From 22f46669dbdd35b82aabcf1abbf63be04941e9be Mon Sep 17 00:00:00 2001 From: turboaaa Date: Tue, 8 Jan 2019 18:12:45 -0500 Subject: [PATCH 01/12] Replace add_config_value with native postconf This project saved me a lot of time. With the basic service running in docker I was able to add TLS and authentication for external clients. I am hoping I can help in some small way. --- run.sh | 32 ++++++++++---------------------- 1 file changed, 10 insertions(+), 22 deletions(-) diff --git a/run.sh b/run.sh index aa1ff7d..673ac3d 100644 --- a/run.sh +++ b/run.sh @@ -2,19 +2,6 @@ [ "${DEBUG}" == "yes" ] && set -x -function add_config_value() { - local key=${1} - local value=${2} - local config_file=${3:-/etc/postfix/main.cf} - [ "${key}" == "" ] && echo "ERROR: No key set !!" && exit 1 - [ "${value}" == "" ] && echo "ERROR: No value set !!" && exit 1 - - echo "Setting configuration option ${key} with value: ${value}" - sed -i -e "/^#\?\(\s*${key}\s*=\s*\).*/{s//\1${value}/;:a;n;:ba;q}" \ - -e "\$a${key}=${value}" \ - ${config_file} -} - [ -z "${SMTP_SERVER}" ] && echo "SMTP_SERVER is not set" && exit 1 [ -z "${SMTP_USERNAME}" ] && echo "SMTP_USERNAME is not set" && exit 1 [ -z "${SMTP_PASSWORD}" ] && echo "SMTP_PASSWORD is not set" && exit 1 @@ -26,15 +13,16 @@ SMTP_PORT="${SMTP_PORT-587}" DOMAIN=`echo ${SERVER_HOSTNAME} |awk -F. '{$1="";OFS="." ; print $0}' | sed 's/^.//'` # Set needed config options -add_config_value "myhostname" ${SERVER_HOSTNAME} -add_config_value "mydomain" ${DOMAIN} -add_config_value "mydestination" '$myhostname' -add_config_value "myorigin" '$mydomain' -add_config_value "relayhost" "[${SMTP_SERVER}]:${SMTP_PORT}" -add_config_value "smtp_use_tls" "yes" -add_config_value "smtp_sasl_auth_enable" "yes" -add_config_value "smtp_sasl_password_maps" "hash:\/etc\/postfix\/sasl_passwd" -add_config_value "smtp_sasl_security_options" "noanonymous" +postconf -e "myhostname = ${SERVER_HOSTNAME}" +postconf -e "mydomain = ${DOMAIN}" +postconf -e "mydestination = $myhostname" +postconf -e "myorigin = \$mydomain" +postconf -e "relayhost = [${SMTP_SERVER}]:${SMTP_PORT}" +postconf -e "smtp_use_tls = yes" +postconf -e "smtp_sasl_auth_enable = yes" +postconf -e "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" +postconf -e "smtp_sasl_security_options = noanonymous" +postconf -e "smtp_sasl_tls_security_options = noanonymous" # Create sasl_passwd file with auth credentials if [ ! -f /etc/postfix/sasl_passwd ]; then From e7eb0a9d8eca8494c46f717cbdc9483e0db8e390 Mon Sep 17 00:00:00 2001 From: turboaaa Date: Wed, 16 Jan 2019 12:34:48 -0500 Subject: [PATCH 02/12] Add header tag creation. This will create a tag in email headers that can be used for filtering by receiving servers. I use this image for relaying through exchange online, and the nature of how I run my containers prevents me from setting static IPs as a filter. With a tag for exchange to look at, I can make sure emails from the relay are not hitting the junk folder. Without setting the HEADER_TAG variable, the script will create a randomly generated tag and move on. It is not a requirement to make use of this feature. --- run.sh | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/run.sh b/run.sh index aa1ff7d..e274251 100644 --- a/run.sh +++ b/run.sh @@ -46,5 +46,26 @@ if [ ! -f /etc/postfix/sasl_passwd ]; then fi fi +#Set header tag +postconf -e "header_checks = regexp:/etc/postfix/header_tag" +if [ -z "${HEADER_TAG}" ]; then +TAG="$RANDOM" +else +TAG="${HEADER_TAG}" +fi +echo -e "/^MIME-Version:/i PREPEND RelayTag: $TAG\n/^Content-Transfer-Encoding:/i PREPEND RelayTag: $TAG" > /etc/postfix/header_tag +echo "******** Header tag is $TAG *********" + +# Create sasl_passwd file with auth credentials +if [ ! -f /etc/postfix/sasl_passwd ]; then + grep -q "${SMTP_SERVER}" /etc/postfix/sasl_passwd > /dev/null 2>&1 + if [ $? -gt 0 ]; then + echo "Adding SASL authentication configuration" + echo "[${SMTP_SERVER}]:${SMTP_PORT} ${SMTP_USERNAME}:${SMTP_PASSWORD}" >> /etc/postfix/sasl_passwd + postmap /etc/postfix/sasl_passwd + fi +fi + + #Start services supervisord From dff4a29a812192acd31cb0c88f8f6acea234caf9 Mon Sep 17 00:00:00 2001 From: turboaaa Date: Wed, 16 Jan 2019 12:38:15 -0500 Subject: [PATCH 03/12] Update README.md --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index d6ca131..f4574d5 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,9 @@ The following env variables need to be passed to the container: * `SMTP_PASSWORD` Password of the SMTP user. * `SERVER_HOSTNAME` Server hostname for the Postfix container. Emails will appear to come from the hostname's domain. +The following env variable(s) are optional. +* `HEADER_TAG` This will add a header for tracking messages upstream. Helpful for spam filters. Will appear as "RelayTag: ${HEADER_TAG}" in the email headers. + To use this container from anywhere, the 25 port needs to be exposed to the docker host server: docker run -d --name postfix -p "25:25" \ From 423c51f9a046e15f51345c0518da08935856600e Mon Sep 17 00:00:00 2001 From: turboaaa Date: Wed, 16 Jan 2019 12:39:55 -0500 Subject: [PATCH 04/12] Update run.sh --- run.sh | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/run.sh b/run.sh index e274251..3a3e22c 100644 --- a/run.sh +++ b/run.sh @@ -56,16 +56,5 @@ fi echo -e "/^MIME-Version:/i PREPEND RelayTag: $TAG\n/^Content-Transfer-Encoding:/i PREPEND RelayTag: $TAG" > /etc/postfix/header_tag echo "******** Header tag is $TAG *********" -# Create sasl_passwd file with auth credentials -if [ ! -f /etc/postfix/sasl_passwd ]; then - grep -q "${SMTP_SERVER}" /etc/postfix/sasl_passwd > /dev/null 2>&1 - if [ $? -gt 0 ]; then - echo "Adding SASL authentication configuration" - echo "[${SMTP_SERVER}]:${SMTP_PORT} ${SMTP_USERNAME}:${SMTP_PASSWORD}" >> /etc/postfix/sasl_passwd - postmap /etc/postfix/sasl_passwd - fi -fi - - #Start services supervisord From d3f3316ccf3a8cefb7b23c2f03b7b8f50ac680ee Mon Sep 17 00:00:00 2001 From: turboaaa Date: Wed, 16 Jan 2019 13:09:56 -0500 Subject: [PATCH 05/12] Update run.sh Formatting. --- run.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/run.sh b/run.sh index 673ac3d..feffb57 100644 --- a/run.sh +++ b/run.sh @@ -15,8 +15,8 @@ DOMAIN=`echo ${SERVER_HOSTNAME} |awk -F. '{$1="";OFS="." ; print $0}' | sed 's/^ # Set needed config options postconf -e "myhostname = ${SERVER_HOSTNAME}" postconf -e "mydomain = ${DOMAIN}" -postconf -e "mydestination = $myhostname" -postconf -e "myorigin = \$mydomain" +postconf -e 'mydestination = $myhostname' +postconf -e 'myorigin = $mydomain' postconf -e "relayhost = [${SMTP_SERVER}]:${SMTP_PORT}" postconf -e "smtp_use_tls = yes" postconf -e "smtp_sasl_auth_enable = yes" From b8e54449568e4b8eec0d5dcfe5f71124acb55ae3 Mon Sep 17 00:00:00 2001 From: turboaaa Date: Sat, 19 Jan 2019 23:55:18 -0500 Subject: [PATCH 06/12] Update README.md Updated variable name. