lejmr / iredmail-docker Goto Github PK

I can see this in messages log.

May 13 07:34:12 mail root: DEBUG Starting amavisd-new
May 13 07:34:14 mail root: DEBUG Starting amavisd-new
May 13 07:34:16 mail root: DEBUG Starting amavisd-new
May 13 07:34:18 mail root: DEBUG Starting amavisd-new
May 13 07:34:20 mail root: DEBUG Starting amavisd-new```

It seems amavisd is not actually restarting because exec command stops as it finds other pid.

The Tips file contains a lot of useful information that is generated when iRedmail is installed. I accessed it by accessing the container shell and moving the file to another bound directory, but maybe the run command should have an extra bind mount for direct access to this? Also had to adjust PATH to /iredmail/ because that throws errors if you don't, and added -d.

Here's the adjusted run command I used:

docker run -p 80:80 -p 443:443 -d
-h HOSTNAME.DOMAIN
-e "MYSQL_ROOT_PASSWORD=password"
-e "SOGO_WORKERS=1"
-e "TZ=Europe/Prague"
-e "POSTMASTER_PASSWORD={PLAIN}password"
-e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']"
-v /iredmail/mysql:/var/lib/mysql
-v /iredmail/vmail:/var/vmail
-v /iredmail/clamav:/var/lib/clamav
-v /iredmail:/opt/iredmail
--name=iredmail lejmr/iredmail:mysql-latest

the command in the readme:

docker run --privileged -p 80:80 -p 443:443 \
           -e "DOMAIN=example.com" -e "HOSTNAME=mail" \
           -e "MYSQL_ROOT_PASSWORD=password" \
           -e "SOGO_WORKERS=1" \
           -e "TIMEZONE=Europe/Prague" \
           -e "POSTMASTER_PASSWORD={PLAIN}password" \
           -e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']" \
           -v PATH/mysql:/var/lib/mysql \
           -v PATH/vmail:/var/vmail \
           -v PATH/clamav:/var/lib/clamav \
           --name=iredmail iredmail:mysql-latest

... use iredmail:mysql-latest as docker repo instead of lejmr/iredmail:mysql-latest

Would be neat to be able to SSL encrypt SOGO and Roundcube using the Let's Encrypt client.

Usecase:
A new domain is added, so a pem and config portions need to be added so that this change is persistent even between restarts.

At the moment, only the default domain can have DKIM

k8s pod not hostname, but iredmail setting hostname, iredadmin for postmaster+hostname, not work hostname for k8s, login faild username "postmaster@"。

In case of fresh installation of iRedMail without Docker the delivery report system works out of the box. In case of Docker I see the next log:

Feb 26 13:53:14 314f2e0e024a postfix/submission/smtpd[2841]: connect from localhost[127.0.0.1]
Feb 26 13:53:14 314f2e0e024a postfix/submission/smtpd[2841]: Anonymous TLS connection established from localhost[127.0.0.1]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Feb 26 13:53:14 314f2e0e024a postfix/submission/smtpd[2841]: 5FB89BCBAB: client=localhost[127.0.0.1], sasl_method=LOGIN, sasl_username=[email protected]
Feb 26 13:53:14 314f2e0e024a postfix/cleanup[2846]: 5FB89BCBAB: message-id=[email protected]
Feb 26 13:53:14 314f2e0e024a postfix/qmgr[361]: 5FB89BCBAB: from=[email protected], size=688, nrcpt=1 (queue active)
Feb 26 13:53:14 314f2e0e024a roundcube: <9ci216oe> User [email protected] [31.43.102.240]; Message for [email protected]; 250: 2.0.0 Ok: queued as 5FB89BCBAB
Feb 26 13:53:14 314f2e0e024a postfix/submission/smtpd[2841]: disconnect from localhost[127.0.0.1] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Feb 26 13:53:14 314f2e0e024a postfix/10025/smtpd[2858]: connect from localhost[127.0.0.1]
Feb 26 13:53:14 314f2e0e024a postfix/10025/smtpd[2858]: AFC15BCBB5: client=localhost[127.0.0.1]
Feb 26 13:53:14 314f2e0e024a postfix/cleanup[2846]: AFC15BCBB5: message-id=[email protected]
Feb 26 13:53:14 314f2e0e024a postfix/qmgr[361]: AFC15BCBB5: from=[email protected], size=1776, nrcpt=1 (queue active)
Feb 26 13:53:14 314f2e0e024a postfix/10025/smtpd[2858]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Feb 26 13:53:14 314f2e0e024a amavis[630]: (00630-02) Passed CLEAN {RelayedInternal}, ORIGINATING/MYNETS LOCAL [127.0.0.1]:53636 [email protected] -> [email protected], Queue-ID: 5FB89BCBAB, Message-ID: [email protected], mail_id: Ne1UtIHtmLps, Hits: 1.313, size: 688, queued_as: AFC15BCBB5, dkim_new=dkim:mydomain.com, 281 ms, Tests: [ALL_TRUSTED=-1,DKIM_ADSP_ALL=1.1,TVD_RCVD_SINGLE=1.213]
Feb 26 13:53:14 314f2e0e024a postfix/amavis/smtp[2851]: 5FB89BCBAB: to=[email protected], relay=127.0.0.1[127.0.0.1]:10026, delay=0.4, delays=0.07/0/0.02/0.31, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as AFC15BCBB5)
Feb 26 13:53:14 314f2e0e024a postfix/qmgr[361]: 5FB89BCBAB: removed
Feb 26 13:53:14 314f2e0e024a postfix/bounce[2911]: fatal: open file trace AFC15BCBB5: Permission denied
Feb 26 13:53:15 314f2e0e024a postfix/pipe[2315]: warning: write/read private/trace socket: Success
Feb 26 13:53:15 314f2e0e024a postfix/pipe[2315]: warning: AFC15BCBB5: trace service failure
Feb 26 13:53:15 314f2e0e024a postfix/master[359]: warning: process /usr/lib/postfix/sbin/bounce pid 2911 exit status 1
Feb 26 13:53:15 314f2e0e024a postfix/pipe[2315]: AFC15BCBB5: to=[email protected], relay=dovecot, delay=1.1, delays=0/0.01/0/1.1, dsn=4.3.0, status=deferred (AFC15BCBB5: trace service failed)

