-
Notifications
You must be signed in to change notification settings - Fork 1
Home
To get started, you'll need an internet-connected server as well as a DNS name pointing to it. DNS is a requirement for getting letsencrypt certificates.
See Set-up-your-mail-server for set-up instructions.
The container ships a few comfort scripts for adding and removing users.
These scripts reside in the repo's main directory and call implementations inside the container.
The counterparts inside the container reside in th repo's scripts/ directory and are added to the container at build time (see Dockerfile).
$ ./user.sh add [email protected]
Created user '[email protected]', generated password is:'0sw;eZxqh(M6mmjlnqu;'.NOTE Password is within the single quotes ('). The single quotes are not part of the password.
Create users for any of the DOMAIN or ADDITIONAL_DOMAINS you've defined in the server settings. For the user's IMAP and SMTP access you can either supply a password or have the script auto-generate one. In the latter case the password is printed after the user has been generated.
To add user "meier" with password "12345" to domain "entropiesenke.de", run
$ ./user.sh add [email protected] 12345
Created user '[email protected]' with password provided.$ ./user.sh listDisplays a list of all users and their inbox sizes.
$ ./user.sh del [email protected]
Deleted '[email protected]'.This removes a user and prevents them from accessing the server.
Optionally, the email inbox (all of the user's emails) can also be deleted.
If the inbox is not deleted, the user can later be re-created (see add_user.sh) to re-enable access.
$ ./user.sh del --purge-inbox [email protected]
Deleted '[email protected]' and purged mail/inboxes/wombathub.de/[email protected].User aliases are maintained in _server_workspace_/etc/postfix/valias and can be edited directly.
The aliases file's structure is very simple. Each line defines one alias:
[alias-source-email] [alias-target-user]
While alias sources are complete email addresses - user@domain and all domains can be used, alias destinations are limited to user accounts on the mail server's main DOMAIN.
Assuming DOMAIN=wombathub.de and ADDITIONAL_DOMAINS=entropiesenke.de, this example
[email protected] karl
[email protected] karl
sets up account [email protected] to also receive email for [email protected] and [email protected].
The account [email protected] must of course exist for this to work.
Update the aliases after changing _server_workspace_/etc/postfix/valias by running
$ ./user.sh update-aliases
Server settings
The server supports plain SMTP (enforces STARTTLS), SMTP over SSL, IMAP, and IMAP over SSL.
- The mail server (for both sending and receiving) is
HOSTNAME. - SMTP:
- Port 25 w/ STARTTLS
- Port 465 w/ SSL/TLS
- IMAP:
- Port 143 (STARTTLS)
- Port 993 w/ SSL/TLS
Either "plain" or "login" login is supported. Username is the full user@domain name supplied to user.sh add .... Password is the password provided (or generated).
The repository includes systemd unit files to automatically start the mailserver at boot time. The unit files assume the mailserver resides in /opt/mailserver.
If you use custom ports for HTTP and HTTPS edit systemd/mailserver.service and add the ports as positional arguments to ExecStart=/opt/mailserver/start_mailserver.sh.
First, make sure both mailserver and monitoring are stopped. Then copy the unit files to /etc:
$ cp systemd/ /etc/systemd/system/Now update systemd with the new unit files:
$ systemd daemon-reloadLastly, enable the mailserver service and (if you're using it) the monitoring service:
$ systemd enable --now mailserver
$ systemd enable --now mailserver-monitoringIn this scenario, a web server runs on the host that also runs the mailserver container. The container caannot use port 80 because it is used by the host's webserver.
To work around this issue and still have the mailserver container handle the mailserver's certificates, add a proxy configuration to the hosts's webserver.
The proxy (i.e. the host's webserver) will accept connections on port 80 for the mailserver's HOSTNAME and forward the connection to the mailserver container.
For this to work, the mailserver container needs to map its HTTP port to something else than port 80.
If you use monitoring, you can start the container's HTTPS server on a differen port (see below).
Without proxy
host webserver mailserver container
.--------------------------. .--------------------------.
--->|:80 www.mydomain.tld | ?????? :-( |
`--------------------------´ `--------------------------´
With proxy
host webserver
.------------------------------.
--->|:80 www.mydomain.tld |
| mail.mydomain.tld :12345--. mailserver container
`----------------------------´ | .--------------------------.
`-->|:12345 8-D |
`--------------------------´
Here's a very simple proxy definition for the above, for Apache Foundation's httpd:
<VirtualHost *:80>
ServerName mail.mydomain.tld.
ProxyPass / http://127.0.0.1:12345/
ProxyPassReverse / http://127.0.0.1:12345/
ProxyPreserveHost on
</VirtualHost>Put this in a separate .conf file in /etc/httpd/conf.d/ and run sudo systemd reload httpd (Fedora, Red Hat, CentOS, etc.) / /etc/apache/sites-enabled/ (Debian, Ubuntu, etc.) and run sudo systemd reload apache to activate.
The container start script offers custom ports for bot http and https.
In order for the monitoring dashboards to work on a custom HTTPS port, edit settings.env and change
GF_SERVER_ROOT_URL=https://${HOSTNAME}/monitoring/
to
GF_SERVER_ROOT_URL=https://${HOSTNAME}:[PORT]/monitoring/
e.g. for HTTPS on port 23456, use
GF_SERVER_ROOT_URL=https://${HOSTNAME}:23456/monitoring/
The start_mailserver.sh accepts custom HTTP and HTTPS ports as positional arguments.
$ ./start_mailserver.sh <http> <hhtps>e.g. for http proxied to port 12345 and https served on port 23456, run:
$ ./start_mailserver.sh 12345 23456A Dockerfile is provided with this repo. (Re-)Build the container by issuing
$ docker build -t myemailserver .
Then run your build:
docker run --rm -ti -p 80:80 -p 25:25 -p 465:465 -p 143:143 -p 993:993 -v $(pwd)/_server_workspace_:/host --env-file settings.env --name my-mailserver myemailserver