bokysan / docker-postfix Goto Github PK
View Code? Open in Web Editor NEWSimple SMTP server / postfix null relay host for your Docker and Kubernetes containers. Based on Alpine Linux.
License: MIT License
Simple SMTP server / postfix null relay host for your Docker and Kubernetes containers. Based on Alpine Linux.
License: MIT License
I'm not really sure where to start with setting this up with Nextcloud. Is there a guide I can follow to help me along?
Hi
thanks for great docker. I'm trying to send email using gmail with OAUTH2. From app I can send email, but then nothing happens, email not received, and I get no errors in log:
postfix | 2020-11-18T19:46:14.588448+01:00 INFO postfix/smtpd[128]: connect from healthchecks.x1_postfix[10.254.5.3]
postfix | 2020-11-18T19:46:14.588490+01:00 INFO postfix/smtpd[128]: smtp_stream_setup: maxtime=300 enable_deadline=0
postfix | 2020-11-18T19:46:14.588507+01:00 INFO postfix/smtpd[128]: match_hostname: smtpd_client_event_limit_exceptions: healthchecks.x1_postfix ~? 127.0.0.0/8
postfix | 2020-11-18T19:46:14.588518+01:00 INFO postfix/smtpd[128]: match_hostaddr: smtpd_client_event_limit_exceptions: 10.254.5.3 ~? 127.0.0.0/8
postfix | 2020-11-18T19:46:14.588531+01:00 INFO postfix/smtpd[128]: match_hostname: smtpd_client_event_limit_exceptions: healthchecks.x1_postfix ~? 10.254.0.0/16
postfix | 2020-11-18T19:46:14.588541+01:00 INFO postfix/smtpd[128]: match_hostaddr: smtpd_client_event_limit_exceptions: 10.254.5.3 ~? 10.254.0.0/16
postfix | 2020-11-18T19:46:14.588560+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 220 postfix ESMTP Postfix
postfix | 2020-11-18T19:46:14.588577+01:00 INFO postfix/smtpd[128]: watchdog_pat: 0x55cc20b46bd0
postfix | 2020-11-18T19:46:14.589216+01:00 INFO postfix/smtpd[128]: < healthchecks.x1_postfix[10.254.5.3]: ehlo 7fcb02300481
postfix | 2020-11-18T19:46:14.589871+01:00 INFO postfix/smtpd[128]: match_list_match: healthchecks.x1_postfix: no match
postfix | 2020-11-18T19:46:14.589901+01:00 INFO postfix/smtpd[128]: match_list_match: 10.254.5.3: no match
postfix | 2020-11-18T19:46:14.589926+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 250-postfix
postfix | 2020-11-18T19:46:14.589941+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 250-PIPELINING
postfix | 2020-11-18T19:46:14.589962+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 250-SIZE
postfix | 2020-11-18T19:46:14.589975+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 250-VRFY
postfix | 2020-11-18T19:46:14.589987+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 250-ETRN
postfix | 2020-11-18T19:46:14.590001+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 250-ENHANCEDSTATUSCODES
postfix | 2020-11-18T19:46:14.590765+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 250-8BITMIME
postfix | 2020-11-18T19:46:14.590788+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 250-DSN
postfix | 2020-11-18T19:46:14.590801+01:00 INFO postfix/smtpd[128]: > healthchecks.x1_postfix[10.254.5.3]: 250 CHUNKING
postfix | 2020-11-18T19:46:14.590817+01:00 INFO postfix/smtpd[128]: watchdog_pat: 0x55cc20b46bd0
postfix | 2020-11-18T19:46:14.597392+01:00 INFO postfix/smtpd[128]: smtp_get: EOF
postfix | 2020-11-18T19:46:14.597422+01:00 INFO postfix/smtpd[128]: match_hostname: smtpd_client_event_limit_exceptions: healthchecks.x1_postfix ~? 127.0.0.0/8
postfix | 2020-11-18T19:46:14.597434+01:00 INFO postfix/smtpd[128]: match_hostaddr: smtpd_client_event_limit_exceptions: 10.254.5.3 ~? 127.0.0.0/8
postfix | 2020-11-18T19:46:14.597453+01:00 INFO postfix/smtpd[128]: match_hostname: smtpd_client_event_limit_exceptions: healthchecks.x1_postfix ~? 10.254.0.0/16
postfix | 2020-11-18T19:46:14.597463+01:00 INFO postfix/smtpd[128]: match_hostaddr: smtpd_client_event_limit_exceptions: 10.254.5.3 ~? 10.254.0.0/16
postfix | 2020-11-18T19:46:14.597477+01:00 INFO postfix/smtpd[128]: lost connection after EHLO from healthchecks.x1_postfix[10.254.5.3]
postfix | 2020-11-18T19:46:14.597498+01:00 INFO postfix/smtpd[128]: disconnect from healthchecks.x1_postfix[10.254.5.3] ehlo=1 commands=1
Except for relayhost / oauth envs I've got:
INBOUND_DEBUGGING: 1
ALLOW_EMPTY_SENDER_DOMAINS: "true"
POSTFIX_mynetworks: "127.0.0.0/8,10.254.0.0/16"
XOAUTH2_SYSLOG_ON_FAILURE: "yes"
XOAUTH2_FULL_TRACE: "yes"
How can I debug it further ?
Using the latest Image: https://hub.docker.com/layers/boky/postfix/latest/images/sha256-bd54f49d78f7914f9ef8a47b4388a3d42da9d0f3da8ac8c6ea9119037fc20c68?context=explore
Container logs:
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
ESC[36mmailserver |ESC[0m ★★★★★ POSTFIX STARTING UP ★★★★★
ESC[36mmailserver |ESC[0m ‣ INFO Not setting any timezone for the container
ESC[36mmailserver |ESC[0m ‣ INFO Using plain log format for rsyslog.
ESC[36mmailserver |ESC[0m postalias: fatal: unsupported dictionary type: lmdb. Is the postfix-lmdb package installed?
Then crashes.
Hi,
I'm new to postfix so any help would be appreciated.
I need to limit postfix to send mails only to specific domains only. We use it as a development SMTP server and don't want to send mails outside the company.
Is it possible to configure docker container with postfix to somehow limit target domains (white list).
Thank you,
Kind regards
I'm seeking a health check to verify if postfix is running. The following is something I developed that seems to work.
Might you consider adding the following to your project's sample docker compose file or to your documentation?
d-c.yml
version: '3'
services:
postfix:
image: boky/postfix
expose:
- "587"
environment:
- DKIM_AUTOGENERATE=1
- ALLOWED_SENDER_DOMAINS
restart: always
volumes:
- "./dkimkeys:/etc/opendkim/keys"
healthcheck:
test: netstat -l | grep smtp
interval: 1m
timeout: 10s
retries: 3
The healthcheck uses netstat, which is installed in the linux image used by this project. Ask netstat to list all listening ports. Use grep to see if something (e.g. postfix) is listening on the smtp port. Grep returns 0 exit code if it finds a match and 1 when there is no match.