When delivery report works, logs look like:

Feb 26 14:11:21 mail postfix/submission/smtpd[2219]: connect from localhost[127.0.0.1]
Feb 26 14:11:21 mail postfix/submission/smtpd[2219]: Anonymous TLS connection established from localhost[127.0.0.1]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Feb 26 14:11:21 mail postfix/submission/smtpd[2219]: 162A3413FA: client=localhost[127.0.0.1], sasl_method=LOGIN, sasl_username=[email protected]
Feb 26 14:11:21 mail postfix/cleanup[2231]: 162A3413FA: message-id=[email protected]
Feb 26 14:11:21 mail roundcube: User [email protected] [31.43.102.240]; Message for [email protected]; 250: 2.0.0 Ok: queued as 162A3413FA
Feb 26 14:11:21 mail postfix/qmgr[2063]: 162A3413FA: from=[email protected], size=533, nrcpt=1 (queue active)
Feb 26 14:11:21 mail postfix/submission/smtpd[2219]: disconnect from localhost[127.0.0.1] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Feb 26 14:11:21 mail postfix/10025/smtpd[2246]: connect from localhost[127.0.0.1]
Feb 26 14:11:21 mail postfix/10025/smtpd[2246]: 6247541401: client=localhost[127.0.0.1]
Feb 26 14:11:21 mail postfix/cleanup[2231]: 6247541401: message-id=[email protected]
Feb 26 14:11:21 mail postfix/qmgr[2063]: 6247541401: from=[email protected], size=1612, nrcpt=1 (queue active)
Feb 26 14:11:21 mail postfix/10025/smtpd[2246]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Feb 26 14:11:21 mail amavis[2096]: (02096-01) Passed CLEAN {RelayedInternal}, ORIGINATING/MYNETS LOCAL [127.0.0.1]:33218 [email protected] -> [email protected], Queue-ID: 162A3413FA, Message-ID: <92f542ad2560554$
Feb 26 14:11:21 mail postfix/amavis/smtp[2236]: 162A3413FA: to=[email protected], relay=127.0.0.1[127.0.0.1]:10026, delay=0.42, delays=0.12/0.01/0.03/0.26, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:$
Feb 26 14:11:21 mail postfix/qmgr[2063]: 162A3413FA: removed
Feb 26 14:11:22 mail postfix/smtp[2418]: 6247541401: to=[email protected], relay=mx5.bigmir.net[213.186.116.118]:25, delay=0.68, delays=0.01/0.05/0.33/0.28, dsn=2.0.0, status=sent (250 OK id=1eqIYr-00018L-VU)
Feb 26 14:11:22 mail postfix/cleanup[2231]: 1250041400: message-id=[email protected]
Feb 26 14:11:22 mail postfix/qmgr[2063]: 1250041400: from=<>, size=3535, nrcpt=1 (queue active)
Feb 26 14:11:22 mail postfix/bounce[2249]: 6247541401: sender delivery status notification: 1250041400
Feb 26 14:11:22 mail postfix/qmgr[2063]: 6247541401: removed
Feb 26 14:11:22 mail postfix/pipe[2247]: 1250041400: to=[email protected], relay=dovecot, delay=0.09, delays=0.01/0/0/0.08, dsn=2.0.0, status=sent (delivered via dovecot service)
Feb 26 14:11:22 mail postfix/qmgr[2063]: 1250041400: removed

Docker and non-docker tests were done on the same system. Every time were used the same iso of Ubuntu 16.04. All tests were done with a fresh OS installation. I made about 10 tests.

Is it possible to completely disable ClamAV from starting? The official methods don't seem to work.

I did issued the command:
docker run --privileged -p 80:80 -p 443:443
-e "DOMAIN=web.ro" -e "HOSTNAME=mail"
-e "MYSQL_ROOT_PASSWORD=pass!"
-e "SOGO_WORKERS=1"
-e "TIMEZONE=Europe/Bucharest"
-e "POSTMASTER_PASSWORD={PLAIN}pass!"
-e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']"
-v /var/lib/mysql
-v /var/vmail
-v /var/lib/clamav
--name=iredmail lejmr/iredmail:mysql-latest

but it seems either the docker run still execute something or it did not finish correctly.

also
tail /var/log/mail.log
Oct 2 08:08:22 75d0986c0269 postfix/postqueue[1477]: fatal: Queue report unavailable - mail system is down

can you provide me some help please ?

iRedMail v0.9.7 was released 2017-06-28

I started my docker instance with:

docker run --privileged -p 8666:80 -p 8443:443 \
           -e "DOMAIN=my.domain" -e "HOSTNAME=email" \
           -e "MYSQL_ROOT_PASSWORD=totallyMyPassword" \
           -e "SOGO_WORKERS=1" \
           -e "TIMEZONE=Europe/Warsaw" \
           -e "POSTMASTER_PASSWORD={PLAIN}asloMyPassword" \
           -e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']" \
           -v /mysql:/var/lib/mysql \
           -v /vmail:/var/vmail \
           -v /clamav:/var/lib/clamav \
           --name=iredmail lejmr/iredmail:mysql-latest

I'm unable to login to any service. I tried login with [email protected] or [email protected] or just postmaster@email (don't know where I found this) and the password provided in run command doesn't work. I tried also looking up iRedMail config (the one inside docker), it said password was FUPASSWORD, but it also didn't work. What would be the credentials to SOGo, iRedMail and Roundcube?

