Public | Automated Build

Last pushed: a day ago
Short Description
Short description is empty for this repo.
Full Description

postfix mail server with configurable hostname and trusted hosts and proper
shutdown handling


By default, connected rfc1918 networks are detected and allowed. Local networks
(, ::1) are also allowed.


Postfix logs to a syslog server. Unless indicated, no syslog server is configured
or started started. (the phusion baseimage does start a syslog server).

For simplicity, you can bind-mount the one on the host using -v /dev/log:/dev/log

Suggested Volumes

  • /var/spool/postfix is the spool directory. Its also where postfix chroots to by default.
  • /etc/postfix is the configuation directory


You can customize the image behavior using environmental variables or entrypoint

<th>Enviromental Variable(s)</th>
<th>Entrypoint Option</th>
<td>(use <code>--hostname</code>)</td>
<td>Mail name to use (appears in mail headers). Defaults to hostname</td>
<td>RELAYHOST="[relay hostname]</td>
<td><code>--relayhost []</code></td>
<td>The host to relay mail to.</td>
<td><code>TRUST="local"</code> or <code>TRUST_LOCAL="0"</code></td>
<td>Trust addresses on the lo interface. Enabled by default</td>
<td><code>TRUST="connected-rfc1918"</code> or <code>TRUST_CONNECTED_RFC="1"</code></td>
<td>Trust all locally connected rfc1918 subnets. Enabled by default</td>
<td><code>TRUST="connected"</code> or <code>TRUST_CONNECTED="1"</td>
<td>Trust all addresses connected (excluding IPv6 local-link addresses). Disabled by default</td>
<td><code>TRUST="rfc1918"</code> or <code>TRUST_RFC1918="1"</td>
<td>Trust all rfc1918 address. Disabled by default</td>
<td>Trust the fe80::/64 IPv6 subnet. Disabled by default</td>
<td><code>TRUST_SUBNETS="[space separated list of subnets]"</code></td>
<td><code>--trust-subnet []</code></td>
<td>Trust the specified subnet (IPv4 and IPv6 supported). Disabled by default</td>
<td><code>TRUST_INTERFACES="[space separated list of interfaces]"</code></td>
<td><code>--trust-interface []</code></td>
<td>Trust all network address on the interface (excluding IPv6 LLA). Disabled by default</td>
<td>Use with local, connected-rfc1918, connected, rfc1918, or lla to skip trusting it. Disabled by default</td>
<td>Disable/reset all trusts. Disabled by default</td>

Docker Pull Command
Source Repository

Comments (0)