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f4574d5..5e0ae1d 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ The following env variables need to be passed to the container: * `SERVER_HOSTNAME` Server hostname for the Postfix container. Emails will appear to come from the hostname's domain. The following env variable(s) are optional. -* `HEADER_TAG` This will add a header for tracking messages upstream. Helpful for spam filters. Will appear as "RelayTag: ${HEADER_TAG}" in the email headers. +* `SMTP_HEADER_TAG` This will add a header for tracking messages upstream. Helpful for spam filters. Will appear as "RelayTag: ${SMTP_HEADER_TAG}" in the email headers. To use this container from anywhere, the 25 port needs to be exposed to the docker host server: From 630b283eea4b7ba0916a818e63fb540635ce602f Mon Sep 17 00:00:00 2001 From: turboaaa Date: Sat, 19 Jan 2019 23:58:15 -0500 Subject: [PATCH 07/12] Update run.sh Updated header tag variable. Configured to only set the header tag if variable is set. --- run.sh | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/run.sh b/run.sh index 3a3e22c..0dc5232 100644 --- a/run.sh +++ b/run.sh @@ -47,14 +47,11 @@ if [ ! -f /etc/postfix/sasl_passwd ]; then fi #Set header tag -postconf -e "header_checks = regexp:/etc/postfix/header_tag" -if [ -z "${HEADER_TAG}" ]; then -TAG="$RANDOM" -else -TAG="${HEADER_TAG}" +if [ -z "${SMTP_HEADER_TAG}" ]; then + postconf -e "header_checks = regexp:/etc/postfix/header_tag" + echo -e "/^MIME-Version:/i PREPEND RelayTag: $SMTP_HEADER_TAG\n/^Content-Transfer-Encoding:/i PREPEND RelayTag: $SMTP_HEADER_TAG" > /etc/postfix/header_tag + echo "******** Header tag is $SMTP_HEADER_TAG *********" fi -echo -e "/^MIME-Version:/i PREPEND RelayTag: $TAG\n/^Content-Transfer-Encoding:/i PREPEND RelayTag: $TAG" > /etc/postfix/header_tag -echo "******** Header tag is $TAG *********" #Start services supervisord From 640b29d0884b9abd908e9633241041a7672f1b5c Mon Sep 17 00:00:00 2001 From: turboaaa Date: Sun, 20 Jan 2019 00:01:55 -0500 Subject: [PATCH 08/12] Update run.sh --- run.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/run.sh b/run.sh index feffb57..174196d 100644 --- a/run.sh +++ b/run.sh @@ -22,7 +22,6 @@ postconf -e "smtp_use_tls = yes" postconf -e "smtp_sasl_auth_enable = yes" postconf -e "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" postconf -e "smtp_sasl_security_options = noanonymous" -postconf -e "smtp_sasl_tls_security_options = noanonymous" # Create sasl_passwd file with auth credentials if [ ! -f /etc/postfix/sasl_passwd ]; then From 3949dcefc00d383dfeac605c808fb044f4847e63 Mon Sep 17 00:00:00 2001 From: turboaaa Date: Sat, 26 Jan 2019 17:12:50 -0500 Subject: [PATCH 09/12] Update run.sh --- run.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/run.sh b/run.sh index 0dc5232..46763cb 100644 --- a/run.sh +++ b/run.sh @@ -46,11 +46,11 @@ if [ ! -f /etc/postfix/sasl_passwd ]; then fi fi -#Set header tag +#Set header tag if [ -z "${SMTP_HEADER_TAG}" ]; then postconf -e "header_checks = regexp:/etc/postfix/header_tag" echo -e "/^MIME-Version:/i PREPEND RelayTag: $SMTP_HEADER_TAG\n/^Content-Transfer-Encoding:/i PREPEND RelayTag: $SMTP_HEADER_TAG" > /etc/postfix/header_tag - echo "******** Header tag is $SMTP_HEADER_TAG *********" + echo "Setting configuration option SMTP_HEADER_TAG with value: ${SMTP_HEADER_TAG}" fi #Start services From 3196395b4ee89d33b6fe8b4e0189f2d2d2f2207c Mon Sep 17 00:00:00 2001 From: turboaaa Date: Sat, 26 Jan 2019 20:50:34 -0500 Subject: [PATCH 10/12] Update run.sh --- run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run.sh b/run.sh index 46763cb..49daade 100644 --- a/run.sh +++ b/run.sh @@ -47,7 +47,7 @@ if [ ! -f /etc/postfix/sasl_passwd ]; then fi #Set header tag -if [ -z "${SMTP_HEADER_TAG}" ]; then +if [ ! -z "${SMTP_HEADER_TAG}" ]; then postconf -e "header_checks = regexp:/etc/postfix/header_tag" echo -e "/^MIME-Version:/i PREPEND RelayTag: $SMTP_HEADER_TAG\n/^Content-Transfer-Encoding:/i PREPEND RelayTag: $SMTP_HEADER_TAG" > /etc/postfix/header_tag echo "Setting configuration option SMTP_HEADER_TAG with value: ${SMTP_HEADER_TAG}" From 25f561db6b4add8ffaa99fb25f53dbe34774f7fd Mon Sep 17 00:00:00 2001 From: turboaaa Date: Sun, 17 Feb 2019 12:50:21 -0500 Subject: [PATCH 11/12] Convert previous function to using postfix. --- run.sh | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/run.sh b/run.sh index 174196d..63fdbd1 100644 --- a/run.sh +++ b/run.sh @@ -2,6 +2,18 @@ [ "${DEBUG}" == "yes" ] && set -x +function add_config_value() { + local key=${1} + local value=${2} + local config_file=${3:-/etc/postfix/main.cf} + [ "${key}" == "" ] && echo "ERROR: No key set !!" && exit 1 + [ "${value}" == "" ] && echo "ERROR: No value set !!" && exit 1 + + echo "Setting configuration option ${key} with value: ${value}" + postconf -e "${key} = ${value}" +} + + [ -z "${SMTP_SERVER}" ] && echo "SMTP_SERVER is not set" && exit 1 [ -z "${SMTP_USERNAME}" ] && echo "SMTP_USERNAME is not set" && exit 1 [ -z "${SMTP_PASSWORD}" ] && echo "SMTP_PASSWORD is not set" && exit 1 @@ -13,15 +25,16 @@ SMTP_PORT="${SMTP_PORT-587}" DOMAIN=`echo ${SERVER_HOSTNAME} |awk -F. '{$1="";OFS="." ; print $0}' | sed 's/^.//'` # Set needed config options -postconf -e "myhostname = ${SERVER_HOSTNAME}" -postconf -e "mydomain = ${DOMAIN}" -postconf -e 'mydestination = $myhostname' -postconf -e 'myorigin = $mydomain' -postconf -e "relayhost = [${SMTP_SERVER}]:${SMTP_PORT}" -postconf -e "smtp_use_tls = yes" -postconf -e "smtp_sasl_auth_enable = yes" -postconf -e "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" -postconf -e "smtp_sasl_security_options = noanonymous" +add_config_value "myhostname" ${SERVER_HOSTNAME} +add_config_value "mydomain" ${DOMAIN} +add_config_value "mydestination" '$myhostname' +add_config_value "myorigin" '$mydomain' +add_config_value "relayhost" "[${SMTP_SERVER}]:${SMTP_PORT}" +add_config_value "smtp_use_tls" "yes" +add_config_value "smtp_sasl_auth_enable" "yes" +add_config_value "smtp_sasl_password_maps" "hash:\/etc\/postfix\/sasl_passwd" +add_config_value "smtp_sasl_security_options" "noanonymous" + # Create sasl_passwd file with auth credentials if [ ! -f /etc/postfix/sasl_passwd ]; then From 132deee541bc141685879d045d8fdadaae3ec0fa Mon Sep 17 00:00:00 2001 From: turboaaa Date: Sun, 17 Feb 2019 12:50:55 -0500 Subject: [PATCH 12/12] Update run.sh --- run.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/run.sh b/run.sh index 63fdbd1..5b6bbb6 100644 --- a/run.sh +++ b/run.sh @@ -13,7 +13,6 @@ function add_config_value() { postconf -e "${key} = ${value}" } - [ -z "${SMTP_SERVER}" ] && echo "SMTP_SERVER is not set" && exit 1 [ -z "${SMTP_USERNAME}" ] && echo "SMTP_USERNAME is not set" && exit 1 [ -z "${SMTP_PASSWORD}" ] && echo "SMTP_PASSWORD is not set" && exit 1 @@ -35,7 +34,6 @@ add_config_value "smtp_sasl_auth_enable" "yes" add_config_value "smtp_sasl_password_maps" "hash:\/etc\/postfix\/sasl_passwd" add_config_value "smtp_sasl_security_options" "noanonymous" - # Create sasl_passwd file with auth credentials if [ ! -f /etc/postfix/sasl_passwd ]; then grep -q "${SMTP_SERVER}" /etc/postfix/sasl_passwd > /dev/null 2>&1