During boot multiple instances of the message "unable to write 'random state'" appear after a message indicating rc.local is running. This messages are caused by the fact that some environment variables normally set during boot are not set in the parent image, which means that openssl is unable to locate where to write its random file. The simplest solution is to add the following line immediately before the openssl calls:

export RANDFILE=/root/.rnd

Create container no problem.However, Gogs failed to use SMTP (25 port ) to send letters.

execut bash:
echo $HOSTNAME > mail
echo $DOMAIN > jokersoft.io

error message:
gomail: could not send email 1: StartTLS: x509: certificate is valid for HOSTNAME.DOMAIN, not mail.jokersoft.io

No checksum found where hostname, Hope to be answered.

Hello,

The docker run command on Docker Hub is outdated and fail initial DKIM.
You should consider updating Docker Hub readme.

I have iredmail which is installed on the host instead of docker and if I check yourdomain.com/awstats iredmail shows pop up where I need to enter email and password. Docker realization simply shows all files in Index of /awstats/.

Hi!
Thank you for great docker container!
Trying to run it on digitalocean that doesn't allow to use port 25.
So in /var/log/mail.log I see following:
postfix/smtp[2496]: 56DCC8DC25A: to=<[email protected]>, relay=none, delay=530, delays=500/0.02/30/0, dsn=4.4.1, status=deferred (connect to mail-tester.com[94.23.206.89]:25: Connection timed out)
So, how to force iredmail to use 587 port instead of 25 ?

At the moment all technical accounts have full access rights: https://github.com/lejmr/iredmail-docker/blob/1.0/mysql/static_files/services/mariadb-server.sh#L77

Each account should be limited for its purpose

1. What are SOGO_WORKERS and how do I know what I should set the value to? I have read that SOGO is some program to help email clients connect so you don't have to use web GUI.

2. Is it required to run this container as privledged?

3. What are the options available for the time zone parameter?

4. Will mounting this volume remove the need for the time zone command?
   /etc/localtime:/etc/localtime:ro

5. Do I need more then ports 443 and 80 setup in NGINX. I noticed the docker container exposes a bunch of ports.

#11

EXPOSE 80 443 25 587 110 143 993 995

edit:

6. Tried things out. I am getting this problem. #37

7. The problem I seem to be having is the NGINX proxy I am using likes to communicate over http with containers and this one likes redirects to https when it sees http so it creates an endless loop.

edit2:
I got this working so that I am taken to a login page. I still don't know what ports I need to have my NGINX proxy setup. Right not I have only 443 and 80.

Hi, I got an error, and I don't know why.
I use django and errors:
File "/home/docker/code/app/account/V1_views.py", line 67, in post send_mail("feb.ai\u6ce8\u518c\u90ae\u4ef6", confirm_path, "[email protected]", [username], fail_silently=False) File "/usr/local/lib/python3.6/dist-packages/django/core/mail/__init__.py", line 60, in send_mail return mail.send() File "/usr/local/lib/python3.6/dist-packages/django/core/mail/message.py", line 291, in send return self.get_connection(fail_silently).send_messages([self]) File "/usr/local/lib/python3.6/dist-packages/django/core/mail/backends/smtp.py", line 103, in send_messages new_conn_created = self.open() File "/usr/local/lib/python3.6/dist-packages/django/core/mail/backends/smtp.py", line 68, in open self.connection.starttls(keyfile=self.ssl_keyfile, certfile=self.ssl_certfile) File "/usr/lib/python3.6/smtplib.py", line 771, in starttls server_hostname=self._host) File "/usr/lib/python3.6/ssl.py", line 407, in wrap_socket _context=self, _session=session) File "/usr/lib/python3.6/ssl.py", line 817, in __init__ self.do_handshake() File "/usr/lib/python3.6/ssl.py", line 1077, in do_handshake self._sslobj.do_handshake() File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake self._sslobj.do_handshake() ConnectionResetError: [Errno 104] Connection reset by peer

this is django settings:
`EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_USE_TLS = True
EMAIL_HOST = 'xxxxxxx'
EMAIL_PORT = 587
EMAIL_HOST_USER = 'xxxxxx'
EMAIL_HOST_PASSWORD = 'xxxxxxxx'

from django.core.mail import send_mail
send_mail("xxxxx", "xxxxx", "xxxxxx", ["xxxxxx"], fail_silently=False)`

and here is /var/log/maillog

Feb 6 18:37:33 mail postfix/submission/smtpd[1794]: connect from unknown[xxx.xxx.xxx.xxx] Feb 6 18:37:34 mail postfix/submission/smtpd[1794]: SSL_accept error from unknown[xxx.xxx.xxx.xxx]: Connection reset by peer Feb 6 18:37:34 mail postfix/submission/smtpd[1794]: lost connection after STARTTLS from unknown[xxx.xxx.xxx.xxx] Feb 6 18:37:34 mail postfix/submission/smtpd[1794]: disconnect from unknown[xxx.xxx.xxx.xxx]
docker image is lejmr/iredmail:mysql-latest

Docker compose allows defining enabled plugins

Hello!
Got similar problem like here:
#6
Here is how I start the container:

docker run --privileged -p 7080:80 -p 7443:443 \
           -h mydomain.com \
           -e "MYSQL_ROOT_PASSWORD=totallyMyPassword" \
           -e "SOGO_WORKERS=1" \
           -e "TZ=Europe/Moscow" \
           -e "POSTMASTER_PASSWORD={PLAIN}asloMyPassword" \
           -e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']" \
           -v /home/al/docker/iredmail/mysql:/var/lib/mysql \
           -v /home/al/docker/iredmail/vmail:/var/vmail \
           -v /home/al/docker/iredmail/clamav:/var/lib/clamav \
           --name=iredmail lejmr/iredmail:mysql-0.9.7

My nginx proxies mail.mydomain.com requests to localhost:7443 so I can open following page:
https://mail.mydomain.com/iredadmin/
But entering login as [email protected] and password asloMyPassword gives me INVALID_CREDENTIALS error.
Tried it with the latest and 0.9.7 versions without luck.

