By default a simple relayhost postfix instance is started.
The command to run this container is:
podman run -d --rm --name postfix -p 25:25 -e SMTP_RELAYHOST=smtp.example.com registry.opensuse.org/opensuse/postfix
In all examples, podman can be replaced directly with docker.
DEBUG=[0|1] Enables "set -x" in the entrypoint script.TZ Timezone to use in the container.SERVER_HOSTNAME Server hostname. Emails will appear to come from the hostname's domain.SERVER_DOMAIN If not set, the domain part of SERVER_HOSTNAME will be used.SMTP_RELAYHOST Name of the SMTP relay server to use.SMTP_PORT=587 The relayhost port.SMTP_USERNAME Username to authenticate with on the relayserver.SMTP_PASSWORD Password of the SMTP user, alternative SMTP_PASSWORD_FILE could be used to point to a file with the passwordSMTP_NETWORKS Comma seperated subnets who are allowed to use the relay. E.g. SMTP_NETWORKS='xxx.xxx.xxx.xxx/xx, xxx.xxx.xxx.xxx/xx'. 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16 are preset.INET_PROTOCOLS The network interface protocols used for connections. Valid values are "all", "ipv4", "ipv6" or "ipv4,ipv6". The default value is "ipv4".MASQUERADE_DOMAINS Comma separated list of domains that must have their subdomain structure stripped off.MYDESTINATION List of domains for which mails are delivered locally instead of forwarding to another machine.NULLCLIENT=[0|1] Don't accept any mails locally but relay them to a remote host. Ignored if MYDESTINATION is set. The default is 1.SMTP_TLS_SECURITY_LEVEL SMTP TLS security level. The default is may.LMTP=host Host on which the lmtp service is running. This will disable the usage of the vmail user account.ENABLE_SUBMISSION=[0|1] Enable submission port. The default is 0.ENABLE_SUBMISSIONS=[0|1] Enable submissions/smtps port. This requires SMTPD_USE_TLS=1. The default is 0.SMTPD_USE_TLS=[0|1] Enforce TLS. The default is 0.SMTPD_TLS_CRT= Path to certificate, default /etc/postfix/ssl/certs/tls.crtSMTPD_TLS_KEY= Path to public key, default /etc/postfix/ssl/certs/tls.keySPAMASSASSIN_HOST Host on which spamd is running. Enables Spam checking.VIRTUAL_MBOX=[0|1] Create virtual mail boxes in /var/spool/vmail owned by user vmail.VMAIL_UID=5000 User ID and group ID of the vmail user for virtual domains and mailboxes.VIRTUAL_DOMAINS= Whitespace seperated list of virtual domains, will be written to /etc/postfix/vhosts.VIRTUAL_USERS= Whitespace seperated list of virtual users email addresses.USE_LDAP=[0|1] Use LDAP for virtual mail box user accounts.LDAP_BASE_DN LDAP base DN, defaults to dc=example,dc=org.LDAP_SERVER_URL LDAP Server URL, defaults to ldap://localhost.LDAP_BIND_DN DN to bind, defaults to cn=mailAccountReader,ou=Manager,dc=example,dc=orgLDAP_BIND_PASSWORD The password for the distinguished name to bind (LDAP_BIND_DN)LDAP_USE_TLS=[1|0] Use TLS for LDAP queries, by default enabled.LDAP_TLS_CA_CRT LDAP SSL CA certificate./var/spool/postfix Postfix mail queues. A data volume should be used in order to save the queue content if the container restarts./var/spool/vmail Virtual user mboxes. This directory contains the mails stored in Maildir format of the virtual users of the virtual domains. Everything is owned by the vmail user./etc/pki PKI directories for CA certificatesThe environment variable VIRTUAL_MBOX=1 will enable support for virtual
domains and virtual users. It can be used in conjunction with a relay host.
Mails for virtual domains and users are stored in Maildir format in
/var/spool/vmail inside the container. To not loose the mail, this directory
should be a persistence volume.
