etc | ||
.env.example | ||
docker-compose.override.yml | ||
docker-compose.yml | ||
Dockerfile | ||
LICENSE.md | ||
README.md | ||
run.sh |
docker-postfix
Simple Postfix SMTP TLS relay docker image with no local authentication enabled (to be run in a secure LAN).
It also includes rsyslog to enable logging to stdout.
If you want to follow the development of this project check out my blog.
Available image tags
This image has been built on CentOS 7 since its inception, but the new CentOS 8 does not include supervisor anymore, so I have started migrating this image to Alpine linux. So currently there are two image tags available:
- juanluisbaptiste/postfix:latest, current CentOS 7 based image
- juanluisbaptiste/postfix:alpine, new Alpine based image
If testing goes well for some time, then the current CentOS image will be replaced by the new Alpine one, and latest tag will point to it.
Build instructions
Clone this repo and then:
cd docker-Postfix
sudo docker build -t juanluisbaptiste/postfix .
Or you can use the provided docker-compose files:
sudo docker-compose build
For more information on using multiple compose files see here. You can also find a prebuilt docker image from Docker Hub, which can be pulled with this command:
sudo docker pull juanluisbaptiste/postfix:latest
How to run it
The following env variables need to be passed to the container:
SMTP_SERVER
Server address of the SMTP server to use.SMTP_PORT
(Optional, Default value: 587) Port address of the SMTP server to use.SMTP_USERNAME
Username to authenticate with.SMTP_PASSWORD
Password of the SMTP user. IfSMTP_PASSWORD_FILE
is set, not needed.SERVER_HOSTNAME
Server hostname for the Postfix container. Emails will appear to come from the hostname's domain.
The following env variable(s) are optional.
-
SMTP_HEADER_TAG
This will add a header for tracking messages upstream. Helpful for spam filters. Will appear as "RelayTag: ${SMTP_HEADER_TAG}" in the email headers. -
SMTP_NETWORKS
Setting this will allow you to add additional, comma seperated, subnets to use the relay. Used like -e SMTP_NETWORKS='xxx.xxx.xxx.xxx/xx,xxx.xxx.xxx.xxx/xx' -
SMTP_PASSWORD_FILE
Setting this to a mounted file containing the password, to avoid passwords in env variables. Used like -e SMTP_PASSWORD_FILE=/secrets/smtp_password -v $(pwd)/secrets/:/secrets/
To use this container from anywhere, the 25 port or the one specified by SMTP_PORT
needs to be exposed to the docker host server:
docker run -d --name postfix -p "25:25" \
-e SMTP_SERVER=smtp.bar.com \
-e SMTP_USERNAME=foo@bar.com \
-e SMTP_PASSWORD=XXXXXXXX \
-e SERVER_HOSTNAME=helpdesk.mycompany.com \
juanluisbaptiste/postfix
If you are going to use this container from other docker containers then it's better to just publish the port:
docker run -d --name postfix -P \
-e SMTP_SERVER=smtp.bar.com \
-e SMTP_USERNAME=foo@bar.com \
-e SMTP_PASSWORD=XXXXXXXX \
-e SERVER_HOSTNAME=helpdesk.mycompany.com \
juanluisbaptiste/postfix
Or if you can start the service using the provided docker-compose file for production use:
sudo docker-compose up -d
To see the email logs in real time:
docker logs -f postfix
A note about using gmail as a relay
Gmail by default does not allow email clients that don't use OAUTH 2 for authentication (like Thunderbird or Outlook). First you need to enable access to "Less secure apps" on your google settings.
Also take into account that email From:
header will contain the email address of the account being used to
authenticate against the Gmail SMTP server(SMTP_USERNAME), the one on the email will be ignored by Gmail unless you add it as an alias.
Debugging
If you need troubleshooting the container you can set the environment variable DEBUG=yes for a more verbose output.