This repository has been archived on 2021-02-06. You can view files and clone it, but cannot push or open issues or pull requests.
mail/postfix/Dockerfile

70 lines
2.7 KiB
Docker
Raw Normal View History

2019-07-11 22:21:07 +02:00
FROM alpine
2018-03-08 15:45:31 +01:00
RUN apk add --no-cache \
2019-03-31 00:16:15 +01:00
ca-certificates \
openssl \
postfix \
postfix-ldap \
postfix-pcre
2018-03-24 18:52:46 +01:00
2018-03-15 16:32:17 +01:00
RUN echo '' > /etc/postfix/main.cf \
2018-03-24 18:52:46 +01:00
&& postconf -e myorigin='$mydomain' \
2018-03-15 16:32:17 +01:00
&& postconf -e mynetworks='127.0.0.0/8 [::1]/128' \
2019-03-31 00:16:15 +01:00
&& postconf -e smtpd_recipient_restrictions=' \
2019-08-01 14:04:30 +02:00
check_sender_access hash:/etc/postfix/access_sender, \
2019-03-31 00:16:15 +01:00
reject_non_fqdn_sender, \
reject_non_fqdn_recipient, \
reject_unknown_sender_domain, \
reject_unknown_recipient_domain, \
permit_sasl_authenticated, \
permit_mynetworks, \
reject_unauth_destination, \
reject_rbl_client zen.spamhaus.org, \
reject_rbl_client ix.dnsbl.manitu.net, \
reject_unverified_recipient, \
permit \
' \
2018-03-15 16:32:17 +01:00
&& postconf -e recipient_delimiter='+' \
&& postconf -e smtpd_banner='$myhostname ESMTP $mail_name' \
&& postconf -e smtpd_use_tls='yes' \
&& postconf -e smtpd_tls_loglevel='1' \
2019-03-31 00:16:15 +01:00
&& postconf -e smtpd_tls_key_file='/tls/privkey' \
&& postconf -e smtpd_tls_cert_file='/tls/fullchain' \
2018-03-15 16:32:17 +01:00
&& postconf -e smtpd_tls_security_level='may' \
&& postconf -e smtpd_tls_auth_only='yes' \
&& postconf -e smtpd_tls_mandatory_protocols='!SSLv2,!SSLv3,!TLSv1,!TLSv1.1' \
&& postconf -e smtpd_tls_protocols='!SSLv2,!SSLv3,!TLSv1,!TLSv1.1' \
2019-03-31 00:16:15 +01:00
&& postconf -e smtpd_tls_mandatory_ciphers='high' \
&& postconf -e smtpd_tls_exclude_ciphers='aNULL' \
2018-03-15 16:32:17 +01:00
&& postconf -e smtpd_tls_dh1024_param_file='/etc/postfix/dh-params/2048.pem' \
&& postconf -e smtpd_tls_eecdh_grade='strong' \
&& postconf -e smtp_tls_loglevel='1' \
2019-03-31 00:16:15 +01:00
&& postconf -e smtp_tls_security_level='may' \
&& postconf -e smtp_tls_mandatory_ciphers='medium' \
2018-03-15 16:32:17 +01:00
&& postconf -e tls_preempt_cipherlist='yes' \
&& postconf -e smtpd_sasl_auth_enable='yes' \
&& postconf -e smtpd_sasl_type='dovecot' \
&& postconf -e smtpd_sasl_path='inet:dovecot:100' \
&& postconf -e virtual_transport='lmtp:[dovecot]' \
&& postconf -e virtual_alias_maps='hash:/etc/postfix/virtual' \
2019-03-31 00:16:15 +01:00
&& postconf -e virtual_mailbox_maps='ldap:/etc/postfix/virtual_mailbox_maps.cf' \
2018-03-24 18:52:46 +01:00
&& postconf -e virtual_mailbox_limit='0' \
2018-03-15 16:32:17 +01:00
&& postconf -e disable_vrfy_command='yes' \
&& postconf -e enable_long_queue_ids='yes' \
2018-03-24 18:52:46 +01:00
&& postconf -e strict_rfc821_envelopes='yes' \
2019-03-31 00:16:15 +01:00
&& postconf -e maillog_file='/dev/stdout' \
2019-08-01 14:04:30 +02:00
&& newaliases \
&& touch /etc/postfix/access_sender
2018-03-08 15:45:31 +01:00
2019-03-31 00:16:15 +01:00
RUN cp -r /var/spool/postfix /var/spool/postfix-skel
2018-03-08 15:45:31 +01:00
2019-03-31 00:16:15 +01:00
COPY master.cf /etc/postfix/
COPY smtp_header_checks /etc/postfix/
COPY virtual_mailbox_maps.cf /etc/postfix/
2018-03-24 18:52:46 +01:00
2019-03-31 00:16:15 +01:00
COPY scripts /usr/local/bin/
2018-03-08 15:45:31 +01:00
2019-03-31 00:16:15 +01:00
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
2018-03-08 15:45:31 +01:00
EXPOSE 25 587