ProtonMailBridge plus PostFix

Security:

GPG stores in-container are set up in a wildly insecure way.
Compose creates a volume for /root with these stores to preserve bridge cache.
Therefore, entire setup is extremely insecure.
All because GPG unlock handling in bridge is still broken upstream as of 2024.

Setup

Note docker-compose.yaml contains a debian image. This is only for testing inter-container mailing/networking.

Build only seems to require #usermod -aG docker username. Not tested as root/sudo.

By default, bridge runs in non-interactive mode on container startup. You must set up the bridge initially:

cp .env.example .env
vi .env
docker-compose build
docker-compose up -d
docker-compose exec pmb bash
killall bridge
./bridge -c

When in bridge cli mode:

login will activate account.
info will show creds to input into host filesystem .env postfix values.

Then:

exit
docker-compose down
vi .env
docker-compose up -d

Note: docker-compose down && docker-compose up are necessary. "restart" will not reload .env
Note: username can be anything configured as account in protonmail web interface.

msmtp test

vi ~/.msmtprc
echo "test" | msmtp -a pmb recipient@recipient.email

1.2 KiB Raw Blame History

ProtonMailBridge plus PostFix

Security:

Setup

msmtp test

1.2 KiB

Raw Blame History