Skip to content
/ docker-postfix Public

Postfix Docker image with SMTP authentication, TLS and OpenDKIM support

License

MIT license
17 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

danil-smirnov/docker-postfix

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
.github/workflows
.github/workflows
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-entrypoint.sh
docker-entrypoint.sh
 
 

Repository files navigation

docker-postfix

Run postfix with SMTP authentication (sasldb) in a Docker container.
TLS and OpenDKIM support is optional. Fail2ban can be enabled.

Installation

  1. Pull image

    docker pull danilsmirnov/postfix

Usage

  1. Create postfix container with smtp authentication

    docker run -p 25:25 \
	-e MAIL_DOMAIN=example.com -e SMTP_USER=user:pwd \
	--name postfix -d danilsmirnov/postfix
# Set multiple user credentials: -e SMTP_USER=user1:pwd1,user2:pwd2,...,userN:pwdN

  2. Set mail host defferent from mail domain

    docker run -p 25:25 \
	-e MAIL_DOMAIN=example.com -e MAIL_HOST=mail.example.com -e SMTP_USER=user:pwd \
	--name postfix -d danilsmirnov/postfix

  3. Enable OpenDKIM: save your domain key mail.private in /path/to/domainkeys

    docker run -p 25:25 \
	-e MAIL_DOMAIN=example.com -e MAIL_HOST=mail.example.com -e SMTP_USER=user:pwd \
	-v /path/to/domainkeys:/etc/opendkim/domainkeys \
	--name postfix -d danilsmirnov/postfix
# Set DKIM_SELECTOR variable if not okay with default "mail" selector

    To sign more domains add their key file(s) named $DKIM_SELECTOR._domainkey.$DOMAIN.private, e.g.:

    mail._domainkey.subdomain.example.com.private
mail._domainkey.*.example.com.private

    (Wildcard subdomain refers to its parent domain's DNS record.)

  4. Enable TLS(587): save your SSL certificates mail.example.com.key and mail.example.com.crt to /path/to/certs

    docker run -p 587:587 \
	-e MAIL_DOMAIN=example.com -e MAIL_HOST=mail.example.com -e SMTP_USER=user:pwd \
	-v /path/to/certs:/etc/postfix/certs \
	--name postfix -d danilsmirnov/postfix

  5. Enable Fail2ban with postfix-sasl jail to ban brute-force attackers

    docker run -p 25:25 \
	-e MAIL_DOMAIN=example.com -e MAIL_HOST=mail.example.com -e SMTP_USER=user:pwd \
	-e FAIL2BAN=enabled --cap-add NET_ADMIN \
	--name postfix -d danilsmirnov/postfix
# Note: NET_ADMIN capability must be granted to the container
# FAIL2BAN_BANTIME, FAIL2BAN_FINDTIME and FAIL2BAN_MAXRETRY could be set as well

  6. Add your custom configuration script /configure.sh

    docker run -p 25:25 \
	-e MAIL_DOMAIN=example.com -e MAIL_HOST=mail.example.com -e SMTP_USER=user:pwd \
	-v /path/to/script:/configure.sh \
	--name postfix -d danilsmirnov/postfix

    E.g., add an alias to forward mail to:

    postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
echo "mailbox@${MAIL_DOMAIN} address@domain.com" > /etc/postfix/virtual
postmap /etc/postfix/virtual

Note

  • Login credential should be set to (username@mail.example.com, password) in SMTP client
  • You can assign the port of MTA on the host machine to one other than 25 (postfix how-to)
  • Read the reference below to find out how to generate domain keys and add public key to the domain's DNS records

Reference

Credits

About

Postfix Docker image with SMTP authentication, TLS and OpenDKIM support

Resources

Readme

License

MIT license
Activity

Stars

17 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases 12

1.11 Latest
Jun 22, 2023
+ 11 releases

Packages

 
 
 

Contributors 2

  •  
  •  

Languages