During build the following errors/warnings appear:

• chown: invalid user: 'syslog:adm'
• tar: Removing leading `/' from member names

During the process of starting a container (not the first start, only subsequent starts) the following errors appear:

• ./run: 18: [: X1: unexpected operator
• ./run: 52: [: Xstopped: unexpected operator

The chown error is caused by the fact that on a normal Ubuntu system there is a system account 'syslog' that has ownership over many of the logs, but on the base image this account does not exist. iRedMail.sh, thinking it is a normal Ubuntu system, attempts to set change the ownership to a non-existent account. The solution is to set an environment variable in config-gen.sh to make it change it to the 'root' account instead.

The tar warning is not so much of a problem but can be addressed fairly easily by changing the tar commands from 'tar jcf /root/vmail.tar.bz2 /var/vmail' (and equivalents) to 'tar jcf /root/vmail.tar.bz2 -C / var/vmail'.

The run error is caused by the use of a double equal '==' equality operator in iredapd.sh. This works in the '/bin/bash' shell but is not acceptable in the '/bin/sh' shell, which is what iredapd.sh currently uses. The solution is to change '==' to '=', or use '/bin/bash'. I prefer the former.

Hi My Upgrade from 0.9.7 to 0.9.8 did not go well at all.
I followed the instructions as per README
docker rm -f iredmail Update image docker pull lejmr/iredmail:mysql-0.9.8 Start iRedmail from newer image Initiate upgrade docker exec -ti iredmail /sbin/update-iredmail
However the container continues to spin and repeats the below

Not sure what to do next.
How to I upgrade without loosing my emails and configurations?

*** Starting mlmmjadmin..
Aug 23 01:00:44 85960eac1126 root: DEBUG configure mlmmjadmin api_auth
Aug 23 01:00:44 85960eac1126 root: DEBUG mlmmjadmin
[uWSGI] getting INI configuration from /opt/mlmmjadmin/rc_scripts/uwsgi/debian.ini
Aug 23 01:00:44 85960eac1126 uwsgi: *** Starting uWSGI 2.0.12-debian (64bit) on [Thu Aug 23 01:00:44 2018] ***
Aug 23 01:00:44 85960eac1126 uwsgi: compiled with version: 5.4.0 20160609 on 31 August 2017 21:02:04
Aug 23 01:00:44 85960eac1126 uwsgi: os: Linux-4.4.0-128-generic #154-Ubuntu SMP Fri May 25 14:15:18 UTC 2018
Aug 23 01:00:44 85960eac1126 uwsgi: nodename: 85960eac1126
Aug 23 01:00:44 85960eac1126 uwsgi: machine: x86_64
Aug 23 01:00:44 85960eac1126 uwsgi: clock source: unix
Aug 23 01:00:44 85960eac1126 uwsgi: pcre jit disabled
Aug 23 01:00:44 85960eac1126 uwsgi: detected number of CPU cores: 1
Aug 23 01:00:44 85960eac1126 uwsgi: current working directory: /etc/service/mlmmjadmin
Aug 23 01:00:44 85960eac1126 uwsgi: writing pidfile to /var/run/mlmmjadmin/mlmmjadmin.pid
Aug 23 01:00:44 85960eac1126 uwsgi: detected binary path: /usr/bin/uwsgi-core
Aug 23 01:00:44 85960eac1126 uwsgi: setgid() to 2003
Aug 23 01:00:44 85960eac1126 uwsgi: setuid() to 2003
Aug 23 01:00:44 85960eac1126 uwsgi: chdir() to /opt/mlmmjadmin
Aug 23 01:00:44 85960eac1126 uwsgi: your memory page size is 4096 bytes
Aug 23 01:00:44 85960eac1126 uwsgi: detected max file descriptor number: 1048576
Aug 23 01:00:44 85960eac1126 uwsgi: VirtualHosting mode enabled.
Aug 23 01:00:44 85960eac1126 uwsgi: lock engine: pthread robust mutexes
Aug 23 01:00:44 85960eac1126 uwsgi: thunder lock: disabled (you can enable it with --thunder-lock)
Aug 23 01:00:44 85960eac1126 uwsgi: uwsgi socket 0 bound to TCP address 127.0.0.1:7790 fd 6
Aug 23 01:00:44 85960eac1126 uwsgi: Python version: 2.7.12 (default, Dec  4 2017, 14:50:18)  [GCC 5.4.0 20160609]
Aug 23 01:00:44 85960eac1126 uwsgi: Python main interpreter initialized at 0x1eac610
Aug 23 01:00:44 85960eac1126 uwsgi: python threads support enabled
Aug 23 01:00:44 85960eac1126 uwsgi: your server socket listen backlog is limited to 100 connections
Aug 23 01:00:44 85960eac1126 uwsgi: your mercy for graceful operations on workers is 60 seconds
Aug 23 01:00:44 85960eac1126 uwsgi: mapped 436608 bytes (426 KB) for 5 cores
Aug 23 01:00:44 85960eac1126 uwsgi: *** Operational MODE: preforking ***
Aug 23 01:00:44 85960eac1126 uwsgi: ERROR: directory doesn't exist: /var/vmail/mlmmj.
Aug 23 01:00:44 85960eac1126 uwsgi: 
*** Starting amavis..
Aug 23 01:00:44 85960eac1126 root: DEBUG Starting amavisd-new
Error in config file "/etc/amavis/conf.d/50-user": dkim_key: domain must not be empty: (,dkim,/var/lib/dkim/.pem) at /usr/sbin/amavisd-new line 625.
*** Starting postfix..
*** Starting mlmmjadmin..
Aug 23 01:00:45 85960eac1126 root: DEBUG configure mlmmjadmin api_auth
Aug 23 01:00:45 85960eac1126 root: DEBUG mlmmjadmin
[uWSGI] getting INI configuration from /opt/mlmmjadmin/rc_scripts/uwsgi/debian.ini
Aug 23 01:00:45 85960eac1126 uwsgi: *** Starting uWSGI 2.0.12-debian (64bit) on [Thu Aug 23 01:00:45 2018] ***
Aug 23 01:00:45 85960eac1126 uwsgi: compiled with version: 5.4.0 20160609 on 31 August 2017 21:02:04
Aug 23 01:00:45 85960eac1126 uwsgi: os: Linux-4.4.0-128-generic #154-Ubuntu SMP Fri May 25 14:15:18 UTC 2018
Aug 23 01:00:45 85960eac1126 uwsgi: nodename: 85960eac1126
Aug 23 01:00:45 85960eac1126 uwsgi: machine: x86_64
Aug 23 01:00:45 85960eac1126 uwsgi: clock source: unix
Aug 23 01:00:45 85960eac1126 uwsgi: pcre jit disabled
Aug 23 01:00:45 85960eac1126 uwsgi: detected number of CPU cores: 1
Aug 23 01:00:45 85960eac1126 uwsgi: current working directory: /etc/service/mlmmjadmin
Aug 23 01:00:45 85960eac1126 uwsgi: writing pidfile to /var/run/mlmmjadmin/mlmmjadmin.pid
Aug 23 01:00:45 85960eac1126 uwsgi: detected binary path: /usr/bin/uwsgi-core
Aug 23 01:00:45 85960eac1126 uwsgi: setgid() to 2003
Aug 23 01:00:45 85960eac1126 uwsgi: setuid() to 2003
Aug 23 01:00:45 85960eac1126 uwsgi: chdir() to /opt/mlmmjadmin
Aug 23 01:00:45 85960eac1126 uwsgi: your memory page size is 4096 bytes
Aug 23 01:00:45 85960eac1126 uwsgi: detected max file descriptor number: 1048576
Aug 23 01:00:45 85960eac1126 uwsgi: VirtualHosting mode enabled.
Aug 23 01:00:45 85960eac1126 uwsgi: lock engine: pthread robust mutexes
Aug 23 01:00:45 85960eac1126 uwsgi: thunder lock: disabled (you can enable it with --thunder-lock)
Aug 23 01:00:45 85960eac1126 uwsgi: uwsgi socket 0 bound to TCP address 127.0.0.1:7790 fd 6
Aug 23 01:00:45 85960eac1126 uwsgi: Python version: 2.7.12 (default, Dec  4 2017, 14:50:18)  [GCC 5.4.0 20160609]
Aug 23 01:00:45 85960eac1126 uwsgi: Python main interpreter initialized at 0xffe610
Aug 23 01:00:45 85960eac1126 uwsgi: python threads support enabled
Aug 23 01:00:45 85960eac1126 uwsgi: your server socket listen backlog is limited to 100 connections
Aug 23 01:00:45 85960eac1126 uwsgi: your mercy for graceful operations on workers is 60 seconds
Aug 23 01:00:45 85960eac1126 uwsgi: mapped 436608 bytes (426 KB) for 5 cores
Aug 23 01:00:45 85960eac1126 uwsgi: *** Operational MODE: preforking ***
Aug 23 01:00:45 85960eac1126 uwsgi: ERROR: directory doesn't exist: /var/vmail/mlmmj.
Aug 23 01:00:45 85960eac1126 uwsgi: 
*** Starting amavis..
Aug 23 01:00:46 85960eac1126 root: DEBUG Starting amavisd-new
Error in config file "/etc/amavis/conf.d/50-user": dkim_key: domain must not be empty: (,dkim,/var/lib/dkim/.pem) at /usr/sbin/amavisd-new line 625.
*** Starting mlmmjadmin..

