Send and receive is working, not with mailing list yet
Signed-off-by: James Ketrenos <james_git@ketrenos.com>
This commit is contained in:
parent
0b2de4c8d0
commit
0678d5ddd4
@ -41,8 +41,8 @@ services:
|
||||
- 465:465 # postfix smtps
|
||||
- 587:587 # postfix submission
|
||||
volumes:
|
||||
- /home/jketreno/docker/mailman/core/var/data/postfix_lmtp:/opt/mailman/postfix_lmtp:ro # Used for LMTP to ketrenet-mailman-core
|
||||
- /home/jketreno/docker/mailman/core/var/data/postfix_domains:/opt/mailman/postfix_domains:ro # Used for LMTP to ketrenet-mailman-core
|
||||
- /home:/home:rw # User home directories for Maildir access
|
||||
- /home/jketreno/docker/webserver/data/mailman/core/var/data/postfix_lmtp:/opt/mailman/postfix_lmtp:ro # Used for LMTP to ketrenet-mailman-core
|
||||
- /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/live:/etc/letsencrypt/live:ro
|
||||
- /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/archive:/etc/letsencrypt/archive:ro
|
||||
- /home/jketreno/docker/webserver/mail/etc/mailname:/etc/mailname:ro
|
||||
@ -56,16 +56,15 @@ services:
|
||||
- /home/jketreno/docker/webserver/mail/etc/opendkim:/etc/opendkim:ro
|
||||
- /home/jketreno/docker/webserver/mail/etc/postfix:/etc/postfix:rw
|
||||
- /home/jketreno/docker/webserver/mail/etc/milter-greylist:/etc/milter-greylist:ro
|
||||
- /home/jketreno/docker/webserver/data/mail/var/lib/milter-greylist:/var/lib/milter-greylist:rw
|
||||
- /home/jketreno/docker/webserver/mail/etc/default/milter-greylist:/etc/default/milter-greylist:ro
|
||||
- /home/jketreno/docker/webserver/mail/entrypoint.sh:/entrypoint.sh:ro
|
||||
- /home/jketreno/docker/webserver/data/log:/var/log:rw
|
||||
- /home/jketreno/docker/webserver/data/mail/var/mail:/var/mail:rw
|
||||
- /home/jketreno/docker/webserver/data/mail/var/spool/mail:/var/spool/mail:rw
|
||||
- /home/jketreno/docker/webserver/data/mail/var/lib/milter-greylist:/var/lib/milter-greylist:rw
|
||||
- /home:/home:rw
|
||||
- /home/jketreno/docker/webserver/www:/var/www:ro
|
||||
- /home/jketreno/docker/webserver/data/mail/var/lib/clamav:/var/lib/clamav:rw
|
||||
- /home/jketreno/docker/webserver/mail/etc/rsyslog.conf:/etc/rsyslog.conf:ro
|
||||
- /home/jketreno/docker/webserver/mail/etc/default/milter-greylist:/etc/default/milter-greylist:ro
|
||||
# Keys
|
||||
- /home/jketreno/docker/webserver/keys/mail/etc/dkimkeys:/etc/dkimkeys:ro
|
||||
- /home/jketreno/docker/webserver/keys/mail/etc/spamassassin/sa-update-keys/:/etc/spamassassin/sa-update-keys:rw
|
||||
|
||||
@ -32,4 +32,9 @@ RUN apt-get -q update \
|
||||
COPY ./Dockerfile.mail /Dockerfile
|
||||
COPY ./entrypoint.sh /entrypoint.sh
|
||||
|
||||
# Change ownership of /opt/mailman so that entrypoint.sh
|
||||
# can watch the postfix_lmtp file and postmap it to a DB
|
||||
# file
|
||||
RUN mkdir /opt/mailman && chown 100:65533 /opt/mailman
|
||||
|
||||
ENTRYPOINT [ "/entrypoint.sh" ]
|
||||
|
||||
@ -1,43 +1,75 @@
|
||||
#!/bin/bash
|
||||
fail() {
|
||||
echo "FAIL: ${*}" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
# clamav needs access to read the spool files from amavis
|
||||
usermod -a -G amavis clamav