It is nearly impossible to use the logs to find anything because every 30 seconds the ehlo healthcheck is logged at INFO level:
gmail-relay_1 | 2021-05-24T21:02:17.979094-04:00 INFO postfix/smtpd[27020]: connect from localhost[127.0.0.1]
gmail-relay_1 | 2021-05-24T21:02:17.979120-04:00 INFO postfix/smtpd[27020]: smtp_stream_setup: maxtime=300 enable_deadline=0
gmail-relay_1 | 2021-05-24T21:02:17.979137-04:00 INFO postfix/smtpd[27020]: match_hostname: smtpd_client_event_limit_exceptions: localhost ~? 127.0.0.0/8
gmail-relay_1 | 2021-05-24T21:02:17.979144-04:00 INFO postfix/smtpd[27020]: match_hostaddr: smtpd_client_event_limit_exceptions: 127.0.0.1 ~? 127.0.0.0/8
gmail-relay_1 | 2021-05-24T21:02:17.979155-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 220 6180d6d78afb ESMTP Postfix
gmail-relay_1 | 2021-05-24T21:02:17.979189-04:00 INFO postfix/smtpd[27020]: watchdog_pat: 0x7f6e69702f20
gmail-relay_1 | 2021-05-24T21:02:17.980647-04:00 INFO postfix/smtpd[27020]: < localhost[127.0.0.1]: EHLO healthcheck
gmail-relay_1 | 2021-05-24T21:02:17.980678-04:00 INFO postfix/smtpd[27020]: match_list_match: localhost: no match
gmail-relay_1 | 2021-05-24T21:02:17.980684-04:00 INFO postfix/smtpd[27020]: match_list_match: 127.0.0.1: no match
gmail-relay_1 | 2021-05-24T21:02:17.980692-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 250-6180d6d78afb
gmail-relay_1 | 2021-05-24T21:02:17.980700-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 250-PIPELINING
gmail-relay_1 | 2021-05-24T21:02:17.980706-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 250-SIZE
gmail-relay_1 | 2021-05-24T21:02:17.980713-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 250-VRFY
gmail-relay_1 | 2021-05-24T21:02:17.980719-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 250-ETRN
gmail-relay_1 | 2021-05-24T21:02:17.980731-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 250-ENHANCEDSTATUSCODES
gmail-relay_1 | 2021-05-24T21:02:17.980738-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 250-8BITMIME
gmail-relay_1 | 2021-05-24T21:02:17.980746-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 250-DSN
gmail-relay_1 | 2021-05-24T21:02:17.981156-04:00 INFO postfix/smtpd[27020]: > localhost[127.0.0.1]: 250 CHUNKING
gmail-relay_1 | 2021-05-24T21:02:17.981183-04:00 INFO postfix/smtpd[27020]: watchdog_pat: 0x7f6e69702f20
gmail-relay_1 | 2021-05-24T21:02:17.982017-04:00 INFO postfix/smtpd[27020]: smtp_get: EOF
gmail-relay_1 | 2021-05-24T21:02:17.982030-04:00 INFO postfix/smtpd[27020]: match_hostname: smtpd_client_event_limit_exceptions: localhost ~? 127.0.0.0/8
gmail-relay_1 | 2021-05-24T21:02:17.982036-04:00 INFO postfix/smtpd[27020]: match_hostaddr: smtpd_client_event_limit_exceptions: 127.0.0.1 ~? 127.0.0.0/8
gmail-relay_1 | 2021-05-24T21:02:17.982046-04:00 INFO postfix/smtpd[27020]: lost connection after EHLO from localhost[127.0.0.1]
gmail-relay_1 | 2021-05-24T21:02:17.982056-04:00 INFO postfix/smtpd[27020]: disconnect from localhost[127.0.0.1] ehlo=1 commands=1
The log also grows at massive rates as a result.
I think a few things can be done to improve this:
I would like to discuss the reasoning behind the configuration for smtpd_recipient_restrictions
in scripts/common-run.sh
, especially what the recommended way would be for overriding the configuration (e.g. removing reject_unknown_recipient_domain
to trigger a delivery failure message instead of an error in the SMTP session.
Should I just override it using the environment variable POSTFIX_smtpd_recipient_restrictions
or is their any other way?
From initial discussion in #33
Just include it in the project. Then do a GitHub job to push it to gh-pages and host it directly on GitHub. Like, say Traefik Helm chart
Should we setup a separate issue for discussing this?
Most definitely.
Here's the Helm chart being discussed to potentially port upstream into this repo:
https://gitlab.com/ucsdlibrary/development/email/
Questions:
email
, which is not very creative, but seemed more direct than docker-postfix
. Could be postfix
or?tag
and Chart.yaml version info?I won't be working next week, so I probably wouldn't have time to start on this until early September. But definitely open to putting up a PR for initial discussion.
I was wondering if we have any parameter in helm to enable persistence volume encryption using KMS keys.
My AWS infrastructure strictly bounds me to create encrypted volumes only which is why when I installed postfix using Helm chart on my EKS it throws below error on PVC
Warning ProvisioningFailed 0s (x5 over 41s) persistentvolume-controller Failed to provision volume with StorageClass "gp2": failed to create encrypted volume: the volume disappeared after creation, most likely due to
inaccessible KMS encryption key
But the same code works fine on the infrastructure where volume encryption is not enforced.
Any suggesstions on how to enable encryption on persistence volumes using KMS Keys
Hello,
docker-postfix is rejecting email from local docker networks, despite being correctly detected in the network ranges. it seems that this issue is new.
postfix:
image: boky/postfix:v2.0.0
container_name: postfix
restart: always
environment:
ALLOWED_SENDER_DOMAINS: 'mydomain.com'
INBOUND_DEBUGGING: 1
volumes:
- ./dkim_keys:/etc/opendkim/keys
I understand from the log that mydomain.mydomain_default is the container app trying to send an email through postfix.
What I don't get is why there is no IP match postfix/smtpd[142]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.18.0.2 ~? 172.16.0.0/12
.
I tried to force the 172.18.0.2/32
in mynetworks.
Debugging to level > 3 doesn't give more info.
★★★★★ POSTFIX STARTING UP ★★★★★
‣ INFO Not setting any timezone for the container
‣ INFO Using plain log format for rsyslog.
‣ INFO Using unlimited message size.
‣ INFO Setting smtp_tls_security_level: may
‣ NOTE Will try to deliver emails directly to the final server. Make sure your DNS is setup properly!
‣ INFO Using default private network list for trusted networks.
‣ NOTE Enabling additional debbuging for: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16, as INBOUND_DEBUGGING=''1''
‣ INFO Setting up allowed SENDER domains: mydomain.com
‣ DEBUG DKIM_AUTOGENERATE not set -- you will need to provide your own keys.
‣ NOTE Configuring OpenDKIM.