VMAIL_UID specifies the UID and GID which owns all files below this
directory. This makes sure, that the container is using the same UID/GID as
the Container Host OS for the files and not regular users are owning this
files and can read and modify them. The default UID/Gid is 5000.
There are three ways to provide the data for virtual domains and users, via environment variables, files or LDAP.
Beside the already mentioned environment variables, two futher variables
define the virtual domains and the virtual users.
VIRTUAL_DOMAINS="example.com example2.com example3.com" is a whitespace
seperated list which can contain one or more virtual domains. For every
domain, an own directory below /var/spool/vmail will be created.
VIRTUAL_USERS="user1@example.com user@example3.com user2@example.com"
Whitespace seperated list of virtual users email addresses.
The example call:
podman run -d --rm --name postfix -p "25:25" -e VIRTUAL_MBOX=1 -e VMAIL_UID=5000 -e VIRTUAL_DOMAINS="example.com example1.com" -e VIRTUAL_USERS="user1@example.com user2@example.com user@example1.com" -e SERVER_HOSTNAME=smtp.example.com -e SMTP_RELAYHOST=relay.example.com -e SMTP_USERNAME=mailer -e SMTP_PASSWORD='XXX' -v "/srv/postfix/vmail:/var/spool/vmail" registry.opensuse.org/opensuse/postfix:latest
Will store the mails for the users user1@example.com, user2@example.com,
user@example1.com into the directories inside of the container:
- /var/spool/vmail/example.com/user1/
- /var/spool/vmail/example.com/user2/
- /var/spool/vmail/example1.com/user/
and outside the container:
- /srv/postfix/vmail/example.com/user1/
- /srv/postfix/vmail/example.com/user2/
- /srv/postfix/vmail/example1.com/user/
owned by the user vmail with UID and GID 5000. All other mails are
forwarded to the relay relay.example.com with the account mailer and the
password XXX.
Instead of maintaining a long list of environment variables, the configuration files could also be provided and mapped into /etc/postfix of the container.
/etc/postfix/vhosts contains the list of virtual domains seperated by
newlines:
example.com
example1.com
/etc/postfix/vmaps contains the list of the virtual users, where to store
them below the vmail directory and if mbox format or Maildir should be used.
For Maildir, the configuration file for the above example would look like:
user1@example.com example.com/user1/
user2@example.com example.com/user2/
user@example1.com example1.com/user/
For mbox format, the trailing '/' needs to be removed.
Additional a /etc/postfix/vquota file is required, which contains the quota
of the virtual users mailbox. To disable it, the file would look like:
user1@example.com 0
user2@example.com 0
user@example1.com 0
The example call:
podman run -d --rm --name postfix -p 25:25 -e VIRTUAL_MBOX=1 -e VMAIL_UID=5000 -e SERVER_HOSTNAME=smtp.example.com -e SMTP_RELAYHOST=relay.example.com -e SMTP_USERNAME=mailer -e SMTP_PASSWORD='XXX' -v "/srv/postfix/vmail:/var/spool/vmail" -v "/srv/postfix/etc/vhosts:/etc/postfix/vhosts:ro" -v "/srv/postfix/etc/vmaps:/etc/postfix/vmaps:ro" -v "/srv/postfix/etc/vquota:/etc/postfix/vquota:ro" registry.opensuse.org/opensuse/postfix:latest
With LDAP (use VIRTUAL_MBOX=1 and USE_LDAP=1) the postfix schema is used: maildrop is the real email address, while mailacceptinggeneralid are aliases.
If the VIRTUAL_DOMAINS environment variable is not set, the virtual domains are take from the email addresses used in mailacceptinggeneralid. In this case,
the email domains of the aliases must be different then the one of maildrop. If the virtual domains are specified with VIRTUAL_DOMAINS, mailacceptinggeneralid
are handled as normal mail aliases and the domain could be the same as for maildrop.
To deliver the mails via a LMTP service, the container needs to know the host on which such a service is running:
podman run -d --rm --name postfix -p 25:25 -e MYDESTINATION=example.com -e LMTP=lmtp.example.com registry.opensuse.org/opensuse/postfix:latest