Simple SMTP relay docker image.
Find a file
2020-06-24 21:54:14 -05:00
etc Remove extra verbose parameters from postfix command. 2018-05-09 02:05:50 -05:00
.env.example Add function to load secret/password from file for security (#25) 2020-06-19 16:52:21 -05:00
docker-compose.override.yml Renamed docker-compose.dev.yml to docker-compose.override.yml so it 2020-04-09 12:23:20 -05:00
docker-compose.yml Added an example .env file 2020-04-09 12:13:45 -05:00
Dockerfile Single COPY to reduce number of layers 2019-11-29 11:44:46 +01:00
LICENSE.md Added LICENSE file to fix issue #27 2020-05-27 14:43:09 -05:00
README.md Updated blog address 2020-06-24 21:54:14 -05:00
run.sh Add function to load secret/password from file for security (#25) 2020-06-19 16:52:21 -05:00

docker-postfix

Docker Build Status Docker Stars Docker Pulls

Simple Postfix SMTP TLS relay docker image with no local authentication enabled (to be run in a secure LAN).

It also includes rsyslog to enable logging to stdout.

If you want to follow the development of this project check out my blog.

Available image tags

This image has been built on CentOS 7 since its inception, but the new CentOS 8 does not include supervisor anymore, so I have started migrating this image to Alpine linux. So currently there are two image tags available:

  • juanluisbaptiste/postfix:latest, current CentOS 7 based image
  • juanluisbaptiste/postfix:alpine, new Alpine based image

If testing goes well for some time, then the current CentOS image will be replaced by the new Alpine one, and latest tag will point to it.

Build instructions

Clone this repo and then:

cd docker-Postfix
sudo docker build -t juanluisbaptiste/postfix .

Or you can use the provided docker-compose files:

sudo docker-compose build

For more information on using multiple compose files see here. You can also find a prebuilt docker image from Docker Hub, which can be pulled with this command:

sudo docker pull juanluisbaptiste/postfix:latest

How to run it

The following env variables need to be passed to the container:

  • SMTP_SERVER Server address of the SMTP server to use.
  • SMTP_PORT (Optional, Default value: 587) Port address of the SMTP server to use.
  • SMTP_USERNAME Username to authenticate with.
  • SMTP_PASSWORD Password of the SMTP user. If SMTP_PASSWORD_FILE is set, not needed.
  • SERVER_HOSTNAME Server hostname for the Postfix container. Emails will appear to come from the hostname's domain.

The following env variable(s) are optional.

  • SMTP_HEADER_TAG This will add a header for tracking messages upstream. Helpful for spam filters. Will appear as "RelayTag: ${SMTP_HEADER_TAG}" in the email headers.

  • SMTP_NETWORKS Setting this will allow you to add additional, comma seperated, subnets to use the relay. Used like -e SMTP_NETWORKS='xxx.xxx.xxx.xxx/xx,xxx.xxx.xxx.xxx/xx'

  • SMTP_PASSWORD_FILE Setting this to a mounted file containing the password, to avoid passwords in env variables. Used like -e SMTP_PASSWORD_FILE=/secrets/smtp_password -v $(pwd)/secrets/:/secrets/

To use this container from anywhere, the 25 port or the one specified by SMTP_PORT needs to be exposed to the docker host server:

docker run -d --name postfix -p "25:25"  \
       -e SMTP_SERVER=smtp.bar.com \
       -e SMTP_USERNAME=foo@bar.com \
       -e SMTP_PASSWORD=XXXXXXXX \
       -e SERVER_HOSTNAME=helpdesk.mycompany.com \
       juanluisbaptiste/postfix

If you are going to use this container from other docker containers then it's better to just publish the port:

docker run -d --name postfix -P \
       -e SMTP_SERVER=smtp.bar.com \
       -e SMTP_USERNAME=foo@bar.com \
       -e SMTP_PASSWORD=XXXXXXXX \
       -e SERVER_HOSTNAME=helpdesk.mycompany.com \           
       juanluisbaptiste/postfix

Or if you can start the service using the provided docker-compose file for production use:

sudo docker-compose up -d

To see the email logs in real time:

docker logs -f postfix

A note about using gmail as a relay

Gmail by default does not allow email clients that don't use OAUTH 2 for authentication (like Thunderbird or Outlook). First you need to enable access to "Less secure apps" on your google settings.

Also take into account that email From: header will contain the email address of the account being used to authenticate against the Gmail SMTP server(SMTP_USERNAME), the one on the email will be ignored by Gmail unless you add it as an alias.

Debugging

If you need troubleshooting the container you can set the environment variable DEBUG=yes for a more verbose output.