From 7e081ab4e272e93a99fbc07ec434d7d454f12898 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dragi=C5=A1a=20Duri=C4=87?= Date: Thu, 2 Aug 2018 23:35:42 +0200 Subject: [PATCH] * enabled and configured sasl authentication w/ dovecot * enabled and configured postfix submission service (bypassing port 25, which is often blocked by ISPs) * enabled multiple domains to be served * additional ENV variables, MYNETWORKS and RELAYHOST. Second may be needed if your ISP blocks outgoing mail delivery except to theirs MTA. * dovecot started as daemon, docker logs on container should work sensibly now. --- Dockerfile | 12 ++++++++++-- dovecot/dovecot-sql.conf | 2 +- dovecot/local.conf | 2 +- start.sh | 7 ++++++- 4 files changed, 18 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index e1bb1a2..fbac5e8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,11 +16,19 @@ RUN postconf -e virtual_uid_maps=static:5000 && \ postconf -e virtual_alias_maps=mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-email2email.cf && \ postconf -e virtual_transport=dovecot && \ postconf -e dovecot_destination_recipient_limit=1 && \ + postconf -e 'smtpd_sasl_type = dovecot' && \ + postconf -e 'smtpd_sasl_auth_enable = yes' && \ + postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination' && \ + postconf -e 'smtpd_sasl_path = private/auth' && \ + postconf -e "smtpd_client_message_rate_limit = 4" && \ + postconf -e "smtpd_tls_auth_only = yes" && \ # specially for docker - postconf -F '*/*/chroot = n' + postconf -F '*/*/chroot = n' && \ RUN echo "dovecot unix - n n - - pipe" >> /etc/postfix/master.cf && \ - echo ' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}' >> /etc/postfix/master.cf + echo ' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${user}@${nexthop}' >> /etc/postfix/master.cf && \ + sed -i -e '/^#submission/,/^#smtps/{s/#subm/subm/;s/^# / /;/$mua/d}' /etc/postfix/master.cf && \ + sed -i -e "/^!include auth-system.conf.ext$/d" /etc/dovecot/conf.d/10-auth.conf ADD start.sh /start.sh diff --git a/dovecot/dovecot-sql.conf b/dovecot/dovecot-sql.conf index 75640f1..8e3b0ee 100644 --- a/dovecot/dovecot-sql.conf +++ b/dovecot/dovecot-sql.conf @@ -1,4 +1,4 @@ driver = mysql connect = host={{DB_HOST}} dbname={{DB_NAME}} user={{DB_USER}} password={{DB_PASSWORD}} -default_pass_scheme = PLAIN-MD5 +default_pass_scheme = PLAIN password_query = SELECT email as user, password FROM mail_view_users WHERE email='%u'; diff --git a/dovecot/local.conf b/dovecot/local.conf index 432bfb9..46c6358 100644 --- a/dovecot/local.conf +++ b/dovecot/local.conf @@ -1,7 +1,7 @@ protocols = imap pop3 disable_plaintext_auth = no -mail_location = maildir:/home/vmail/%d +mail_location = maildir:/home/vmail/%d/%n/Maildir auth_default_realm = {{APP_HOST}} auth_verbose = yes diff --git a/start.sh b/start.sh index b96e46c..b388b23 100644 --- a/start.sh +++ b/start.sh @@ -46,7 +46,10 @@ sed -i "s/{{DB_NAME}}/$DB_NAME/g" /etc/dovecot/dovecot-sql.conf sed -i "s/{{DB_PASSWORD}}/$DB_PASSWORD/g" /etc/dovecot/dovecot-sql.conf sed -i "s/{{APP_HOST}}/$APP_HOST/g" /etc/dovecot/local.conf +postconf -e myhostname="$APP_HOST" +[ -z ${MYNETWORKS+x} ] || postconf -e "`postconf mynetworks` $MYNETWORKS" +[ -z ${RELAYHOST+x} ] || postconf -e "relayhost = $RELAYHOST" mkdir /run/dovecot chmod -R +r /run/dovecot chmod -R +w /run/dovecot @@ -56,4 +59,6 @@ rsyslogd # run Postfix and Dovecot postfix start -dovecot -F +dovecot +tail -f /var/log/mail.log +