>docker pull lejmr/iredmail
Using default tag: latest
Error response from daemon: manifest for lejmr/iredmail:latest not found

I'm trying to run the docker run command from a fresh install of Ubuntu and Docker CE, and I'm getting this error:

jesse@sapphire:~$ sudo docker run --privileged -p 8080:80 -p 4443:443 -e "DOMAIN=" -e "HOSTNAME=mail" -e "MYSQL_ROOT_PASSWORD=" -e "SOGO_WORKERS=1" -e "TIMEZONE=America/Eastern" -e "POSTMASTER_PASSWORD={PLAIN}***" -e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']" -v PATH/mysql:"/var/lib/mysql" -v PATH/vmail:/var/vmail -v PATH/clamav:/var/lib/clamav --name=iredmail lejmr/iredmail:mysql-latest

docker: Error response from daemon: create PATH/mysql: "PATH/mysql" includes invalid characters for a local volume name, only "[a-zA-Z0-9][a-zA-Z0-9_.-]" are allowed. If you intended to pass a host directory, use absolute path.

See 'docker run --help'.

I have removed the passwords and such and replaced them with stars for github ;) Otherwise that is the exact command I'm running. What's going on?

The current build process sees the iRedMail installation script download the ClamAV database, which are then stored in an archive file in /root. Then on boot, if the clamav database files are missing (such as if a empty volume is being used) then this archive is extracted, and then the archive file is deleted. Note that if an existing volume is used (that already has clamav database files) then the archive is not deleted.

It appears that the purpose of deleting the archive at runtime is to recover the disk space used, but docker images are immutable, so all that happens is that the writable layer of the container is modified to hide the file. The file continues to exist in the image. This means that we have two copies of the ClamAV database at all times, which amounts to an extra 164 MB or so.

The other problem that this approach creates is that the database used when a new clamav volume is initialized is current as of the build date. Therefore it will be out of date until the next scheduled update.
Downloading the clamav database at build time also increases the build time.

The solution to these problems is to not download clamav during build time, but instead to download it at runtime, if necessary, instead of extracting the archive. This gives us a faster build, a database that is as up to date as possible from the get go, and reduces the size of the image.

Is it possible to upgrade from existing running version.
I have 0.9.8 running on a cloud for over a year with good amount of email.
Is there a migration path?
Looks like lot's have changed. How would I be able to migrate my email to 1.0
version.

I tried mounting my volumes from 0.9.8 to 1.0
Seems like the mail apps cannot connect to the database, but it does look like it's running.

Any suggestions?

Hi. Thanks for this repository!