...using socket inet:localhost:8891
...for domain mydomain.com (selector: mail)
‣ INFO Applying custom postfix setting: message_size_limit=0
‣ INFO Applying custom postfix setting: myhostname=149d38f40f89
‣ INFO Applying custom postfix setting: mynetworks=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
‣ NOTE Starting: rsyslog, postfix
2020-08-05 20:50:19,867 INFO Set uid to user 0 succeeded
2020-08-05 20:50:19,872 INFO supervisord started with pid 1
2020-08-05 20:50:20,875 INFO spawned: 'opendkim' with pid 63
2020-08-05 20:50:20,877 INFO spawned: 'master' with pid 64
2020-08-05 20:50:20,880 INFO spawned: 'rsyslog' with pid 65
2020-08-05T20:50:20.898936+00:00 INFO : [origin software="rsyslogd" swVersion="8.2004.0" x-pid="65" x-info="https://www.rsyslog.com"] start
2020-08-05 20:50:20,900 INFO success: master entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2020-08-05T20:50:20.903270+00:00 INFO opendkim[70]: OpenDKIM Filter v2.10.3 starting (args: -D -f -x /etc/opendkim/opendkim.conf)
2020-08-05T20:50:21.638683+00:00 INFO postfix/postfix-script[137]: starting the Postfix mail system
2020-08-05T20:50:21.643391+00:00 INFO postfix/master[139]: daemon started -- version 3.5.2, configuration /etc/postfix
2020-08-05 20:50:21,644 INFO exited: master (exit status 0; expected)
2020-08-05 20:50:23,646 INFO success: rsyslog entered RUNNING state, process has stayed up for > than 2 seconds (startsecs)
2020-08-05 20:50:26,650 INFO success: opendkim entered RUNNING state, process has stayed up for > than 5 seconds (startsecs)
2020-08-05T20:51:20.053395+00:00 INFO postfix/smtpd[142]: connect from mydomain.mydomain_default[172.18.0.2]
2020-08-05T20:51:20.053424+00:00 INFO postfix/smtpd[142]: smtp_stream_setup: maxtime=300 enable_deadline=0
2020-08-05T20:51:20.053432+00:00 INFO postfix/smtpd[142]: match_hostname: smtpd_client_event_limit_exceptions: mydomain.mydomain_default ~? 127.0.0.0/8
2020-08-05T20:51:20.053438+00:00 INFO postfix/smtpd[142]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.18.0.2 ~? 127.0.0.0/8
2020-08-05T20:51:20.054072+00:00 INFO postfix/smtpd[142]: match_hostname: smtpd_client_event_limit_exceptions: mydomain.mydomain_default ~? 10.0.0.0/8
2020-08-05T20:51:20.054083+00:00 INFO postfix/smtpd[142]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.18.0.2 ~? 10.0.0.0/8
2020-08-05T20:51:20.054090+00:00 INFO postfix/smtpd[142]: match_hostname: smtpd_client_event_limit_exceptions: mydomain.mydomain_default ~? 172.16.0.0/12
2020-08-05T20:51:20.054095+00:00 INFO postfix/smtpd[142]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.18.0.2 ~? 172.16.0.0/12
2020-08-05T20:51:20.054102+00:00 INFO postfix/smtpd[142]: report connect to all milters
2020-08-05T20:51:20.054114+00:00 INFO postfix/smtpd[142]: milter8_connect: non-protocol events for protocol version 6:
2020-08-05T20:51:20.054119+00:00 INFO postfix/smtpd[142]: milter8_connect: transport=inet endpoint=localhost:8891
2020-08-05T20:51:20.054144+00:00 INFO postfix/smtpd[142]: trying... [127.0.0.1]
2020-08-05T20:51:20.054224+00:00 INFO postfix/smtpd[142]: vstream_tweak_tcp: TCP_MAXSEG 21845
2020-08-05T20:51:20.054230+00:00 INFO postfix/smtpd[142]: fd=18: stream buffer size old=0 new=87380
2020-08-05T20:51:20.054236+00:00 INFO postfix/smtpd[142]: milter8_connect: my_version=0x6
2020-08-05T20:51:20.054732+00:00 INFO postfix/smtpd[142]: milter8_connect: my_actions=0x1ff SMFIF_ADDHDRS SMFIF_CHGBODY SMFIF_ADDRCPT SMFIF_DELRCPT SMFIF_CHGHDRS SMFIF_QUARANTINE SMFIF_CHGFROM SMFIF_ADDRCPT_PAR SMFIF_SETSYMLIST
2020-08-05T20:51:20.054754+00:00 INFO postfix/smtpd[142]: milter8_connect: my_events=0x1fffff SMFIP_NOCONNECT SMFIP_NOHELO SMFIP_NOMAIL SMFIP_NORCPT SMFIP_NOBODY SMFIP_NOHDRS SMFIP_NOEOH SMFIP_NR_HDR SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_RCPT_REJ SMFIP_NR_CONN SMFIP_NR_HELO SMFIP_NR_MAIL SMFIP_NR_RCPT SMFIP_NR_DATA SMFIP_NR_UNKN SMFIP_NR_EOH SMFIP_NR_BODY SMFIP_HDR_LEADSPC
2020-08-05T20:51:20.055226+00:00 INFO postfix/smtpd[142]: milter8_connect: milter inet:localhost:8891 version 6
2020-08-05T20:51:20.055234+00:00 INFO postfix/smtpd[142]: milter8_connect: events SMFIP_NOHELO SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_HDR_LEADSPC
2020-08-05T20:51:20.055240+00:00 INFO postfix/smtpd[142]: milter8_connect: requests SMFIF_ADDHDRS SMFIF_CHGHDRS SMFIF_SETSYMLIST
2020-08-05T20:51:20.055246+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "j"
2020-08-05T20:51:20.055252+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: result "149d38f40f89"
2020-08-05T20:51:20.055257+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "{daemon_name}"
2020-08-05T20:51:20.055262+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: result "149d38f40f89"
2020-08-05T20:51:20.055266+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "{daemon_addr}"
2020-08-05T20:51:20.055272+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: result "172.18.0.4"
2020-08-05T20:51:20.055277+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "v"
2020-08-05T20:51:20.055281+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: result "Postfix 3.5.2"
2020-08-05T20:51:20.055675+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "_"
2020-08-05T20:51:20.055690+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: result "mydomain.mydomain_default [172.18.0.2]"
2020-08-05T20:51:20.055697+00:00 INFO postfix/smtpd[142]: milter8_conn_event: milter inet:localhost:8891: connect mydomain.mydomain_default/172.18.0.2
2020-08-05T20:51:20.055705+00:00 INFO postfix/smtpd[142]: event: SMFIC_CONNECT; macros: j=149d38f40f89 {daemon_name}=149d38f40f89 {daemon_addr}=172.18.0.4 v=Postfix 3.5.2 _=mydomain.mydomain_default [172.18.0.2]
2020-08-05T20:51:20.056002+00:00 INFO postfix/smtpd[142]: reply: SMFIR_CONTINUE data 0 bytes
2020-08-05T20:51:20.056012+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 220 149d38f40f89 ESMTP Postfix
2020-08-05T20:51:20.056020+00:00 INFO postfix/smtpd[142]: watchdog_pat: 0x558e40a0b350
2020-08-05T20:51:20.056257+00:00 INFO postfix/smtpd[142]: < mydomain.mydomain_default[172.18.0.2]: EHLO [127.0.0.1]
2020-08-05T20:51:20.056269+00:00 INFO postfix/smtpd[142]: report helo to all milters
2020-08-05T20:51:20.056274+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "{tls_version}"
2020-08-05T20:51:20.056280+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "{cipher}"
2020-08-05T20:51:20.056284+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "{cipher_bits}"
2020-08-05T20:51:20.056289+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "{cert_subject}"
2020-08-05T20:51:20.056294+00:00 INFO postfix/smtpd[142]: milter_macro_lookup: "{cert_issuer}"
2020-08-05T20:51:20.056300+00:00 INFO postfix/smtpd[142]: milter8_helo_event: milter inet:localhost:8891: helo [127.0.0.1]
2020-08-05T20:51:20.056305+00:00 INFO postfix/smtpd[142]: event: SMFIC_HELO; macros: (none)
2020-08-05T20:51:20.056311+00:00 INFO postfix/smtpd[142]: skipping event SMFIC_HELO for milter inet:localhost:8891
2020-08-05T20:51:20.056319+00:00 INFO postfix/smtpd[142]: match_list_match: mydomain.mydomain_default: no match
2020-08-05T20:51:20.056616+00:00 INFO postfix/smtpd[142]: match_list_match: 172.18.0.2: no match
2020-08-05T20:51:20.056631+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 250-149d38f40f89
2020-08-05T20:51:20.056638+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 250-PIPELINING
2020-08-05T20:51:20.056643+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 250-SIZE
2020-08-05T20:51:20.056648+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 250-VRFY
2020-08-05T20:51:20.056654+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 250-ETRN
2020-08-05T20:51:20.056659+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 250-ENHANCEDSTATUSCODES
2020-08-05T20:51:20.056664+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 250-8BITMIME
2020-08-05T20:51:20.056670+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 250-DSN
2020-08-05T20:51:20.056675+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 250 CHUNKING
2020-08-05T20:51:20.056682+00:00 INFO postfix/smtpd[142]: watchdog_pat: 0x558e40a0b350
2020-08-05T20:51:20.057413+00:00 INFO postfix/smtpd[142]: < mydomain.mydomain_default[172.18.0.2]: QUIT
2020-08-05T20:51:20.057421+00:00 INFO postfix/smtpd[142]: > mydomain.mydomain_default[172.18.0.2]: 221 2.0.0 Bye
2020-08-05T20:51:20.057429+00:00 INFO postfix/smtpd[142]: match_hostname: smtpd_client_event_limit_exceptions: mydomain.mydomain_default ~? 127.0.0.0/8
2020-08-05T20:51:20.057434+00:00 INFO postfix/smtpd[142]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.18.0.2 ~? 127.0.0.0/8
2020-08-05T20:51:20.057441+00:00 INFO postfix/smtpd[142]: match_hostname: smtpd_client_event_limit_exceptions: mydomain.mydomain_default ~? 10.0.0.0/8
2020-08-05T20:51:20.057445+00:00 INFO postfix/smtpd[142]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.18.0.2 ~? 10.0.0.0/8
2020-08-05T20:51:20.057451+00:00 INFO postfix/smtpd[142]: match_hostname: smtpd_client_event_limit_exceptions: mydomain.mydomain_default ~? 172.16.0.0/12
2020-08-05T20:51:20.057456+00:00 INFO postfix/smtpd[142]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.18.0.2 ~? 172.16.0.0/12
2020-08-05T20:51:20.057462+00:00 INFO postfix/smtpd[142]: abort all milters
2020-08-05T20:51:20.057467+00:00 INFO postfix/smtpd[142]: milter8_abort: abort milter inet:localhost:8891
2020-08-05T20:51:20.057473+00:00 INFO postfix/smtpd[142]: disconnect event to all milters
2020-08-05T20:51:20.057721+00:00 INFO postfix/smtpd[142]: milter8_disc_event: quit milter inet:localhost:8891
2020-08-05T20:51:20.057892+00:00 INFO postfix/smtpd[142]: disconnect from mydomain.mydomain_default[172.18.0.2] ehlo=1 quit=1 commands=2
2020-08-05T20:51:20.057898+00:00 INFO postfix/smtpd[142]: free all milters
2020-08-05T20:51:20.057902+00:00 INFO postfix/smtpd[142]: free milter inet:localhost:8891
Do you confirm there is an issue ?
