diff --git a/.env.example b/.env.example index ea1d35c..b97fec6 100644 --- a/.env.example +++ b/.env.example @@ -1,18 +1,18 @@ # Mandatory: Server address of the SMTP server to use. -#SMTP_SERVER= +SMTP_SERVER=127.0.0.1 # Optional: (Default value: 587) Port address of the SMTP server to use. -#SMTP_PORT= +SMTP_PORT=1025 # Optional: Username to authenticate with. -#SMTP_USERNAME= +SMTP_USERNAME= # Optional (Mandatory if SMTP_USERNAME is set): Password of the SMTP user. (Not needed if SMTP_PASSWORD_FILE is used) -#SMTP_PASSWORD= +SMTP_PASSWORD= # Mandatory: Server hostname for the Postfix container. Emails will appear to come from the hostname's domain. -#SERVER_HOSTNAME= +SERVER_HOSTNAME=pmb # Optional: This will add a header for tracking messages upstream. Helpful for spam filters. Will appear as "RelayTag: ${SMTP_HEADER_TAG}" in the email headers. #SMTP_HEADER_TAG= diff --git a/PMB_README.md b/PMB_README.md index 9529fc4..409e35d 100644 --- a/PMB_README.md +++ b/PMB_README.md @@ -1,26 +1,37 @@ # ProtonMailBridge plus PostFix -* GPG stores in-container are wildly insecure -* This creates a volume for /root with these stores to preserve cache -* Therefore, entire setup is extremely insecure -* GPG unlock handling is broken upstream as of 2024 +## Security: +* GPG stores in-container are set up in a wildly insecure way. +* Compose creates a volume for /root with these stores to preserve bridge cache. +* Therefore, entire setup is extremely insecure. +* All because GPG unlock handling in bridge is still broken upstream as of 2024. ## Setup -Build only seems to require `#usermod -aG docker username`. Not tested as root/sudo/ +Note docker-compose.yaml contains a debian image. This is only for testing inter-container mailing/networking. -By default, `bridge` runs in non-interactive mode. You must set up the bridge initially. +Build only seems to require `#usermod -aG docker username`. Not tested as root/sudo. +By default, `bridge` runs in non-interactive mode on container startup. You must set up the bridge initially: + + cp .env.example .env + docker-compose build + docker-compose up -d docker-compose exec pmb bash killall bridge ./bridge -c -When in cli mode: +When in bridge cli mode: * `login` will activate account. * `info` will show creds to input into host filesystem .env postfix values. -docker-compose down && docker-compose up are necessary. "restart" will not reload .env + exit + docker-compose down + vi .env + docker-compose up -d + +Note: docker-compose down && docker-compose up are necessary. "restart" will not reload .env ## msmtp test