I found the next issues:

1. Here there is just one example of config from iRedMail.tips (the same can be seen in one of emails which postmaster receives after installation).

Roundcube webmail: /opt/www/roundcubemail-1.3.3
* Config file: /opt/www/roundcubemail-1.3.3/config
* Web access:
- URL: http://HOSTNAME.DOMAIN/mail/ (will be redirected to https:// site)  <<----
- URL: https://HOSTNAME.DOMAIN/mail/ (secure connection)  <<----
- Username: postmaster@`DOMAIN`  <<----
- Password: FUPASSWORD
* SQL database account:
- Database name: roundcubemail
- Username: roundcube
- Password: TEMP_RCM_DB_PASSWD  <<----

2. Also if I check hostname -f inside container I see HOSTNAME.DOMAIN.
3. In IredAdmin the field Hostname shows 1b0e2800cb1c.
4. Docker's logs shows mv: cannnot stat '/var/lib/dkim/DOMAIN.pem': No such file or directory. I checked this path and instead of DOMAIN.pem I see actually myrealdomain.com.pem

Hello,

I work on a fork of this repository, with some changes to the included components.
I realized that DKiM keys are only generated once by the installation of iRedMail, which means everyone using this docker image will have the same public/private key pair and could send emails with the domain of other users of this container and DKIM verification would pass. (Note: SPF would still fail)

Am I correct on this issue or did I miss something?

If someone confirms this issue, I could look into creating a script which saves (and uses) a freshly generated key-pair to the data directory outside of the container and include it in a pull request.

The patching of /etc/default/sogo and /etc/sogo/sogo.conf that occurs in the dockerfile to adjust PREFORK and WOWorkersCount is unnecessary.

This is much better done by using a environment variable (instead of argument) in the build file for SOGO_WORKERS and not touching these files at all. The reason is that we are replacing the normal init script anyway, so we can simply pass the environment variable to the daemon directly (the /etc/default/sogo file is read by the default init script).

Per the docs, environment variables should be put as late as possible in the dockerfile to make best use of the cache. In this case that would be at the end.

Im run docker tag "mysql-0.9.7-latest" and get error log like this

" docker: Error response from daemon: create PATH/mysql: "PATH/mysql" includes invalid characters for a local volume name, only "[a-zA-Z0-9][a-zA-Z0-9_.-]" are allowed. If you intended to pass a host directory, use absolute path. "

anyone can fix it?, thx

Potential improvement in the image size can be migration to debian:10-slim. Generally, the slim version which can reduce some extra disk space.

I personally, find it a low priority, but if I get a working pull request I will most likely merge it.. as I dont have any sentiment to centos:7 base image.

The TIMEZONE argument has no effect on images created. It appears that this is intended to set the default time zone for images but this is not the case. Calling 'date' from a fresh image produces UTC time, regardless.

The problem is that modifying '/etc/timezone' has no effect unless a symbolic link is created from /etc/localtime to a tzdata file.

A better approach is to leave the default as UTC and adjust it at runtime (if desired) using the standard TZ environment variable. The reason is that UTC is a good neutral default and it is also something that many administrators may prefer to use anyway.

There is no need to touch '\etc\timezone', (or '\etc\localtime') as these set the system default timezone, but if we apply the TZ environment variable at runtime it will apply to all user accounts, so has the same effect as setting the system default, but is much cleaner and simpler.

When I run below command:
docker run --privileged -p 110:110 -p 443:443 -p 587:587 -p 143:143 -p 25:25 -p 993:993 -p 995:995
-e "DOMAIN=example.com" -e "HOSTNAME=mail"
-e "MYSQL_ROOT_PASSWORD=password"
-e "SOGO_WORKERS=1"
-e "TIMEZONE=Europe/Prague"
-e "POSTMASTER_PASSWORD={PLAIN}password"
-e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']"
-v /var/www/iredmail/mysql:/var/lib/mysql
-v /var/www/iredmail/vmail:/var/vmail
-v /var/www/iredmail/clamav:/var/lib/clamav
--name=iredmail lejmr/iredmail:mysql-latest

got below error log, anyone know what issue it is and how to fix it.

May 28 11:27:19 c1a8371d329b root: DEBUG Starting amavisd-new

• Starting app server(s) uwsgi
  ...done.
  /usr/lib/python2.7/dist-packages/pymysql/cursors.py:158: Warning: '@@tx_isolation' is deprecated and will be removed in a future release. Please use '@@transaction_isolation' instead
  result = self._query(query)
  May 28 11:27:48 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:27:48 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:27:48 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:27:48 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:27:48 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:27:48 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 985 killed with signal 9
  May 28 11:27:48 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 989 killed with signal 9
  May 28 11:27:48 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 990 killed with signal 9
  May 28 11:27:48 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 991 killed with signal 9
  May 28 11:27:48 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 992 killed with signal 9
  ^[[18~^[[19~May 28 11:28:01 c1a8371d329b CRON[1303]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30 >/dev/null 2>&1; /usr/sbin/sogo-ealarms-notify >/dev/null 2>&1)
  May 28 11:28:18 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:28:18 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:28:18 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:28:18 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:28:18 c1a8371d329b dovecot: master: Error: service(lmtp): Initial status notification not received in 30 seconds, killing the process
  May 28 11:28:18 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 1275 killed with signal 9
  May 28 11:28:18 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 1276 killed with signal 9
  May 28 11:28:18 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 1277 killed with signal 9
  May 28 11:28:18 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 1278 killed with signal 9
  May 28 11:28:18 c1a8371d329b dovecot: lmtp: Fatal: master: service(lmtp): child 1279 killed with signal 9

Why the container needs the --privileged option?
And why are you copying custom binaries?

COPY ./uname /bin/uname

Not really safe to trust a container in privileged mode with unkowns binaries.

