Public | Automated Build

Last pushed: 9 months ago
Short Description
Postfix SMTP server with DKIM
Full Description

Versatile Postfix Mail Server (marvambass/versatile-postfix)

maintained by MarvAmBass

FAQ - All you need to know about the marvambass Containers

What is it

This Dockerfile (available as marvambass/versatile-postfix) gives you a completly versatile postfix
mailserver.

It signs outgoing mails with DKIM by default. You can initially create one Domain with different users with there passwords.

This is not a POP3 or IMAP server, you will get incomming E-Mails in the Maildir format. Read it with less or link a IMAP Server to the volume.

View in Docker Registry marvambass/versatile-postfix

View in GitHub MarvAmBass/docker-versatile-postfix

Environment variables and defaults

  • ALIASES
    • optional, no default, example usage: "postmaster:root;john:root;j.doe:root"
  • DISABLE_DKIM
    • default: not set - if set to any value the DKIM Signing will be deactivated
  • DKIM_CANONICALIZATION
    • default: simple - can be either relaxed or simple
  • DISABLE_TLS
    • default: not set - if set to any value TLS will be disabled
  • TLS_SECURITY_LEVEL
  • CERT_FILE
    • File with the Postfix SMTP server RSA certificate in PEM format.
      This file may also contain the Postfix SMTP server private RSA key.
  • CERT_KEY
    • Optional. File with the Postfix SMTP server RSA private key in PEM format.
      This file may be combined with the Postfix SMTP server RSA certificate file specified with CERT_FILE
      see
  • CERT_CA
    • A file containing (PEM format) CA certificates of root CAs trusted to sign either remote SMTP client certificates
      or intermediate CA certificates. see

Running the Mailserver

This Dockerfile is build to be as versatile as possible.
Therefore the startup script takes care of all the important things.

You can easily create a new Mailserver for a domain with several users.

Keep in mind, this is a smtp server only.
To read recievied mails you should link a folder inside the conatiner.
Otherwise all mails will get lost after you delete your container.

To create a new postfix server for your domain you should use the following commands:

docker run -p 25:25 -v /maildirs:/var/mail \
    -v /dkim:/etc/postfix/dkim/ \
    -e 'ALIASES=postmaster:root;hostmaster:root;webmaster:root' \
    ekapusta/docker-postfix \
    yourdomain.com \
    user:password \
    user1:password \
    user2:password \
    userN:password

this creates a new smtp server which listens on port 25, stores mail beneath /mailsdirs.

The /dkim directory has to contain a DKIM-Key (see above) with the name dkim.key

It has serveral user accounts like user1 with password "password" and
a mail address user1@yourdomain.com

TLS (port 587)

self signed certificate

For generate self signed certificate run

openssl req -new -nodes -x509 -out smtpd.pem -keyout smtpd.pem -days 3650

IMPORTANT: Common Name must contain the fully-qualified host name

For start:

docker run -p 587:587 -v /maildirs:/var/mail \
        -v /dkim:/etc/postfix/dkim/ \
        -v /cert:/etc/postfix/certs
        -e 'CERT_FILE=/etc/postfix/certs/smtpd.pem' \
        -e 'CERT_KEY=/etc/postfix/certs/smtpd.pem' \
        -e 'CERT_CA=/etc/postfix/certs/smtpd.pem' \
        -e 'ALIASES=postmaster:root;hostmaster:root;webmaster:root' \
        ekapusta/docker-postfix \
        yourdomain.com \
        user:password \
        user1:password \
        user2:password \
        userN:password

DKIM

This Server uses DKIM by default. So we need our DKIM Keys.
If you don't have a DKIM Key, the Server will generate it on the first start.
Just be sure, that you make the directory /etc/postfix/dkim/ available and
install the logged public key to your DNS System

More about DKIM

To generate those keys you'll need the opendkim tools

apt-get install opendkim-tools

This generates a new certificate for @example.com with selector (-s) mail. If you want to Test DKIM first, add -t argument which stands for test-mode.

opendkim-genkey -s mail -d example.com

Just put the file mail.private as dkim.key inside the dkim directory you'll later link into the container using -v.

The mail.txt should be imported into the DNS System. Add a new TXT-Record for mail._domainkey [selector._domainkey]. And add as value the String starting "v=DKIM1;..." from the mail.txt file.

Thats all you need for DKIM

Testing SMTP Mail recivieing

$ mailx -r "sender@example.com" -s "Test Mail Subject" user1@yourdomain.com < /etc/hosts

Testing the SMTP Auth and SMTP sending via telnet:

$ echo -ne '\0user\0password' | openssl enc -base64
AHVzZXIAcGFzc3dvcmQ=

$ telnet 127.0.0.1 25
Trying 192.168.4.55...
Connected to yourdomain.com.
Escape character is '^]'.
220 yourdomain.com ESMTP
ehlo test
250-yourdomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250 8BITMIME
auth plain AHVzZXIAcGFzc3dvcmQ=
235 Authentication successful
mail from: user@yourdomain.com
250 2.1.0 Ok
rcpt to: mail@example.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Hi there
this is just a basic test message
.
250 2.0.0 Ok: queued as 2E7FB27F
quit
221 Bye
Connection closed by foreign host.

Links

DKIM Keycheck

DKIM more Infos and signature check

Docker Pull Command
Owner
ekapusta

Comments (0)