Following the current documentation the container will have ephemeral storage and could loose any unsent email if it gets stopped, removed and recreated.
Documentation should contain an example on how to keep Postfix queue on an externally provided volume to make it persistent.
Hi,
First of all, thank you so much for the image! I have spent days looking for a simple, usable postfix in my project and yours works wonderfully.
As the title says, will it be possible to include examples on how to use postfix inside the README file just to check that postfix is in order? Thank you very much!
Hello. Thanks for the great postfix container!
I was wondering if you would be able to add build tags to each release? I would feel more comfortable being able to pin my use of your container to a specific image build as opposed to latest
.
e.g. image: boky/postfix:1.0
Again, thanks for the great container!
I start the server on my local, try to send an email to my gmail. the messages showed as
2020-02-13T02:12:56.918779+00:00 76b83c891167 postfix/smtpd[117]: disconnect from unknown[172.17.0.1] ehlo=1 mail=1 rcpt=1 data=1 commands=4
2020-02-13T02:13:27.003819+00:00 76b83c891167 postfix/smtp[121]: connect to gmail-smtp-in.l.google.com[172.217.197.26]:25: Operation timed out
2020-02-13T02:13:57.032523+00:00 76b83c891167 postfix/smtp[121]: connect to alt1.gmail-smtp-in.l.google.com[64.233.186.27]:25: Operation timed out
2020-02-13T02:14:27.060979+00:00 76b83c891167 postfix/smtp[121]: connect to alt2.gmail-smtp-in.l.google.com[209.85.202.27]:25: Operation timed out
2020-02-13T02:14:57.087501+00:00 76b83c891167 postfix/smtp[121]: connect to alt3.gmail-smtp-in.l.google.com[74.125.206.26]:25: Operation timed out
2020-02-13T02:15:27.102233+00:00 76b83c891167 postfix/smtp[121]: connect to alt4.gmail-smtp-in.l.google.com[172.217.218.27]:25: Operation timed out
2020-02-13T02:15:27.116627+00:00 76b83c891167 postfix/smtp[121]: DC95C602BA: to=<[email protected]>, relay=none, delay=150, delays=0.05/0.01/150/0, dsn=4.4.1, status=deferred (connect to alt4.gmail-smtp-in.l.google.com[172.217.218.27]:25: Operation timed out)
I start by the command
docker run --rm --name postfix -e "ALLOWED_SENDER_DOMAINS=example.com" -p 1587:587 boky/postfix
tried hotmail, also failed by Operation timed out
.
please help
I tried to run docker run --rm --name postfix -e "ALLOWED_SENDER_DOMAINS=example.com" -p 1587:587 boky/postfix
on a Raspberry Pi 2B, which is 32bit armhf/armv7.
The error message is sleep: invalid number '9999999999999999999'
.
The issue likely relates to file scripts/opendkim.sh
.
The largest possible is "INT_MAX" for uint32: sleep 4294967295
.
(Likewise, I'd assume the largest for 64bit arch is 9223372036854775807
.
As an alternative, it seems you can do sleep infinity
.
Sleep version: BusyBox v1.31.1 () multi-call binary.
The definition in the following lines
Lines 140 to 141 in ed09d86
is not used at all, so these could be deleted.
Or am I missing something?
After each restart of dockers in main.cf file (on volume) added new string with myhostname, old string with this param are commented.
#myhostname = 214c7f4ad504
mynetworks = 127.0.0.0/8,172.20.0.0/16
#myhostname = 73c3c5480272
#myhostname = postfix-smtp-relay
#myhostname = postfix-smtp-relay
myhostname = postfix-smtp-relay
Part of my docker-compose
postfix-smtp-relay:
image: boky/postfix
container_name: postfix-smtp-relay
hostname: postfix-smtp-relay
environment:
POSTFIX_myhostname: postfix-smtp-relay
POSTFIX_maillog_file: "/var/log/mail.log"
LOG_FORMAT: plain
MYNETWORKS: "127.0.0.0/8,172.20.0.0/16"
Only this parameter is repeated, is this expected behavior or a bug?
With autogenerate configuration for DKIM keys, files get created with root owner and group, and then they can't be read by opendkim: opendkim[84]: can't load key from /etc/opendkim/keys/example.org.private: Permission denied
Hi, although during the development I realized that the refresh_token
is the only relevant secret regarding the XOAuth2 authentication, I just verified that I could run ./integration-test.sh xoauth2
with the token file that I had since last week. So I think that you can enable integration tests by:
refresh_token
and access_token
.env
with using the stored secrets to initialize XOAUTH2_INITIAL_ACCESS_TOKEN
and XOAUTH2_INITIAL_REFRESH_TOKEN
.Although in a proper installation these variables are only used once to initialize the internal token database, seems that the XOAuth2 library can refresh the access_token without problem.
going into the docker container and execute
helps. The problem is it is not persistent.
Sugesstion: Using a different folder to link the keys in the container. Doing the start the keys can be copied and processed. After this the rights can be changed without changing the rights in the host system
Hello,
By default, in the opendkim configuration the "mail" value for the selector is hard coded in "run.sh" script.
It could be a good idea to let the user customize this value by configuration.
Regards ,
Yannick P.
I have set ALLOW_EMPTY_SENDER_DOMAINS to true while starting my containers.
With this option, I suppose that it makes no sens to have DKIM_AUTOGENERATE set to true because the container needs to have the list of domain names which need DKIM keys. Is it correct?
So I have generated the DKIM keys manually through the piece of code provided and set the DNS entries accordingly.
But unfortunately while testing I have discovered that my emails doesn't contain any DKIM signature. The keys are stored in a volume in order to avoid to loose them.
Even if I restart the container, the problem remains. My emails aren't signed (I have checked under Google and used dkimvalidator.com). Does it means that DKIM is not compatible with the option ALLOW_EMPTY_SENDER_DOMAINS ?
