24 21:41:08 +02:00			`add_config_value "always_add_missing_headers" "${ALWAYS_ADD_MISSING_HEADERS:-no}"`
Add smtp_host_lookup=native,dns parameter to allow the lookup of hosts added to /etc/hosts file via docker options (issue #51). 2021-03-17 23:17:39 +01:00			`#Also use "native" option to allow looking up hosts added to /etc/hosts via`
			`# docker options (issue #51)`
			`add_config_value "smtp_host_lookup" "native,dns"`
Set myhostname and myorigin, some providers like 1&1 will do MX lookups on them so they need to be valid. 2015-05-13 08:06:38 +02:00
add smtp_tls_wrappermode and smtp_tls_security_level. You need both parameters when you send emails with TLS(465). 2020-12-16 17:18:27 +01:00			`if [ "${SMTP_PORT}" = "465" ]; then`
			`add_config_value "smtp_tls_wrappermode" "yes"`
			`add_config_value "smtp_tls_security_level" "encrypt"`
			`fi`

Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`# Create sasl_passwd file with auth credentials`
Allow to use a SMTP server without authentication 2021-03-23 22:41:01 +01:00			`if [ ! -f /etc/postfix/sasl_passwd -a ! -z "${SMTP_USERNAME}" ]; then`
Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`grep -q "${SMTP_SERVER}" /etc/postfix/sasl_passwd > /dev/null 2>&1`
			`if [ $? -gt 0 ]; then`
			`echo "Adding SASL authentication configuration"`
Make the smtp server port configurable. 2018-05-24 05:14:45 +02:00			`echo "[${SMTP_SERVER}]:${SMTP_PORT} ${SMTP_USERNAME}:${SMTP_PASSWORD}" >> /etc/postfix/sasl_passwd`
Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`postmap /etc/postfix/sasl_passwd`
			`fi`
			`fi`
First version 2015-04-20 00:30:41 +02:00
Change base image from CentOS 7 to alpine linux 2020-03-23 05:17:24 +01:00			`#Set header tag`
Update run.sh 2019-01-27 02:50:34 +01:00			`if [ ! -z "${SMTP_HEADER_TAG}" ]; then`
Update run.sh Updated header tag variable. Configured to only set the header tag if variable is set. 2019-01-20 05:58:15 +01:00			`postconf -e "header_checks = regexp:/etc/postfix/header_tag"`
			`echo -e "/^MIME-Version:/i PREPEND RelayTag: $SMTP_HEADER_TAG\n/^Content-Transfer-Encoding:/i PREPEND RelayTag: $SMTP_HEADER_TAG" > /etc/postfix/header_tag`
Update run.sh 2019-01-26 23:12:50 +01:00			`echo "Setting configuration option SMTP_HEADER_TAG with value: ${SMTP_HEADER_TAG}"`
Add header tag creation. This will create a tag in email headers that can be used for filtering by receiving servers. I use this image for relaying through exchange online, and the nature of how I run my containers prevents me from setting static IPs as a filter. With a tag for exchange to look at, I can make sure emails from the relay are not hitting the junk folder. Without setting the HEADER_TAG variable, the script will create a randomly generated tag and move on. It is not a requirement to make use of this feature. 2019-01-16 18:34:48 +01:00			`fi`

Update run.sh Add trusted networks option 2019-03-17 22:17:51 +01:00			`#Check for subnet restrictions`
			`nets='10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16'`
			`if [ ! -z "${SMTP_NETWORKS}" ]; then`
			`for i in $(sed 's/,/\ /g' <<<$SMTP_NETWORKS); do`
			`if grep -Eq "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/[0-9]{1,2}" <<<$i ; then`
			`nets+=", $i"`
			`else`
			`echo "$i is not in proper IPv4 subnet format. Ignoring."`
			`fi`
			`done`
			`fi`
			`add_config_value "mynetworks" "${nets}"`

Add option to overwrite the From address 2020-09-29 10:33:52 +02:00			`if [ ! -z "${OVERWRITE_FROM}" ]; then`
			`echo -e "/^From:.*$/ REPLACE From: $OVERWRITE_FROM" > /etc/postfix/smtp_header_checks`
			`postmap /etc/postfix/smtp_header_checks`
			`postconf -e 'smtp_header_checks = regexp:/etc/postfix/smtp_header_checks'`
			`echo "Setting configuration option OVERWRITE_FROM with value: ${OVERWRITE_FROM}"`
			`fi`

Don't add duplicate configuration entries. 2018-05-09 09:06:30 +02:00			`#Start services`
In case of mounting /var/spool/postfix, delete master.pid first 2019-10-24 00:20:20 +02:00
			`# If host mounting /var/spool/postfix, we need to delete old pid file before`
			`# starting services`
			`rm -f /var/spool/postfix/pid/master.pid`

feat: Removed supervisor and rsyslog As mentioned in discussion #54, since version 3.3.0, postfix can run in foreground mode, and since 3.4.0 it can log directly to stdout. 2021-04-27 23:44:39 +02:00			`exec /usr/sbin/postfix -c /etc/postfix start-fg`