|
||||
if ! usermod -a -G amavis clamav; then
|
||||
fail "usermod -a -G amavis clamav"
|
||||
fi
|
||||
|
||||
# postfix needs access to the opendkim socket
|
||||
usermod -a -G opendkim postfix
|
||||
if ! usermod -a -G opendkim postfix; then
|
||||
fail "usermod -a -G opendkim postfix"
|
||||
fi
|
||||
|
||||
# clamd couldn't access amavis/tmp
|
||||
chmod g+rx /var/lib/amavis/tmp
|
||||
if ! chmod g+rx /var/lib/amavis/tmp; then
|
||||
fail "chmod g+rx /var/lib/amavis/tmp"
|
||||
fi
|
||||
|
||||
# directory is not being created by /etc/init.d/opendkim
|
||||
for dir in opendkim ilter-greylist; do
|
||||
if [[ ! -d "/var/spool/${dir}" ]]; then
|
||||
mkdir -p "/var/spool/postfix/${dir}"
|
||||
if ! mkdir -p "/var/spool/postfix/${dir}"; then
|
||||
fail "mkdir -p /var/spool/postfix/${dir}"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
chown opendkim:opendkim /var/spool/postfix/opendkim
|
||||
if ! chown opendkim:opendkim /var/spool/postfix/opendkim; then
|
||||
fail "chown opendkim:opendkim /var/spool/postfix/opendkim"
|
||||
fi
|
||||
|
||||
# opendkim needs to read its private data
|
||||
chown -R opendkim:root /etc/opendkim-private
|
||||
if ! chown -R opendkim:root /etc/opendkim-private; then
|
||||
fail "chown -R opendkim:root /etc/opendkim-private"
|
||||
fi
|
||||
|
||||
if ! chown root:root /var/log; then
|
||||
fail "chown root:root /var/log"
|
||||
fi
|
||||
|
||||
chown root:root /var/log
|
||||
for log in syslog "mail.*" "dovecot*.log" auth.log; do
|
||||
touch /var/log/${log}
|
||||
chmod a+rwX /var/log/${log}
|
||||
if ! touch "/var/log/${log}"; then
|
||||
fail "touch /var/log/${log}"
|
||||
fi
|
||||
if ! chmod a+rwX "/var/log/${log}"; then
|
||||
fail "chmod a+rwX /var/log/${log}"
|
||||
fi
|
||||
done
|
||||
|
||||
if [[ -e /run/rsyslogd.pid ]]; then
|
||||
rm /run/rsyslogd.pid
|
||||
if ! rm /run/rsyslogd.pid; then
|
||||
fail "rm /run/rsyslogd.pid"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ -e /var/run/dovecot/master.pid ]]; then
|
||||
rm /var/run/dovecot/master.pid
|
||||
if ! rm /var/run/dovecot/master.pid; then
|
||||
fail "rm /var/run/dovecot/master.pid"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Set opendkim.sock ownership and permissions
|
||||
|
||||
find /var/log -name 'dovecot*' | while read -r file; do
|
||||
chown dovecot:postfix "${file}"
|
||||
chmod g+rwX "${file}"
|
||||
if ! chown dovecot:postfix "${file}"; then
|
||||
fail "chown dovecot:postfix ${file}"
|
||||
fi
|
||||
if ! chmod g+rwX "${file}"; then
|
||||
fail "chmod g+rwX ${file}"
|
||||
fi
|
||||
done
|
||||
|
||||
if false; then
|
||||
@ -56,9 +88,21 @@ if false; then
|
||||
sed -i -E 's,(passwd|group|shadow|gshadow):.*files$,\1: files [NOTFOUND=return] system\1: files,g' /etc/nsswitch.conf
|
||||
else
|
||||
# use ldap
|
||||
sed -i -E 's#^base dc=example.*#base dc=ketrenos,dc=net#g' /etc/ldap.conf
|
||||
sed -i -E 's#^uri ldap.*#uri ldap://192.168.1.78/#g' /etc/ldap.conf
|
||||
sed -i -E 's#(passwd|group|shadow|gshadow):.*files$#\1: files ldap#g' /etc/nsswitch.conf
|
||||
if ! sed -i -E 's#^base dc=example.*#base dc=ketrenos,dc=net#g' /etc/ldap.conf; then
|
||||