I would be great! Because in my case I don't want to provide the list of domain names (which is changing all the time) and don't want to restart the container.
The container logs says:
‣ NOTE Using custom allowed networks: x.x.x.x/yy
‣ INFO Debugging is disabled.
‣ INFO Using default file for SMTP header checks
‣ NOTE Setting up smtp_header_checks to regexp:/etc/postfix/smtp_header_checks
‣ DEBUG DKIM_AUTOGENERATE not set -- you will need to provide your own keys.
‣ NOTE Configuring OpenDKIM.
...using socket inet:localhost:8891
SPF is working like a charm. Just DKIM which is not working.
Hi! I'm testing your image and got an unexpected behaviour.
Note: example.org is not the real domain I'm using. With that domain, some MX record failures come around. But with a proper DNS configuration of the real domain, the example works like explained.
Running the relay in a device with 10.0.0.100 IP address:
docker run --rm --name postfix \
-e "ALLOWED_SENDER_DOMAINS=example.org" \
-e POSTFIX_mynetworks=192.168.0.0/16 \
-p 587:587 \
boky/postfix:v2.0.1
And then, sending an email from a local device with 10.0.0.103 IP address:
$ cat email.txt
From: postmaster <[email protected]>
To: recipient <[email protected]>
Subject: email test
Date: Wed, 21 Oct 2020 21:44:16
Test content.
$ curl smtp://10.0.0.100:587 --no-progress-meter --mail-from [email protected] --mail-rcpt [email protected] --upload-file email.txt
# no error output
# relay logs
2020-10-21T20:56:22.523859+00:00 INFO postfix/smtpd[121]: connect from unknown[10.0.0.103]
2020-10-21T20:56:22.604897+00:00 INFO postfix/smtpd[121]: 939BB74778B: client=unknown[10.0.0.103]
2020-10-21T20:56:22.605868+00:00 INFO postfix/cleanup[125]: 939BB74778B: message-id=<>
2020-10-21T20:56:22.610470+00:00 INFO postfix/qmgr[120]: 939BB74778B: from=<[email protected]>, size=327, nrcpt=1 (queue active)
2020-10-21T20:56:22.610943+00:00 INFO postfix/smtpd[121]: disconnect from unknown[10.0.0.103] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
...
Accepts connection and sends email, but only 192.168.0.0/16 was allowed. So this shouldn't be possible.
I'm using POSTFIX_smtpd_client_restrictions=permit_mynetworks,reject
as a workaround, and works like expected:
docker run --rm --name postfix \
-e "ALLOWED_SENDER_DOMAINS=example.org" \
-e POSTFIX_mynetworks=192.168.0.0/16 \
-e POSTFIX_smtpd_client_restrictions=permit_mynetworks,reject \
-p 587:587 \
boky/postfix:v2.0.1
$ curl smtp://10.0.0.100:587 --no-progress-meter --mail-from [email protected] --mail-rcpt [email protected] --upload-file email.txt
curl: (55) RCPT failed: 554
# relay logs
2020-10-21T20:59:40.689023+00:00 INFO postfix/smtpd[119]: connect from unknown[10.0.0.103]
2020-10-21T20:59:40.689564+00:00 INFO postfix/smtpd[119]: NOQUEUE: reject: RCPT from unknown[10.0.0.103]: 554 5.7.1 <unknown[10.0.0.103]>: Client host rejected: Access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<email.txt>
2020-10-21T20:59:40.689814+00:00 INFO postfix/smtpd[119]: disconnect from unknown[10.0.0.103] ehlo=1 mail=1 rcpt=0/1 quit=1 commands=3/4
...
Maybe this smtpd_client_restrictions=permit_mynetworks,reject
should be set by default in postfix configuration? Thanks!
Hello,
Sorry if this appears as a stupid question, but I couldn't figure out how to log postfix activity to a file [ashamed]
Currently I can successfully run the docker-postfix container, send emails by connecting to it via telnet
and see the server's activity log in the console window where I issued the docker run -rm ...
command.
I connected to the running container using the docker exec -it postfix /bin/bash
command and expected to find the postfix log file inside the /var/log
directory, unfortunately this directory is empty.
From the research I made, and if I understand correctly, rsyslog
is used as the login mechanism in the container, and its configuration file is /etc/rsyslog.conf
, which (mainly) contains 3 templates definitions: devicelog, json and plain. I've tried changing the value of the -e "LOG_FORMAT="
option (plain or json), which effectively modifies the type of output in the console but still no trace of any file under /var/log
...
Could someone explain what to do in order to have the postfix logs stored in a log file?
Thank you.
P.S.: the README.md
indicates that the LOG_FORMAT option can be set to "plain" or "JSON" (uppercase), but when setting the value to "JSON" (uppercase), it generates the following error:
2020-09-08 14:46:15,844 INFO spawned: 'rsyslog' with pid 118
rsyslogd: Could not find template 0 'JSON' - action disabled [v8.2004.0 try https://www.rsyslog.com/e/3003 ]
rsyslogd: error during parsing file /etc/rsyslog.conf, on or before line 46: errors occured in file '/etc/rsyslog.conf' around line 46 [v8.2004.0 try https://www.rsyslog.com/e/2207 ]
rsyslogd: there are no active actions configured. Inputs would run, but no output whatsoever were created. [v8.2004.0 try https://www.rsyslog.com/e/2103 ]
rsyslogd: run failed with error -2103 (see rsyslog.h or try https://www.rsyslog.com/e/2103 to learn what that number means)
2020-09-08 14:46:15,847 INFO exited: rsyslog (exit status 1; not expected)
2020-09-08 14:46:15,847 INFO gave up: rsyslog entered FATAL state, too many start retries too quickly
One needs to use "json" (lowercase) in order to modify the log output format. Maybe should it be modified in the README.md
file?
Hi!
When starting the docker image boky/postfix:v1.1.3
, I get the above error.
postfix[41]: fatal: /usr/lib/postfix/postfix-script: No such file or directory
I looked for it and there is one located at /usr/libexec/postfix/postfix-script
, but that doesn't seem to work when copied over.
