Improve modular setup for DKIM
Start Amavis integration
This commit is contained in:
parent
a8d073e430
commit
7a05a328b4
31
amavis/Dockerfile
Normal file
31
amavis/Dockerfile
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
FROM ubuntu:14.10
|
||||||
|
|
||||||
|
ENV DEBIAN_FRONTEND noninteractive
|
||||||
|
RUN locale-gen en_GB en_GB.UTF-8 && dpkg-reconfigure locales
|
||||||
|
|
||||||
|
# Prerequisites
|
||||||
|
RUN apt-get update && apt-get install -y \
|
||||||
|
amavisd-new \
|
||||||
|
spamassassin \
|
||||||
|
libnet-dns-perl \
|
||||||
|
libmail-spf-perl \
|
||||||
|
pyzor \
|
||||||
|
razor && \
|
||||||
|
apt-get clean && \
|
||||||
|
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||||
|
|
||||||
|
# Set up razor and pyzor
|
||||||
|
RUN su - amavis -s /bin/bash && razor-admin -create && razor-admin -register && pyzor discover
|
||||||
|
|
||||||
|
COPY ./config/amavis-content_filter_mode /etc/amavis/conf.d/15-content_filter_mode
|
||||||
|
|
||||||
|
# Nice place for your settings
|
||||||
|
VOLUME ["/mail_settings"]
|
||||||
|
|
||||||
|
# Configure boot script
|
||||||
|
COPY boot /
|
||||||
|
RUN chmod 755 /boot
|
||||||
|
|
||||||
|
ENV AMAVIS=true
|
||||||
|
|
||||||
|
ENTRYPOINT ./boot; service rsyslog start; amavisd foreground
|
1
amavis/boot
Normal file
1
amavis/boot
Normal file
@ -0,0 +1 @@
|
|||||||
|
#!/bin/bash
|
0
amavis/config/amavis-content_filter_mode
Normal file
0
amavis/config/amavis-content_filter_mode
Normal file
@ -29,12 +29,15 @@ ADD ./config/dovecot.imap /etc/dovecot/conf.d/20-imap.conf
|
|||||||
# Nice place for your settings
|
# Nice place for your settings
|
||||||
VOLUME ["/mail_settings"]
|
VOLUME ["/mail_settings"]
|
||||||
|
|
||||||
# Configure boot script
|
# Copy boot scripts
|
||||||
COPY boot /
|
COPY boot /
|
||||||
RUN chmod 755 /boot
|
RUN chmod 755 /boot
|
||||||
|
COPY boot.d /boot.d
|
||||||
|
RUN chmod -R 755 /boot.d
|
||||||
|
|
||||||
# Volume to store email
|
# Volume to store email
|
||||||
VOLUME ["/vmail"]
|
VOLUME ["/vmail"]
|
||||||
|
|
||||||
# Add user vmail that ownes mail
|
# Add user vmail that ownes mail
|
||||||
RUN groupadd -g 5000 vmail
|
RUN groupadd -g 5000 vmail
|
||||||
RUN useradd -g vmail -u 5000 vmail -d /vmail -m
|
RUN useradd -g vmail -u 5000 vmail -d /vmail -m
|
||||||
|
25
email_core/boot
Normal file → Executable file
25
email_core/boot
Normal file → Executable file
@ -1,5 +1,6 @@
|
|||||||
# Check if we have SSL certificates in config, otherwise copy it there
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Check if we have SSL certificates in config, otherwise copy it there
|
||||||
# First the key file
|
# First the key file
|
||||||
if [ -f /mail_settings/ssl-cert-snakeoil.key ]; then
|
if [ -f /mail_settings/ssl-cert-snakeoil.key ]; then
|
||||||
cp /mail_settings/ssl-cert-snakeoil.key /etc/ssl/private/ssl-cert-snakeoil.key
|
cp /mail_settings/ssl-cert-snakeoil.key /etc/ssl/private/ssl-cert-snakeoil.key
|
||||||
@ -46,20 +47,10 @@ chmod u+w /vmail
|
|||||||
# Add password file
|
# Add password file
|
||||||
cp /mail_settings/passwords /etc/dovecot/passwd
|
cp /mail_settings/passwords /etc/dovecot/passwd
|
||||||
|
|
||||||
|
# Run boot scripts
|
||||||
# OpenDKIM config
|
for SCRIPT in /boot.d/*
|
||||||
POSTFIX_MAIN_CF=/etc/postfix/main.cf
|
do
|
||||||
if [ ! -z "$OPEN_DKIM" ]; then
|
if [ -f "$SCRIPT" -a -x "$SCRIPT" ]; then
|
||||||
# Add config block if not present already
|
"$SCRIPT"
|
||||||
if grep -q "# OpenDKIM - dockermail" "$POSTFIX_MAIN_CF"; then
|
|
||||||
echo "# OpenDKIM - dockermail" >> "$POSTFIX_MAIN_CF"
