A Dockerfile that runs a secure, configurable mailserver with all kinds of good stuff:
- SMTP over SSL via Postfix as MTA, with a set of DNSBLs so spam is cleared before it hits your mailbox.
- POP3 over SSL, via Dovecot
- IMAP over SSL via Dovecot
- Mail server verification via OpenDKIM
Build the docker image by running
make or executing:
docker build [--rm] -t <user>/mail .
In order to have all of the above mentioned features fully functional for your domain,
and the email-addresses and aliases it hosts, run through each of the following steps. At the end
you should have a <settings_folder> with a structured that is similar to the one in this repository that acts as an example.
Create 2 persistent folders: one to hold the configuration/settings files and one that will act as mail storage.
This can be on the server, and the folder names can be freely chosen. example:
Alternatively, those folders can be inside a data container, but with specific volumes.
docker run -d --name mail-data \ -v /settings \ -v /data \ busybox
Add the FQDN of your server to the first line of the file
Add all the domains you want this server to receive mail for to the file
<settings_folder>/domainsin the following format:
Add addresses and aliases you want to receive mail for to the file
<settings_folder>/aliasesin the following format:
email@example.com firstname.lastname@example.org email@example.com firstname.lastname@example.org email@example.com firstname.lastname@example.org @myotherdomain.org email@example.com
IMAP accounts will be created for each unique entry in the right column. Mails sent to the email addresses in the left column will be delivered in the corresponding IMAP account to the right.
Add user passwords to the
<settings_folder>/passwordsin the following format:
In order to generate the hash values, you need to call
doveadm pw -s <pw-scheme>. For this you need dovecot installed; this can be done locally, or by firing up this container in attached state by calling
docker run -it --rm <user>/mail bashand then running
mail-configure && doveadm pw -s <pw-scheme>. It's recommended to use
SHA512-CRYPTas pw scheme.
Generate the DKIM key (again, either you have opendkim installed locally, or you run this container in attached mode) by calling:
opendkim-genkey -s mail -d mydomain.net
This will create 2 files: (1) copy the
mail.privatefile to the
<settings_folder>and (2) the content of
mail.txtneeds to be set as the value of a
TXT DNS Recordfor the key
Set up SPF, by adding
"v=spf1 mx -all"as a
TXT DNS Recordfor the key
Set up the Reverse PTR
(Optional) Add your domain ssl private key and certificate to the
<settings_folder>/sslfolder, so its content looks like:
Running the container
Once the container is build (or pulled from the hub), the folders for the settings and mail storage exist, and the configuration files are in place in the settings folder, you can run the container as follows:
If the folders are on the server
docker run -d [--name <name>] \ -v <settings_folder>:/settings \ -v <data_folder>:/data \ -p 25:25 \ -p 143:143 \ -p 587:587 \ -p 993:993 \ <user>/mail
If the folders are within a data container
docker run -d [--name <name>] \ --volumes-from mail-data \ -p 25:25 \ -p 143:143 \ -p 587:587 \ -p 993:993 \ <user>/mail
(Or mixed) with the settings folder on the server and the storage in a data container
docker run -d --name mail-data \ -v /data \ busybox docker run -d [--name <name>] \ -v <settings_folder>:/settings \ --volumes-from mail-data \ -p 25:25 \ -p 143:143 \ -p 587:587 \ -p 993:993 \ <user>/mail
Licensed under the MIT License. See the LICENSE file for details.
Feedback, bug-reports, requests, ...