I'm trying to send a test email from the basic settings in Nextcloud. This is my configuration for that:
This is my docker-compose.yml
:
services:
nextcloud:
image: linuxserver/nextcloud
container_name: nextcloud
environment:
- PUID=1001
- PGID=1001
volumes:
- /opt/docker/config/nextcloud:/config
- /opt/docker/data/nextcloud:/data
restart: unless-stopped
postfix:
hostname: "mail"
image: "boky/postfix"
container_name: postfix
restart: always
healthcheck:
test: [ "CMD", "sh", "-c", "netstat -an | fgrep 587 | fgrep -q LISTEN" ]
interval: 10s
timeout: 5s
start_period: 10s
retries: 2
ports:
- 1587:587
volumes:
- /opt/docker/config/postfix:/etc/opendkim/keys
environment:
- ALLOWED_SENDER_DOMAINS=mydomain.com
- INBOUND_DEBUGGING=1
- MASQUERADED_DOMAINS=mydomain.com
I've port forwarded 587, but it keeps giving me errors in the Docker log for postfix:
connect to mail.tutanota.de[81.3.6.162]:25: Operation timed out
2020-03-15T22:46:33.982637+00:00 mail postfix/smtp[1105]: connect to mail.tutanota.de[81.3.6.165]:25: Operation timed out
2020-03-15T22:46:34.007877+00:00 mail postfix/smtp[1109]: connect to mail.tutanota.de[81.3.6.162]:25: Operation timed out
2020-03-15T22:46:34.060944+00:00 mail postfix/smtp[1108]: connect to gmail-smtp-in.l.google.com[74.125.20.26]:25: Operation timed out
2020-03-15T22:46:34.062123+00:00 mail postfix/smtp[1106]: connect to gmail-smtp-in.l.google.com[74.125.20.26]:25: Operation timed out
2020-03-15T22:46:34.062598+00:00 mail postfix/smtp[1107]: connect to gmail-smtp-in.l.google.com[74.125.195.26]:25: Operation timed out
2020-03-15T22:46:52.642613+00:00 mail postfix/smtp[1126]: connect to mail.tutanota.de[81.3.6.165]:25: Operation timed out
2020-03-15T22:47:04.005697+00:00 mail postfix/smtp[1105]: connect to mail.tutanota.de[81.3.6.162]:25: Operation timed out
2020-03-15T22:47:04.005698+00:00 mail postfix/smtp[1054]: connect to mail.tutanota.de[81.3.6.165]:25: Operation timed out
2020-03-15T22:47:04.038143+00:00 mail postfix/smtp[1109]: connect to mail.tutanota.de[81.3.6.165]:25: Operation timed out
2020-03-15T22:47:04.048852+00:00 mail postfix/smtp[1054]: D27DF1DA0E9A: to=<[email protected]>, relay=none, delay=1129, delays=1069/0/60/0, dsn=4.4.1, status=deferred (connect to mail.tutanota.de[81.3.6.165]:25: Operation timed out)
2020-03-15T22:47:04.074127+00:00 mail postfix/smtp[1105]: 9EA641DA0EA5: to=<[email protected]>, relay=none, delay=456, delays=396/0.01/60/0, dsn=4.4.1, status=deferred (connect to mail.tutanota.de[81.3.6.162]:25: Operation timed out)
2020-03-15T22:47:04.074239+00:00 mail postfix/smtp[1109]: 53E781DA0EA4: to=<[email protected]>, relay=none, delay=501, delays=441/0.03/60/0, dsn=4.4.1, status=deferred (connect to mail.tutanota.de[81.3.6.165]:25: Operation timed out)
2020-03-15T22:47:04.090637+00:00 mail postfix/smtp[1106]: connect to alt1.gmail-smtp-in.l.google.com[108.177.112.27]:25: Operation timed out
2020-03-15T22:47:04.090637+00:00 mail postfix/smtp[1108]: connect to alt1.gmail-smtp-in.l.google.com[108.177.112.26]:25: Operation timed out
2020-03-15T22:47:04.090814+00:00 mail postfix/smtp[1107]: connect to alt1.gmail-smtp-in.l.google.com[108.177.112.26]:25: Operation timed out
2020-03-15T22:47:22.673272+00:00 mail postfix/smtp[1126]: connect to mail.tutanota.de[81.3.6.162]:25: Operation timed out
2020-03-15T22:47:22.714200+00:00 mail postfix/smtp[1126]: 803901DA0E99: to=<[email protected]>, relay=none, delay=60, delays=0.08/0.01/60/0, dsn=4.4.1, status=deferred (connect to mail.tutanota.de[81.3.6.162]:25: Operation timed out)
2020-03-15T22:47:34.121450+00:00 mail postfix/smtp[1108]: connect to alt2.gmail-smtp-in.l.google.com[172.253.112.26]:25: Operation timed out
2020-03-15T22:47:34.121451+00:00 mail postfix/smtp[1106]: connect to alt2.gmail-smtp-in.l.google.com[172.253.112.27]:25: Operation timed out
2020-03-15T22:47:34.121452+00:00 mail postfix/smtp[1107]: connect to alt2.gmail-smtp-in.l.google.com[172.253.112.26]:25: Operation timed out
2020-03-15T22:48:04.131155+00:00 mail postfix/smtp[1107]: connect to alt3.gmail-smtp-in.l.google.com[173.194.77.26]:25: Operation timed out
2020-03-15T22:48:04.147157+00:00 mail postfix/smtp[1108]: connect to alt3.gmail-smtp-in.l.google.com[173.194.77.27]:25: Operation timed out
2020-03-15T22:48:04.150621+00:00 mail postfix/smtp[1106]: connect to alt3.gmail-smtp-in.l.google.com[173.194.77.26]:25: Operation timed out
2020-03-15T22:48:34.161473+00:00 mail postfix/smtp[1107]: connect to alt4.gmail-smtp-in.l.google.com[64.233.177.27]:25: Operation timed out
2020-03-15T22:48:34.161474+00:00 mail postfix/smtp[1108]: connect to alt4.gmail-smtp-in.l.google.com[64.233.177.27]:25: Operation timed out
2020-03-15T22:48:34.178638+00:00 mail postfix/smtp[1106]: connect to alt4.gmail-smtp-in.l.google.com[64.233.177.27]:25: Operation timed out
Update: I was running latest. Changed to v2.2.1. Issues is resolved. Sorry for the noise.
Running the image in Kubernetes, I get the following in the log when a mail is sent via the relay:
2020-12-01T12:35:01.179654+00:00 WARNING postfix/smtp[186]: sasl-xoauth2: Unable to open config file /etc/sasl-xoauth2.conf: No such file or directory
2020-12-01T12:35:01.183058+00:00 WARNING postfix/smtp[186]: sasl_client_add_plugin(): entry_point(): failed for plugname sasl-xoauth2
Looking in the Dockerfile for docker-postfix, version 0.9 of xoauth is to be downloaded, but the latest version in that repo is 0.8? > https://github.com/tarickb/sasl-xoauth2/releases
ARG SASL_XOAUTH2_REPO_URL=https://github.com/tarickb/sasl-xoauth2.git
ARG SASL_XOAUTH2_GIT_REF=release-0.9
Hi
Thanks for great docker ! I'm using default config, after upgrade to 3.0.0 I cannot send emails anymore. I'm using Xoauth2 and I believe that's causing issue: https://github.com/bokysan/docker-postfix/blob/master/scripts/common-run.sh#L177
postfix | 2021-03-20T12:35:25.365668+01:00 ERR postfix/tlsmgr[143]: error: unsupported dictionary type: btree
postfix | 2021-03-20T12:35:25.366718+01:00 WARNING postfix/tlsmgr[143]: warning: btree:/var/lib/postfix/smtp_scache is unavailable. unsupported dictionary type: btree
postfix | 2021-03-20T12:35:25.528740+01:00 WARNING postfix/tlsmgr[143]: warning: btree:/var/lib/postfix/smtp_scache is unavailable. unsupported dictionary type: btree
postfix | 2021-03-20T12:35:25.633203+01:00 WARNING postfix/tlsmgr[143]: warning: btree:/var/lib/postfix/smtp_scache is unavailable. unsupported dictionary type: btree
postfix | 2021-03-20T12:35:25.634692+01:00 WARNING postfix/tlsmgr[143]: warning: btree:/var/lib/postfix/smtp_scache is unavailable. unsupported dictionary type: btree
postfix | 2021-03-20T12:35:25.761110+01:00 WARNING postfix/qmgr[127]: warning: private/smtp socket: malformed response
postfix | 2021-03-20T12:35:25.761144+01:00 WARNING postfix/qmgr[127]: warning: transport smtp failure -- see a previous warning/fatal/panic logfile record for the problem description
postfix | 2021-03-20T12:35:25.761284+01:00 WARNING postfix/master[125]: warning: process /usr/libexec/postfix/smtp pid 142 killed by signal 11
postfix | 2021-03-20T12:35:25.761297+01:00 WARNING postfix/master[125]: warning: /usr/libexec/postfix/smtp: bad command startup -- throttling
Hi there,
I'm using your image at the moment in a Kubernetes context, and working on potentially building a Helm chart around your container image so I can re-use it easily in different projects.
We try and pin our container image FROM
's whenever possible, and thus ideally I'd prefer not to rely on an image that uses latest
in production.
So I was wondering if you would consider supporting tagged images that perhaps support latest
and maybe one or two versions of Alpine such as 3.10
(latest) and 3.9
(latest - 1)?
I think this could be scripted up fairly easily with what you already have in this repo, perhaps by updating the Dockerfile to include:
ARG alpine_version=latest
FROM alpine:$alpine_version
.....