Used command:

docker run --privileged -p 1780:80 -p 17443:443 \
           -e "DOMAIN=domain.tld" -e "HOSTNAME=mail" \
           -e "MYSQL_ROOT_PASSWORD=password" \
           -e "SOGO_WORKERS=1" \
           -e "TIMEZONE=Europe/Paris" \
           -e "POSTMASTER_PASSWORD={PLAIN}password" \
           -e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']" \
           -v $PWD/mysql:/var/lib/mysql \
           -v $PWD/vmail:/var/vmail \
           -v $PWD/clamav:/var/lib/clamav \
           --name=iredmail lejmr/iredmail:mysql-latest

Output:

*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh...
*** Running /etc/rc.local...
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
*** Booting runit daemon...
*** Runit started as PID 17
*** Creating database.. *** Starting Memcached..
*** Configuring iredapd
done.
Waiting for MySQL is up
.Nov  4 13:55:33 67d2018c6ab6 syslog-ng[46]: syslog-ng starting up; version='3.5.6'
Nov  4 13:55:33 67d2018c6ab6 cron[42]: (CRON) INFO (Running @reboot jobs)
.mysqld is alive

*** Configuring MySQL database.. (root password) (postmaster)
mysqldump: [Warning] Using a password on the command line interface can be insecure.
(postmaster password)
(service accounts)
done.
*** Starting MySQL database..
*** Creating vmail structure..
*** Starting postfix..
*** Starting amavis..
*** Starting dovecot..
Nov  4 13:55:48 67d2018c6ab6 root: DEBUG Starting amavisd-new
Nov  4 13:55:48 67d2018c6ab6 root: DEBUG Starting dovecot
Nov  4 13:55:48 67d2018c6ab6 dovecot: master: Dovecot v2.2.22 (fe789d2) starting up for pop3, imap, sieve, lmtp (core dumps disabled)
Nov  4 13:55:48 67d2018c6ab6 dovecot: ssl-params: Generating SSL parameters
*** Starting sogo...
 * Starting app server(s) uwsgi
   ...done.
*** Preparing ClamAV files..
/usr/bin/freshclam: error while loading shared libraries: libcrypto.so.1.0.0: cannot open shared object file: Permission denied
Nov  4 13:56:01 67d2018c6ab6 CRON[746]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30 >/dev/null 2>&1; /usr/sbin/sogo-ealarms-notify >/dev/null 2>&1)
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
Nov  4 13:56:07 67d2018c6ab6 dovecot: ssl-params: SSL parameters regeneration completed
Nov  4 13:56:07 67d2018c6ab6 dovecot: imap-login: Disconnected (no auth attempts in 18 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: Disconnected, session=<PdY9lShdfoV/AAAB>
Nov  4 13:56:07 67d2018c6ab6 dovecot: imap-login: Disconnected (no auth attempts in 18 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: Disconnected, session=<QNY9lShdeYV/AAAB>
Nov  4 13:56:07 67d2018c6ab6 dovecot: imap-login: Disconnected (no auth attempts in 18 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, TLS handshaking: Disconnected, session=<QNY9lShde4V/AAAB>
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/bin/freshclam: error while loading shared libraries: libcrypto.so.1.0.0: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/bin/freshclam: error while loading shared libraries: libcrypto.so.1.0.0: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/bin/freshclam: error while loading shared libraries: libcrypto.so.1.0.0: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
/usr/sbin/clamd: error while loading shared libraries: libclamav.so.7: cannot open shared object file: Permission denied
...
```

I changed password via User Interface Settings, but when I restarted container again via docker-compose up the password is reset to the one which is provided in my docker-compose file (i.e. password):

version: '3.5'
services:
  iredmail:
    image: lejmr/iredmail:mysql-latest
    container_name: iredmail-container
    restart: unless-stopped
    hostname: mail.example.com
    privileged: yes
    ports:
      - "25:25"
      - "587:587"
    volumes:
      - /var/www/mail/mysql:/var/lib/mysql
      - /var/www/mail/vmail:/var/vmail
      - /var/www/mail/clamav:/var/lib/clamav
      - /etc/localtime:/etc/localtime:ro
    environment:
      - MYSQL_ROOT_PASSWORD=password
      - POSTMASTER_PASSWORD={PLAIN}password
      - IREDAPD_PLUGINS="['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']"
      - VIRTUAL_HOST=mail.example.com
      - VIRTUAL_PORT=443
      - VIRTUAL_PROTO=https
      - LETSENCRYPT_HOST=mail.example.com
      - [email protected]

I think iredmail-docker should not reset password every new start, because of security concerns.

unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
unable to write 'random state'
*** Booting runit daemon...
*** Runit started as PID 15
*** Starting Memcached..
*** Configuring iredapd
Waiting for MySQL is up
..mysqld is alive

*** Configuring MySQL database.. (root password) (postmaster)
mysqldump: [Warning] Using a password on the command line interface can be insecure.
(postmaster password)
(service accounts)
done.
*** Starting MySQL database..
*** Starting postfix..
*** Starting amavis..
*** Starting dovecot..
*** Starting sogo...

• Starting app server(s) uwsgi
  ...done.

Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 16.
Limits: Files limit set to 10000.
Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Limits: MaxScriptNormalize limit set to 5242880 bytes.
Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Limits: MaxPartitions limit set to 50.
Limits: MaxIconsPE limit set to 100.
Limits: MaxRecHWP3 limit set to 16.
Limits: PCREMatchLimit limit set to 10000.
Limits: PCRERecMatchLimit limit set to 5000.
Limits: PCREMaxFileSize limit set to 26214400.
Archive support enabled.
Algorithmic detection enabled.
Portable Executable support enabled.
ELF support enabled.
Mail files support enabled.
OLE2 support enabled.
PDF support enabled.
SWF support enabled.
HTML support enabled.
XMLDOCS support enabled.
HWP3 support enabled.