fail "sed 1"
|
||||
fi
|
||||
|
||||
if ! sed -i -E 's#^uri ldap.*#uri ldap://192.168.1.78/#g' /etc/ldap.conf; then
|
||||
fail "sed 2"
|
||||
fi
|
||||
|
||||
if ! sed -i -E 's#(passwd|group|shadow|gshadow):.*files$#\1: files ldap#g' /etc/nsswitch.conf; then
|
||||
fail "sed 3"
|
||||
fi
|
||||
fi
|
||||
|
||||
if ! postmap /opt/mailman/postfix_lmtp; then
|
||||
fail "postmap /opt/mailman/postfix_lmtp"
|
||||
fi
|
||||
|
||||
while true; do
|
||||
@ -84,6 +128,9 @@ done &
|
||||
# greylist.conf is installed into /etc/milter-greylist, however
|
||||
# /etc/init.d/milter-greylist uses the default, which looks in
|
||||
# /etc/mail/greylist.conf
|
||||
if [[ -e /etc/mail/greylist.conf ]]; then
|
||||
rm /etc/mail/greylist.conf
|
||||
fi
|
||||
ln -s ../milter-greylist/greylist.conf /etc/mail/greylist.conf
|
||||
while true; do
|
||||
/usr/sbin/milter-greylist -D -P /var/run/greylist.pid -u postfix -p /var/spool/postfix/milter-greylist/milter-greylist.sock
|
||||
@ -135,7 +182,14 @@ done &
|
||||
#
|
||||
# Watch for letsencrypt changes and if they occur, restart nginx and apache2
|
||||
#
|
||||
while inotifywait -e modify /etc/letsencrypt/archive; do
|
||||
while true; do
|
||||
inotifywait -e modify /etc/letsencrypt/archive /opt/mailman/postfix_lmtp | while read -r file status; do
|
||||
if [[ "${file}" == "/opt/mailman/postfix_lmtp" ]]; then
|
||||
postmap /opt/mailman/postfix_lmtp
|
||||
/etc/init.d/postfix reload
|
||||
else
|
||||
/etc/init.d/dovecot restart
|
||||
/etc/init.d/postfix restart
|
||||
fi
|
||||
done
|
||||
done
|
||||
|
||||
@ -49,7 +49,7 @@ auth_debug_passwords = no
|
||||
|
||||
# Enable mail process debugging. This can help you figure out why Dovecot
|
||||
# isn't finding your mails.
|
||||
mail_debug = yes
|
||||
mail_debug = no
|
||||
|
||||
# Show protocol level SSL errors.
|
||||
verbose_ssl = no
|
||||
|
||||
@ -23,8 +23,8 @@ unverified_sender_defer_code = 250
|
||||
# Disable the biff service (notify users of new mail)
|
||||
biff = no
|
||||
|
||||
# Set the maximum message size to 200M to handle large emails
|
||||
message_size_limit = 200M
|
||||
# Set the maximum message size to 200MB (in bytes)
|
||||
message_size_limit = 209715200
|
||||
|
||||
# Don't append the domain to usernames automatically
|
||||
append_dot_mydomain = no
|
||||
@ -87,7 +87,8 @@ unknown_local_recipient_reject_code = 550
|
||||
owner_request_special = no
|
||||
transport_maps = hash:/opt/mailman/postfix_lmtp
|
||||
local_recipient_maps = hash:/opt/mailman/postfix_lmtp
|
||||
relay_domains = hash:/opt/mailman/postfix_domains
|
||||
# relay_domains is set for more than just mailman ketrenos.com
|
||||
# relay_domains = hash:/opt/mailman/postfix_domains
|
||||
|
||||
# Origin domain for outgoing mail
|
||||
myorigin = /etc/mailname
|
||||
|
||||
@ -19,7 +19,7 @@
|
||||
# -o smtpd_data_restrictions=
|
||||
# -o smtpd_end_of_data_restrictions=
|
||||
submission inet n - y - - smtpd
|
||||
smtps inet n - y - - smtpd
|
||||
#smtps inet n - y - - smtpd
|
||||
# -o smtpd_tls_wrappermode=yes
|
||||
# -o smtpd_sasl_auth_enable=yes
|
||||
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user