postfix/README.md

123 lines
5.6 KiB
Markdown
Raw Normal View History

2015-04-17 01:45:56 +02:00
# docker-postfix
2023-11-08 13:24:43 +01:00
Simple Postfix SMTP TLS relay [docker](http://www.docker.com) alpine based image with no local authentication enabled (to be run in a secure LAN).
2015-04-20 00:28:21 +02:00
This image is available for the following architectures:
* 386
* amd64 (_latest_ and _alpine_ tags)
* armv6
* armv7
* arm64
2020-06-25 04:53:48 +02:00
_If you want to follow the development of this project check out [my blog](https://www.juanbaptiste.tech/category/postfx)._
2019-03-07 03:18:30 +01:00
### Available image tags
We use semantic versioning for this image. For all supported architectures there are the following versioned tags:
* Major (1)
* Minor (1.0)
* Patch (1.0.0)
Additionally the amd64 architecture has the following tags:
* _latest_
* _alpine_
*_NOTES_*:
* The _alpine_ tag has been switched to use the master branch, but it's irrelevant as it is the same as _latest_.
* Old CentOS 7 based image is avaiable on the _centos_base_image branch_, but it is not being developed any more.
2015-04-20 00:28:21 +02:00
### Build instructions
Clone this repo and then:
cd docker-Postfix
sudo docker build -t juanluisbaptiste/postfix .
2015-04-20 00:28:21 +02:00
Or you can use the provided [docker-compose](https://github.com/juanluisbaptiste/docker-postfix/blob/master/docker-compose.override.yml) files:
2018-03-06 07:24:32 +01:00
sudo docker-compose build
2018-03-06 07:24:32 +01:00
For more information on using multiple compose files [see here](https://docs.docker.com/compose/production/). You can also find a prebuilt docker image from [Docker Hub](https://registry.hub.docker.com/u/juanluisbaptiste/postfix/), which can be pulled with this command:
2015-04-20 00:28:21 +02:00
sudo docker pull juanluisbaptiste/postfix:latest
### How to run it
The following env variables need to be passed to the container:
* `SMTP_SERVER` Server address of the SMTP server to use.
* `SMTP_PORT` (Optional, Default value: 587) Port address of the SMTP server to use.
* `SMTP_USERNAME` (Optional) Username to authenticate with.
* `SMTP_PASSWORD` (Mandatory if `SMTP_USERNAME` is set) Password of the SMTP user. If `SMTP_PASSWORD_FILE` is set, not needed.
* `SERVER_HOSTNAME` Server hostname for the Postfix container. Emails will appear to come from the hostname's domain.
2015-04-20 00:28:21 +02:00
2019-01-16 18:38:15 +01:00
The following env variable(s) are optional.
* `SMTP_HEADER_TAG` This will add a header for tracking messages upstream. Helpful for spam filters. Will appear as "RelayTag: ${SMTP_HEADER_TAG}" in the email headers.
2019-01-16 18:38:15 +01:00
2019-03-17 22:19:22 +01:00
* `SMTP_NETWORKS` Setting this will allow you to add additional, comma seperated, subnets to use the relay. Used like
-e SMTP_NETWORKS='xxx.xxx.xxx.xxx/xx,xxx.xxx.xxx.xxx/xx'
* `SMTP_PASSWORD_FILE` Setting this to a mounted file containing the password, to avoid passwords in env variables. Used like
-e SMTP_PASSWORD_FILE=/secrets/smtp_password
-v $(pwd)/secrets/:/secrets/
* `SMTP_USERNAME_FILE` Setting this to a mounted file containing the username, to avoid usernames in env variables. Used like
-e SMTP_USERNAME_FILE=/secrets/smtp_username
-v $(pwd)/secrets/:/secrets/
* `ALWAYS_ADD_MISSING_HEADERS` This is related to the [always\_add\_missing\_headers](http://www.postfix.org/postconf.5.html#always_add_missing_headers) Postfix option (default: `no`). If set to `yes`, Postfix will always add missing headers among `From:`, `To:`, `Date:` or `Message-ID:`.
* `OVERWRITE_FROM` This will rewrite the from address overwriting it with the specified address for all email being relayed. Example settings:
OVERWRITE_FROM=email@company.com
OVERWRITE_FROM="Your Name" <email@company.com>
* `DESTINATION` This will define a list of domains from which incoming messages will be accepted.
* `LOG_SUBJECT` This will output the subject line of messages in the log.
2021-11-19 10:31:40 +01:00
* `SMTPUTF8_ENABLE` This will enable (default) or disable support for SMTPUTF8. Valid values are `no` to disable and `yes` to enable. Not setting this variable will use the postfix default, which is `yes`.
* `MESSAGE_SIZE_LIMIT` This will change the default limit of 10240000 bytes (10MB).
To use this container from anywhere, the 25 port or the one specified by `SMTP_PORT` needs to be exposed to the docker host server:
2015-04-20 00:28:21 +02:00
docker run -d --name postfix -p "25:25" \
-e SMTP_SERVER=smtp.bar.com \
-e SMTP_USERNAME=foo@bar.com \
-e SMTP_PASSWORD=XXXXXXXX \
-e SERVER_HOSTNAME=helpdesk.mycompany.com \
2015-05-03 07:32:50 +02:00
juanluisbaptiste/postfix
2015-04-20 00:28:21 +02:00
If you are going to use this container from other docker containers then it's better to just publish the port:
docker run -d --name postfix -P \
-e SMTP_SERVER=smtp.bar.com \
-e SMTP_USERNAME=foo@bar.com \
-e SMTP_PASSWORD=XXXXXXXX \
-e SERVER_HOSTNAME=helpdesk.mycompany.com \
2015-05-03 07:32:50 +02:00
juanluisbaptiste/postfix
2018-03-06 07:24:32 +01:00
Or if you can start the service using the provided [docker-compose](https://github.com/juanluisbaptiste/docker-postfix/blob/master/docker-compose.yml) file for production use:
sudo docker-compose up -d
2019-03-07 03:23:48 +01:00
To see the email logs in real time:
docker logs -f postfix
2015-04-20 00:36:32 +02:00
#### A note about using gmail as a relay
2015-04-20 00:28:21 +02:00
2018-03-06 07:29:26 +01:00
Gmail by default [does not allow email clients that don't use OAUTH 2](http://googleonlinesecurity.blogspot.co.uk/2014/04/new-security-measures-will-affect-older.html)
for authentication (like Thunderbird or Outlook). First you need to enable access to "Less secure apps" on your
[google settings](https://www.google.com/settings/security/lesssecureapps).
2015-04-20 00:28:21 +02:00
Also take into account that email `From:` header will contain the email address of the account being used to
authenticate against the Gmail SMTP server(SMTP_USERNAME), the one on the email will be ignored by Gmail unless you [add it as an alias](https://support.google.com/mail/answer/22370).
2018-05-09 09:14:55 +02:00
### Debugging
If you need troubleshooting the container you can set the environment variable _DEBUG=yes_ for a more verbose output.