Self checking every 3600 seconds.

looks fine,but when I open the link mail.xxx.com/mail, page shows : ERR_SSL_PROTOCOL_ERROR

Hi.

This is the main page after a fresh install:

Any advice?

Thanks

I am trying to connect to the machine docker exec iredmail bash but I get nothing more than a freezing command.

would be very nice if one could inject an external db-server (hostname, credentials, db-names)

Hello , I an trying install the version of lejmr/iredmail:mysql-0.9.7 in my server cloud (Azure), but ever its show me follow error:

Waiting for MySQL is up
.mysqld: Can't read dir of '/etc/mysql/conf.d/' (Errcode: 13 - Permission denied)
mysqld: [ERROR] Fatal error in defaults handling. Program aborted!

I ran:

docker run --privileged -p 3000:80 -p 443:443 -p 110:110 -p 587:587 -p 995:995 -p 993:993 -p 143:143 -e "DOMAIN=mydomain.com" -e "HOSTNAME=mail" -e "MYSQL_ROOT_PASSWORD=root" -e "SOGO_WORKERS=1" -e "TIMEZONE=Europe/Prague" -e "POSTMASTER_PASSWORD={SSHA512}mbjedENKHAewCV+VleLJBxMra9FsdNjZbtQi7aeTSe5wCejn4lf3JVhphVNTGKLcVvr1a5e2TcN5jhDSGeC5ZYUP5n0=" -e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']" -v $(pwd)/mysql:/var/lib/mysql -v $(pwd)/vmail:/var/vmail -v $(pwd)/clamav:/var/lib/clamav --name=mailServer lejmr/iredmail:mysql-0.9.7

My server cloud :
kernel => Linux
kernelmajversion => 4.15
kernelrelease => 4.15.0-1035-azure
kernelversion => 4.15.0lsb

Distributor ID: Ubuntu
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic

*but if I run this in my local computer work perfectly.

How can I pass the CA certificate to the container?

I have a certificate error in mobile phones

Oct 29 09:48:46 mail dovecot: imap-login: Error: SSL: Stacked error: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46
Oct 29 09:48:46 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=154.48.131.200, lip=172.30.0.2, TLS handshaking: SSL_accept() failed: Unknown error, session=<4BEcI1p5aKmaMIPI>

Hello,
This is more of a question then an issue. I would like to upgrade to the latest lejmr/iredmail 0.9.8 Version, but I noticed a lot of development around generating certificates etc... I was wondering if the following would still work for me if I upgrade?

docker run -dit --restart always --privileged -p 80:80 -p 443:443 -p 25:25 -p 587:587 -p 993:993  \   
     #snip#   
           -v /opt/docker-volumes/iredmail/mysql:/var/lib/mysql \
           -v /opt/docker-volumes/iredmail/vmail:/var/vmail \
           -v /opt/docker-volumes/iredmail/clamav:/var/lib/clamav \
           -v /etc/letsencrypt/live/mail.example.com/privkey.pem:/etc/ssl/private/iRedMail.key:ro \
           -v /etc/letsencrypt/live/mail.example.com/fullchain.pem:/etc/ssl/certs/iRedMail.crt:ro \
           --name=iredmail lejmr/iredmail:mysql-latest

Overall, thank you for this project and everyone's contribution. It has been really helpful.

There are a couple of emails that appear when a container is create/recreated. These include:

1. Tmpreaper, warning about possible negative consequences of using it. Requires editing /etc/tmpreaper.conf to silence, which must be done every time the container is created.

2. Spamassassin, complaining about lack of a user_prefs file for user amavis. This can be ignored as it only occurs once per container creation, but is still annoying.

The solution is to patch /etc/tmpreaper.conf and create a user_prefs file in the image via the dockerfile.

Hello, I found the following error while trying to build the image。

/bin/sh: 1: hostname_: not found
cat: /opt/hostname: No such file or directory
cat: /etc/mailname: No such file or directory
sed: -e expression #1, char 0: no previous regular expression

today ,i try pull lejmr/iredmail:mysql-latest in ubuntu 16.04.2 ,some email (eg hotmail )can receive,but some email (eg qq.com) can not receive.

test email : [email protected]

in docker container,i try it like this (it not work)

cd /opt/iredapd/tools
python greylisting_admin.py --disable --to '@.'
python spf_to_greylist_whitelists.py qq.com

any help ? if i want to receive unknown email ? is different use iredmail in docker or host ？

Failed to get D-Bus connection: Operation not permitted
Failed to get D-Bus connection: Operation not permitted

Due to program /usr/share/spamassassin/sa-update.cron interacts with SystemD

if [ $status -eq 0 ]; then
        if [ -n "$DEBUG" -o -n "$NOTIFY_UPD" ]; then
            echo "$now: SpamAssassin: Update processed successfully"
        else
            echo "$now: SpamAssassin: Update processed successfully" >>/var/log/sa-update.log
        fi
         systemctl condrestart spamassassin.service >& /dev/null
         [ -f /usr/lib/systemd/system/amavisd.service ] && systemctl condrestart amavisd.service >& /dev/null
         systemctl --quiet is-active mimedefang.service; [ $? -eq 0 ] && systemctl reload mimedefang.service >& /dev/null
         [ -f /usr/lib/systemd/system/spampd.service ] && systemctl condrestart spampd.service >& /dev/null
        exit $status
fi
if [ $status -eq 1 ]; then

I have started the container as follows:

sudo docker run --privileged -p 10080:80 -p 10443:443
-h mail.example.com
-d
-e "MYSQL_ROOT_PASSWORD=mpwd"
-e "SOGO_WORKERS=1"
-e "TZ=Europe/Berlin"
-e "POSTMASTER_PASSWORD={PLAIN}ppwd"
-e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']"
-v /var/iredmail/mysql:/var/lib/mysql
-v /var/iredmail/vmail:/var/vmail
-v /var/iredmail/clamav:/var/lib/clamav
--name=iredmail lejmr/iredmail:mysql-latest

I am now trying to login into iredadmin but it keeps telling me the following acces data is invalid (I have anonymized the real domain/host name):

url: https://[host]:10443/iredadmin
user: [email protected]
pwd: ppwd

I tried both the IP of the host and mail.example.com

Error: Username or password is incorrect.

What do I miss?