tecnativa / docker-postfix-relay Goto Github PK

View Code? Open in Web Editor NEW

19.0 7.0 25.0 39 KB

SMTP server and SMTP relay host

License: Apache License 2.0

Shell 64.62% Dockerfile 35.38%

smtp-relay docker-image postfix

docker-postfix-relay's Introduction

Dockerized SMTP relay

What?

SMTP relay with local queue.

Why?

Sending emails through a controlled network (possibly localhost or LAN) is faster and more controlled than sending them directly through the Internet.

This container retains email queue in a volume under /var/spool/postfix, so in case your network fails or your real SMTP server is down for maintenance or whatever, queue will be sent when network connection is restored.

This way your app can send emails faster, forget about possible temporary network failures, and concentrate on its business.

How?

Configure through these environment variables:

MAILNAME: The default host for cron job mails.
MAIL_RELAY_HOST: The real SMTP server (e.g. smtp.mailgun.org).
MAIL_RELAY_PORT: The port in MAIL_RELAY_HOST. Depending on the port, a specific security configuration will be used.
MAIL_RELAY_USER: The user to authenticate in MAIL_RELAY_HOST.
MAIL_RELAY_PASS: The password to authenticate in MAIL_RELAY_HOST.
MAIL_CANONICAL_DOMAINS: A space-separated list of domains that are considered canonical.
MAIL_NON_CANONICAL_DEFAULT: A domain that should be found in the list of MAIL_CANONICAL_DOMAINS, which will be used as the replacement domain when a non-canonical message comes in. Leave it empty to skip that replacement system.
MAIL_CANONICAL_PREFIX: Defaults to noreply+, and it is what will be prefixed to replaced non-canonical sender addresses.
MESSAGE_SIZE_LIMIT in bytes, defaults to 50MiB. Most generous servers offer a limit of 25iMB (Gmail, Mailgun...), so by defaulting to 50MiB, basically we are forcing the remote server to fail in case of a big email, instead of making the local relay to fail. Change at will if you prefer a different behavior.
ROUTE_CUSTOM space separated list of subnets in the CIDR standard notation (e.g 192.168.0.0/16).

Examples

SMTP relay via Gmail

docker container run \
    -e MAIL_RELAY_HOST='smtp.gmail.com' \
    -e MAIL_RELAY_PORT='587' \
    -e MAIL_RELAY_USER='[email protected]' \
    -e MAIL_RELAY_PASS='your_gmail_pass' \
    tecnativa/postfix-relay

FAQ

What Is A Canonical Domain

It means "domains that are allowed to send from here".

Suppose your app allows users to define their own emails, and that one is used to send emails to other users from the system.

If you only own the example.com and example.net domains, but somebody configures his email as [email protected]. If you send this email as it came, SPAM filters will block it.

By defining MAIL_CANONICAL_DOMAINS=example.com example.net and MAIL_NON_CANONICAL_DEFAULT=example.com, the mail would be modified as if it came from [email protected], and SPAM filters will be happy with that.

docker-postfix-relay's People

Contributors

Stargazers

Watchers

docker-postfix-relay's Issues

Feedback & suggested improvements

Was looking for an SMTP agent to combine with a Docker instance. Found this, but it seems to hiccup in my test environment at least.

Suggested docker-compose.yaml ; based in part on other SMTP docker stuff I found. This also documents the fact that postfix fires up as port 25.

smtp:
  restart: always
  build: .
  ports:
   - "25:25"
  environment:
    MAIL_RELAY_PORT: '587'
    MAIL_RELAY_HOST: 'smtp-relay.gmail.com'
    MAIL_RELAY_USER: '[email protected]'
    MAIL_RELAY_PASS: 'Password'
    RELAYHOST: 'smtp-relay.gmail.com'

The content in the Dockerfile for building up the Postfix configuration: it may need adjustment to allow Docker networks from 172.17.0.1/12 and/or 172.18.0.1/12 to connect (saw that come up in the logs at least once).
I tried to munge in additional environment values into the Postfix config. Not sure that's being successful. May have more luck using the docker-compose to import a customized main.cf ?

allow postfix "mynetworks" editing

Hi,

Thanks for the easy postfix installation.

Is there an easy way to extend the "mynetworks" postfix config please?
For example I'd like to allow several local subnets.. or even (10.0.0.0/8).

Regards,
Andrea

docker smtp relay to enable scanner to send mail

Hopefully, you can help me getting the smtp-relay configured right. I have a HP Color LaserJet CM6040 MFP that is able to scan documents and send them to an smtp gateway. Since this machine is somewhat older it does not support TLS. I like to solve this by using a plain (unsafe) smtp relay in my local network an then have that foreward it using my google account with TLS. Somehow, I could not get this working. This is what I have set up:

On my server in the local network I have started the docker image for postfix-relay:

sudo docker --name smtp -d --restart=always -p 25:25 -e MAIL_RELAY_HOST='smtp.gmail.com' -e MAIL_RELAY_PORT='587' -e MAIL_RELAY_USER='[email protected]' -e MAIL_RELAY_PASS='supersecretpassword' tecnativa/postfix-relay

My printer points to this local server on port 25 with no SSL and no authentication.
I scan a page and tell the printer to send it to [email protected]
The printer recognises the smtp gateway and send its data, but a few seconds later it says something like "could not send data because mail gateway rejected"

Waht am I doing wrong?

Container won't start if multiple routes are present

Hi,

when multiple routes are present the container won't start:

postconf: fatal: -e, -X, or -# accepts no multi-line input

The problematic line in entrypoint is:

routes=$(ip route | grep -v default | cut -d' ' -f1)

When you have more than one route, routes will be a multi line array:

ip route | grep -v default | cut -d ' ' -f1
10.0.0.0/24
10.0.1.0/24
172.18.0.0/16

When you change the line to

routes=$(ip route | grep -v default | cut -d' ' -f1 | tr '\n' ' ')

All routes are poperly set in main.cf.

How is rejection of target smtp server handled?

Hello,

How is the situation handled when the target smtp server rejects a request for example because of a rate limit? Will the relay buffer the mail and try again later, or is the mail lost?
Thanks!