Thanks for considering!
Hello,
if this image(helm chart) is used to not sent to a relay server will it spin up his own relayserver if replicas or HPA are set?
or should i setup more than one deployment.
First without Relay - to send to the world
Second with HPA and relaying to first?
Thanks
This wonderful chart supports autoscaling, but I do not see any provisions for scaling down without losing emails. Actually, they will not be totally lost, but if the replica set scales from 3 to 2, meaning replica-2 disappears, then if it is shut down before draining its queue there will be emails abandoned on persistent-volume-2 until the replica set scales back up. Is there a way to manage the scale-down so that the pod stops accepting new requests while the queue drains, and the pod is not terminated until the queue is empty?
Hi, I've been playing with this container and https://github.com/tarickb/sasl-xoauth2 to configure XOAuth2 for gmail accounts, so it is not required to enable less secure applications that seems to be deprecated and will be disabled in the future (https://gsuiteupdates.googleblog.com/2019/12/less-secure-apps-oauth-google-username-password-incorrect.html, https://gsuiteupdates.googleblog.com/2020/03/less-secure-app-turn-off-suspended.html).
Are you interested in a PR with this new feature ?.
https://bugs.alpinelinux.org/issues/9987
FIx :
apk add --no-cache --upgrade cyrus-sasl cyrus-sasl-plain cyrus-sasl-login && \
How's this supposed to work https://github.com/bokysan/docker-postfix/blob/master/postfix.sh#L52
Docker allows env variable to be KEY=VALUE only and array is not possible, so I can't make what postfix expects - a new line for each domain in /etc/postfix/allowed_senders:
example.com OK
example.net OK
I was trying to use space delemiter, comma. etc. in ALLOWED_SENDER_DOMAINS env in docker-compose.yml, this always fails cause
example.com example.net OK
is not a vaild config
So how can I pass multiple domains?
Hello,
When i disable persistant volume :
Error: UPGRADE FAILED: cannot patch "postfix-mail" with kind StatefulSet: StatefulSet.apps "postfix-mail" is invalid: spec: Forbidden: updates to statefulset spec for fields other than 'replicas', 'template', and 'updateStrategy' are forbidden
I am super new to Docker, but could you provide an example docker-compose for me please? example/testing variables work fine for me, thank you!
Hi,
Would you give an example on how to send an email to a recipient, as a matter of testing?
Thanks.
I was testing my Java application using postfix for relaying emails from App to postfix and then to AWS SES.
I am not able to send an email when my Java app also uses TLS certificate to send an email to postfix and receiving error stating
Caused by: javax.mail.MessagingException: Server doesn't support required transport level security
at org.apache.geronimo.javamail.transport.smtp.SMTPConnection.sendHandshake(SMTPConnection.java:811) ~[geronimo-javamail_1.4_mail-1.8.4.jar:1.8.4]
at org.apache.geronimo.javamail.transport.smtp.SMTPConnection.protocolConnect(SMTPConnection.java:149) ~[geronimo-javamail_1.4_mail-1.8.4.jar:1.8.4]
at org.apache.geronimo.javamail.transport.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:165) ~[geronimo-javamail_1.4_mail-1.8.4.jar:1.8.4]
I believe exposing smtpd_tls_security_level property may solve this issue. Also, I believe we will require another field to set TLS certs as well.
Please suggest if there are any other solutions for achieving the same
I have your docker image running on my swarm setup with the following config:
version: "3.8"
services:
smtp:
image: boky/postfix
ports:
- 587:587
networks:
- relay
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
environment:
- HOSTNAME=myhostname
- RELAYHOST=myrelay
- ALLOWED_SENDER_DOMAINS=mydomain
networks:
relay:
external: true
When I try sending a test email from it using s-nail on Debian 10 it fails with this error message:
s-nail: SMTP: Resource temporarily unavailable
s-nail: Unexpected EOF on SMTP connection
When using s-nail to send directly to my SMTP host it works as expected, it appears it's receiving an unexpected output from the docker SMTP server, any ideas?
Thank you
health checks are failing because localhost does not resolve (deploying on GCP using ContainerOS)
This health check works for me however (overwriting the base image health check)
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 CMD printf "EHLO healthcheck\n" | nc `hostname` 587 | grep -qE "^220.*ESMTP Postfix"
or just using 127.0.0.1 instead of the hostname
Actually, when persistence is enabled, this chart creates a Volume and a VolumeClaim.
Could it be possible to configure an existing claim as it is possible in https://github.com/bitnami/charts/tree/master/bitnami/postgresql using persistence.existingClaim
?
Thanks to @wader(https://github.com/wader) I was able to see this issue when I tried to use this image.
Could you please check that DockerHub is building your latest code changes to github?
Your Dockerfile on Dockerhub is referencing an older github master head.
The older docker image doesn't SET the MYNETWORKS
env var while the newer code pushes you did to github IS SETTING that MYNETWORKS
variable.
You're copying postfix.sh
in your older image while your newer changes are COPYing run.sh
This is causing people that are pulling your dockerhub image to not have support for MYNETWORKS
like it was my case and I struggled with this for days until @wader was able to see this discrepancy and point me in the right direction.
Hi,
i use your container and i love it, but i've a little problem with 3 log lines each minute.
Sending mails isn't the problem. This works perfectly. The host isn't reachable from the internet.
I just use the container to send mails from a small application.
I've a really short docker-compose file:
version: '3'
services:
mail:
image: boky/postfix:v2.2.2
ports:
- "1587:587"
environment:
HOSTNAME: "myhost"
ALLOWED_SENDER_DOMAINS: "mail.my.domain"
TZ: "Europe/Zurich"
and i get all minute this output in the log:
2021-01-26T17:47:29.762763+01:00 INFO postfix/smtpd[134]: connect from localhost[127.0.0.1]
2021-01-26T17:47:29.762881+01:00 INFO postfix/smtpd[134]: lost connection after EHLO from localhost[127.0.0.1]
2021-01-26T17:47:29.762895+01:00 INFO postfix/smtpd[134]: disconnect from localhost[127.0.0.1] ehlo=1 commands=1
Have you an idea where my problem is?
Thanks for your response
Hello,
Having a boky/postfix container running as part of a docker based software solution, I stumbled upon a situation where e-mails sent by the container got "throttled" by a Microsoft Exchange relay.
What I need to do now is manage the mail queue and, although I can use the mailq
, postqueue
, postcat
and postsuper
commands, I couldn't find a way to have the qshape
command available on Alpine Linux. Issuing the command apk info -a postfix
reveals that, indeed, the qshape
command is not provided by the package.
Even though the available commands do allow me to manage the postfix queue, they are missing the global overview qshape
would give me on the situation. I've been looking around the Internet to figure out whether the qshape
command, which is part of the postfix package in most distros, can be installed on Alpine Linux but couldn't find much info about it.
Could anyone let me know whether it is possible to have qshape
on Alpine Linux?
Thanks a lot.
docker-postfix/scripts/common-run.sh
Line 355 in 16771d4
should reflect the configured Variables and not example.com
I'm encountering the following when upgrading to the newer v2.0.1
image:
Note: The initial/first (helm-based) deployment works just fine. However, if I need to do a helm upgrade
I encounter the issue below. I'm curious if you have any thoughts.
★★★★★ POSTFIX STARTING UP ★★★★★
‣ INFO Not setting any timezone for the container
‣ INFO Using json log format for rsyslog.
‣ INFO Using unlimited message size.
‣ INFO Setting smtp_tls_security_level: may
‣ NOTE Will try to deliver emails directly to the final server. Make sure your DNS is setup properly!
‣ INFO Using default private network list for trusted networks.
‣ INFO Debugging is disabled.
‣ INFO Setting up allowed SENDER domains: <snipped>
‣ DEBUG DKIM_AUTOGENERATE not set -- you will need to provide your own keys.