|
|
||||||
echo "milter_default_action = accept" >> "$POSTFIX_MAIN_CF"
|
|
||||||
echo "milter_protocol = 2" >> "$POSTFIX_MAIN_CF"
|
|
||||||
echo "smtpd_milters = $OPEN_DKIM_PORT_8891_ADDR" >> "$POSTFIX_MAIN_CF"
|
|
||||||
echo "non_smtpd_milters = $OPEN_DKIM_PORT_8891_ADDR" >> "$POSTFIX_MAIN_CF"
|
|
||||||
echo "# OpenDKIM - dockermail - end" >> "$POSTFIX_MAIN_CF"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
# Remove OpenDKIM block
|
|
||||||
sed '/# OpenDKIM - dockermail/,/# OpenDKIM - dockermail - end/d' "$POSTFIX_MAIN_CF"
|
|
||||||
fi
|
fi
|
||||||
|
done
|
||||||
|
49
email_core/boot.d/opendkim
Executable file
49
email_core/boot.d/opendkim
Executable file
@ -0,0 +1,49 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
echo 'Running opendkim boot script'
|
||||||
|
|
||||||
|
export DOCKERMAIL_OPENDKIM_ENV_OPEN_DKIM=true
|
||||||
|
export DOCKERMAIL_OPENDKIM_PORT_8891_TCP_ADDR=172.17.0.10
|
||||||
|
|
||||||
|
POSTFIX_MAIN_CF=/etc/postfix/main.cf
|
||||||
|
|
||||||
|
env_dump=$(printenv)
|
||||||
|
|
||||||
|
OPENDKIM_CONFIG_HEADER="# OpenDKIM - dockermail - start"
|
||||||
|
OPENDKIM_CONFIG_FOOTER="# OpenDKIM - dockermail - end"
|
||||||
|
|
||||||
|
function remove_opendkim () {
|
||||||
|
if grep -q "$OPENDKIM_CONFIG_HEADER" "$POSTFIX_MAIN_CF"; then
|
||||||
|
sed "/$OPENDKIM_CONFIG_HEADER/,/$OPENDKIM_CONFIG_FOOTER/d" "$POSTFIX_MAIN_CF"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function add_opendkim () {
|
||||||
|
if ! grep -q "$OPENDKIM_CONFIG_HEADER" "$POSTFIX_MAIN_CF"; then
|
||||||
|
echo "$OPENDKIM_CONFIG_HEADER" >> "$POSTFIX_MAIN_CF"
|
||||||
|
|
||||||
|
echo "milter_default_action = accept" >> "$POSTFIX_MAIN_CF"
|
||||||
|
echo "milter_protocol = 2" >> "$POSTFIX_MAIN_CF"
|
||||||
|
|
||||||
|
if [[ $env_dump =~ ^.*PORT_8891_TCP_ADDR=([0-9\.]*) ]] ; then
|
||||||
|
echo "smtpd_milters = inet:${BASH_REMATCH[1]}:8891" >> "$POSTFIX_MAIN_CF"
|
||||||
|
echo "non_smtpd_milters = inet:${BASH_REMATCH[1]}:8891" >> "$POSTFIX_MAIN_CF"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "$OPENDKIM_CONFIG_FOOTER" >> "$POSTFIX_MAIN_CF"
|
||||||
|
else
|
||||||
|
echo "Warning: $POSTFIX_MAIN_CF already contains OpenDKIM configuration, skipping"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
if [[ $env_dump =~ ^(.+OPEN_DKIM)= ]] ; then
|
||||||
|
if [ ! -z "${BASH_REMATCH[1]}" ]; then
|
||||||
|
echo "OPEN_DKIM env set, enabling email signing"
|
||||||
|
remove_opendkim # Remove first, to refresh IP info
|
||||||
|
add_opendkim
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "Cant find OPEN_DKIM env, signing will be disabled"
|
||||||
|
remove_opendkim
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo 'Finished opendkim boot script'
|
@ -16,8 +16,8 @@ VOLUME ["/mail_settings"]
|
|||||||
COPY boot /
|
COPY boot /
|
||||||
RUN chmod 755 /boot
|
RUN chmod 755 /boot
|
||||||
|
|
||||||
ENV OPEN_DKIM true
|
ENV OPEN_DKIM=true
|
||||||
ENV OPEN_DKIM_PORT_8891_ADDR inet:8891
|
|
||||||
|
|
||||||
EXPOSE 8891
|
EXPOSE 8891
|
||||||
ENTRYPOINT ./boot; service rsyslog start; opendkim -f -p $OPEN_DKIM_PORT_8891_ADDR
|
|
||||||
|
ENTRYPOINT /boot; service rsyslog start; opendkim -f -p inet:8891
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
# Copy OpenDKIM config
|
# Copy OpenDKIM config
|
||||||
cp /mail_settings/opendkim.conf /etc/opendkim.conf
|
cp /mail_settings/opendkim.conf /etc/opendkim.conf
|
||||||
cp /mail_settings/mail.private /etc/dkim.key
|
cp /mail_settings/mail.private /etc/dkim.key
|
||||||
|
Loading…
Reference in New Issue
Block a user