Mauro Torrez c8bbf043c9
All checks were successful
continuous-integration/drone/push Build is passing
version inicial
2019-09-30 02:29:16 -03:00

82 lines
3.0 KiB
Docker

FROM eumau/debian:buster-slim
LABEL maintainer "Mauro Torrez <mauro@mau.ro>"
ARG DEBIAN_FRONTEND=noninteractive
ENV LC_ALL C
ENV MYDESTINATION='localhost.localdomain, localhost'
ENV MYHOSTNAME=mail.example.com
ENV MYDOMAIN=example.com
ENV MYNETWORKS='127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128'
ENV VIRTUAL_ALIAS_MAPS=
ENV VIRTUAL_MAILBOX_MAPS=
ENV VIRTUAL_TRANSPORT=lmtp:dovecot:24
ENV VIRTUAL_MAILBOX_DOMAINS=example.com
ENV SMTPD_SASL_PATH=inet:dovecot:12345
ENV SMTPD_SASL_TYPE=dovecot
ENV SMTPD_SASL_AUTH_ENABLE=no
ENV SMTPD_TLS_CERT_FILE=/ssl/cert.pem
ENV SMTPD_TLS_KEY_FILE=/ssl/key.pem
ENV SMTP_TLS_SECURITY_LEVEL=may
ENV SMTPD_TLS_SECURITY_LEVEL=may
ENV SMTPD_TLS_AUTH_ONLY=no
ENV SMTPD_TLS_SESSION_CACHE_DATABASE="btree:\${data_directory}/smtpd_scache"
ENV SMTPD_CLIENT_RESTRICTIONS="check_client_access pcre:/etc/postfix/rules/client_access_list, permit_sasl_authenticated, permit_mynetworks, reject_unknown_client_hostname, reject_unauth_pipelining, permit"
ENV SMTPD_DATA_RESTRICTIONS="reject_unauth_pipelining, permit"
ENV SMTPD_HELO_RESTRICTIONS="check_helo_access hash:/etc/postfix/rules/helo_access_list, permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, warn_if_reject, permit"
ENV SMTPD_RELAY_RESTRICTIONS="permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, permit"
ENV SMTPD_RECIPIENT_RESTRICTIONS="check_recipient_access hash:/etc/postfix/rules/recipient_access_list, permit_mynetworks, permit_sasl_authenticated, reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_unauth_destination, permit"
ENV MESSAGE_SIZE_LIMIT=31457280
ENV SMTPD_HELO_REQUIRED=yes
ENV BIFF=no
ENV SUBMISSION_ENABLE=no
# TODO: template access lists
RUN echo "_dev_null: /dev/null" > /etc/aliases \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
postfix \
postfix-pcre \
postfix-ldap \
postfix-sqlite \
libsasl2-modules \
ssl-cert \
&& rm -rf /var/lib/apt/lists/* \
&& cp /usr/share/postfix/main.cf.debian /etc/postfix/main.cf \
&& mkdir -p /etc/postfix/rules \
&& touch \
/etc/postfix/rules/client_access_list \
/etc/postfix/rules/helo_access_list \
/etc/postfix/rules/recipient_access_list \
&& mkdir -p /ssl \
&& chmod 700 /ssl \
&& cp /etc/ssl/certs/ssl-cert-snakeoil.pem /ssl/cert.pem \
&& cp /etc/ssl/private/ssl-cert-snakeoil.key /ssl/key.pem \
&& postconf -F \
smtp/inet/chroot=n \
pickup/unix/chroot=n \
cleanup/unix/chroot=n \
qmgr/unix/chroot=n \
tlsmgr/unix/chroot=n \
rewrite/unix/chroot=n \
bounce/unix/chroot=n \
defer/unix/chroot=n \
trace/unix/chroot=n \
verify/unix/chroot=n \
flush/unix/chroot=n \
smtp/unix/chroot=n \
relay/unix/chroot=n \
showq/unix/chroot=n \
error/unix/chroot=n \
retry/unix/chroot=n \
discard/unix/chroot=n \
lmtp/unix/chroot=n \
anvil/unix/chroot=n \
scache/unix/chroot=n
ADD confd /etc/confd/
VOLUME /etc/postfix /ssl
EXPOSE 25/tcp 587/tcp
CMD ["postfix","start-fg"]