‣ INFO No DKIM keys found, will not use DKIM.
‣ INFO Applying custom postfix setting: hostname=postfix
‣ INFO Applying custom postfix setting: message_size_limit=0
‣ INFO Applying custom postfix setting: myhostname=hifive-68132031-email-7c8ffc9cf8-nrfbd
‣ INFO Applying custom postfix setting: mynetworks=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
‣ NOTE Starting: rsyslog, postfix
2020-08-19 21:23:38,812 INFO Set uid to user 0 succeeded
2020-08-19 21:23:38,814 INFO supervisord started with pid 1
2020-08-19 21:23:39,819 INFO spawned: 'opendkim' with pid 44
2020-08-19 21:23:39,824 INFO spawned: 'postfix' with pid 45
2020-08-19 21:23:39,827 INFO spawned: 'rsyslog' with pid 46
{"@timestamp":"2020-08-19T21:23:39.842521+00:00","type":"syslog_json","tag":":","relayhost":"hifive-68132031-email-7c8ffc9cf8-nrfbd","relayip":"127.0.0.1","logsource":"hifive-68132031-email-7c8ffc9cf8-nrfbd","hostname":"hifive-68132031-email-7c8ffc9cf8-nrfbd","program":"","priority":"46","severity":"6","facility":"5","severity_label":"info","facility_label":"syslog","message":" [origin software=\"rsyslogd\" swVersion=\"8.2004.0\" x-pid=\"46\" x-info=\"https:\/\/www.rsyslog.com\"] start","end_msg":""}
2020-08-19 21:23:39,843 INFO success: postfix entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
{"@timestamp":"2020-08-19T21:23:40.499162+00:00","type":"syslog_json","tag":"postfix\/postfix-script[57]:","relayhost":"hifive-68132031-email-7c8ffc9cf8-nrfbd","relayip":"127.0.0.1","logsource":"hifive-68132031-email-7c8ffc9cf8-nrfbd","hostname":"hifive-68132031-email-7c8ffc9cf8-nrfbd","program":"postfix","priority":"18","severity":"2","facility":"2","severity_label":"crit","facility_label":"mail","message":" fatal: the Postfix mail system is already running","end_msg":""}
2020-08-19 21:23:41,500 INFO exited: postfix (exit status 1; not expected)
2020-08-19 21:23:42,502 INFO success: rsyslog entered RUNNING state, process has stayed up for > than 2 seconds (startsecs)
2020-08-19 21:23:45,507 INFO success: opendkim entered RUNNING state, process has stayed up for > than 5 seconds (startsecs)
2020-08-19 21:24:31,567 WARN received SIGTERM indicating exit request
2020-08-19 21:24:31,568 INFO waiting for opendkim, rsyslog to die
2020-08-19 21:24:31,569 INFO stopped: rsyslog (exit status 0)
2020-08-19 21:24:33,573 INFO stopped: opendkim (terminated by SIGTERM)
I get events such as:
Normal | Scheduled | Successfully assigned highfive-review/hifive-68132031-email-7c8ffc9cf8-nrfbd to lib-worker2 | 8 minutes ago
-- | -- | -- | --
Normal | Pulling | Pulling image "boky/postfix:v2.0.1" | 8 minutes ago
Normal | Pulled | Successfully pulled image "boky/postfix:v2.0.1" | 8 minutes ago
Normal | Killing | Container hifive-68132031-email failed liveness probe, will be restarted | 7 minutes ago
Normal | Pulled | Container image "boky/postfix:v2.0.1" already present on machine | 7 minutes ago
Normal | Created | Created container hifive-68132031-email | 7 minutes ago
Normal | Started | Started container hifive-68132031-email | 7 minutes ago
Warning | Unhealthy | Readiness probe failed: dial tcp 10.42.8.29:587: connect: connection refused | 6 minutes ago
Warning | Unhealthy | Liveness probe failed: dial tcp 10.42.8.29:587: connect: connection refused | 3 minutes ago
And here is the Helm template for the deployment being used: https://gitlab.com/ucsdlibrary/development/email/-/blob/trunk/templates/deployment.yaml
I'm not setting any DKIM environment variables.
Thanks in advance for any thoughts you might have on what changed in this image that might require changes on my end.
It would be great to be able use Docker secrets to store the relay password rather than using plain text using the RELAY_PASSWORD_FILE environment variable.
We get errors when backuping the persistent volume used for /var/spool/mail
because it contains a lot of sockets.
Is it a good idea to put these sockets in a persistent volume?
When trying to send a test email to gmail, I see the following logs:
postfix | 2021-01-24T14:43:33.171226+00:00 INFO postfix/smtp[138]: certificate verification failed for gmail-smtp-in.l.google.com[108.177.126.26]:25: untrusted issuer /OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
postfix | 2021-01-24T14:43:33.171270+00:00 INFO postfix/smtp[138]: Untrusted TLS connection established to gmail-smtp-in.l.google.com[108.177.126.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256
postfix | 2021-01-24T14:43:33.171302+00:00 INFO postfix/smtp[138]: 3C1D8C1D28: Server certificate not trusted
postfix | 2021-01-24T14:43:35.880273+00:00 INFO postfix/smtp[138]: certificate verification failed for alt1.gmail-smtp-in.l.google.com[142.250.4.27]:25: untrusted issuer /OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
postfix | 2021-01-24T14:43:35.880327+00:00 INFO postfix/smtp[138]: Untrusted TLS connection established to alt1.gmail-smtp-in.l.google.com[142.250.4.27]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256
postfix | 2021-01-24T14:43:35.880358+00:00 INFO postfix/smtp[138]: 3C1D8C1D28: Server certificate not trusted
postfix | 2021-01-24T14:43:38.262954+00:00 INFO postfix/smtp[138]: certificate verification failed for alt2.gmail-smtp-in.l.google.com[108.177.97.26]:25: untrusted issuer /OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
postfix | 2021-01-24T14:43:38.262999+00:00 INFO postfix/smtp[138]: Untrusted TLS connection established to alt2.gmail-smtp-in.l.google.com[108.177.97.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256
postfix | 2021-01-24T14:43:38.263040+00:00 INFO postfix/smtp[138]: 3C1D8C1D28: Server certificate not trusted
postfix | 2021-01-24T14:43:39.720356+00:00 INFO postfix/smtp[138]: certificate verification failed for alt3.gmail-smtp-in.l.google.com[74.125.28.26]:25: untrusted issuer /OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
postfix | 2021-01-24T14:43:39.720399+00:00 INFO postfix/smtp[138]: Untrusted TLS connection established to alt3.gmail-smtp-in.l.google.com[74.125.28.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256
postfix | 2021-01-24T14:43:39.720437+00:00 INFO postfix/smtp[138]: 3C1D8C1D28: Server certificate not trusted
postfix | 2021-01-24T14:43:41.269754+00:00 INFO postfix/smtp[138]: certificate verification failed for alt4.gmail-smtp-in.l.google.com[74.125.137.26]:25: untrusted issuer /OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
postfix | 2021-01-24T14:43:41.269820+00:00 INFO postfix/smtp[138]: Untrusted TLS connection established to alt4.gmail-smtp-in.l.google.com[74.125.137.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256
I can see you do have ca-certificates package from alpine in the docker image, I am just not sure why I get the above message.
I want to use this in a docker-compose project (Mattermost, actually), which uses the following docker-compose.yml
file.
How would I go about adding this image so that the web container can send email using it?
I've tried adding:
mail:
image: boky/postfix
environment:
- HOSTNAME=mail
And then specifying mail
as the outgoing SMTP server with port 587 in Mattermost, but it says:
Connection unsuccessful: SendMail: Failed to open connection, dial tcp 172.19.0.5:587: connect: connection refused
I've also tried adding expose: [587]
, but I got the same error.
Do I need to explicitly map some ports, or do it through the Docker host instead?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.