Docker-mailserver: Is this project mailgun/sendgrid DIY replacement?

Yes, although for what you described you could probably get by with just postfix by itself (or this configured as SMTP-only). You can configure this to do a great many things, including using it in conjuction with services like Mailgun/Sendgrid. In my case, my ISP blocks outbound traffic on port 25, so I have my docker-mailserver container configured to relay outbound mail through Sendgrid, encrypted on port 587 (which my ISP does not block). I will probably never hit more than 100 emails per day so it should remain free for me.

I also use the built-in dovecot service for IMAP mail. I think this project is superior to Mailu (have not looked at the others) because of the full suite of integrated antispam/antimalware features. All very valuable if you plan to publish email addresses on your server in public places, like I do.

I agree with @MakerMatrix. You could use SMTP_ONLY if you like, and the other solutions that were already proposed.

Thanks. Fortunately, my ISP does not block any port so I managed to run it on my home server. Sending and receiving emails works ✓. Now it's the second part "listening to mails that arrive at my server so my app can respond to them." Is it possible to do with postfix only? Do I need to implement my own MDA where postfix will deliver the mails to? Or is there any place where I can attach a hook that executes a script on every email delivery?

You can use pipes in /etc/aliases to redirect incoming email text to arbitrary programs. So if you have an email address like "[email protected]" you’d put something like this in /etc/aliases:

myapp: | myprog <args>

and then run "newaliases" to refresh the database.

Check the postfix docs for syntax, I probably got something wrong (and in sendmail you had to define "myprog" in a separate /etc/smrsh file just so it knew you really meant for it to execute) but you get the idea.

This approach feels a bit hacky (but don't trust my feelings, I'm not familiar with postfix at all 😄 ). Also is there any way of configuring /etc/aliases and /etc/smrsh using /config file only? I can't find anything in List of optional config files & directories, or is it something I would need to add myself?

Also is there any advantage of using this approach, where we add a new service to master.cf that is responsible for triggering the script?

I guess hacky is in the eye of the beholder. Many trouble ticket systems that allow users to interact with the tickets via email work in exactly this way, with a mail gatway script sitting behind a pipe from the system's email address(es).

Speaking of hacky, the guy at your link about using master.cf is using php to write scripts from the commandline. The horror. THE HORROR. :-D

You can configure aliases from config/postfix-aliases.cf and postfix-virtual.cf, but you should do that from the setup.sh script since that is the "supported" way. Is /etc/smrsh needed for postfix? Not sure on that point - I've only done this with sendmail. But anything else you need can be scripted and put into the config/user-patches.sh which gets run every time the container starts (so script it so you check for the changes, then only apply if they haven't been previously).

I don't feel like this is "hacky" at all since SMTP_ONLY for example is supported natively.

Also is there any way of configuring /etc/aliases and /etc/smrsh using /config file only?

You could also use user-patches.sh in the config directory to everything to your needs.

Thank you guys, I'm almost there! Just one more problem. It looks like something is overwriting content of /etc/aliases after user-patches.sh is evaluated.

What I have:

$ ./setup.sh alias list

[email protected] myhook@localhost

# config/user-patches.sh

#!/bin/bash
DATABASE="/etc/aliases"
ALIAS="myhook: |/tmp/docker-mailserver/myhook.sh"

if ! grep -qF "${ALIAS}" "${DATABASE}"; then
  echo "${ALIAS}" >> "${DATABASE}"
  newaliases
  echo "Appended ${ALIAS@Q} to ${DATABASE}"
fi

echo "My user-patches.sh successfully executed"

# config/myhook.sh

#!/bin/bash
cat - | curl -H "Content-Type: text/plain" -X POST --data-binary @- http://server:8000



md5-c4bdc1337a10fa48fb860d24d1b05c3d



mail    | #
mail    | #
mail    | # docker-mailserver
mail    | #
mail    | #
mail    |
mail    | Initializing setup
mail    | Checking configuration
mail    | Configuring mail server
mail    |  Warning Using self-generated dhparams is considered as insecure.
mail    |  Warning Unless you known what you are doing, please remove /etc/dovecot/dh.pem.
mail    | Nameservers 127.0.0.11
mail    |  Warning Spamassassin is disabled. You can enable it with 'ENABLE_SPAMASSASSIN=1'
mail    |  Warning Clamav is disabled. You can enable it with 'ENABLE_CLAMAV=1'
mail    | sed: can't read /etc/cron.daily/spamassassin: No such file or directory
mail    |  Warning Using self-generated dhparams is considered insecure.
mail    |  Warning Unless you known what you are doing, please remove /etc/postfix/dhparams.pem.
mail    | Appended 'no-reply: |/tmp/docker-mailserver/myhook.sh' to /etc/aliases
mail    | My user-patches.sh successfully executed



md5-cfffb17987180f649ad4e594ea9b04ff



$ cat /etc/aliases
root: [email protected]



md5-ca21313547684adaac86e7d246ae36bb



$ /tmp/docker-mailserver/user-patches.sh
Appended 'myhook: |/tmp/docker-mailserver/myhook.sh' to /etc/aliases
My user-patches.sh successfully executed



md5-4513f9c76046392404ea337e92ebb0da



$ cat /etc/aliases
root: [email protected]
myhook: |/tmp/docker-mailserver/myhook.sh



md5-52efbcf2ebd68405a16eb76a0ad6da43



./setup.sh alias add [email protected] myapp@localhost



md5-cc13017a93eb1a393f5b55eb5c9d1bbe



stasbar-mail | 2020-12-11 18:08:41,820 INFO waiting for postfix to stop
stasbar-mail | 2020-12-11 18:08:43,821 INFO waiting for postfix to stop
stasbar-mail | 2020-12-11 18:08:45,821 INFO waiting for postfix to stop
stasbar-mail | Dec 11 18:08:45 mail postfix/master[1553]: terminating on signal 15
stasbar-mail | 2020-12-11 18:08:45,975 INFO reaped unknown pid 1553
stasbar-mail | 2020-12-11 18:08:45,975 INFO reaped unknown pid 1556
stasbar-mail | 2020-12-11 18:08:45,975 INFO reaped unknown pid 2694
stasbar-mail | 2020-12-11 18:08:45,975 INFO reaped unknown pid 448288
stasbar-mail | 2020-12-11 18:08:45,979 INFO stopped: postfix (exit status 0)
stasbar-mail | 2020-12-11 18:08:45,983 INFO spawned: 'postfix' with pid 452454
stasbar-mail | 2020-12-11 18:08:45,983 INFO success: postfix entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
stasbar-mail | 2020-12-11 18:08:46,097 INFO waiting for dovecot to stop
stasbar-mail | Dec 11 18:08:46 mail dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
stasbar-mail | Dec 11 18:08:46 mail postfix/master[453081]: daemon started -- version 3.4.14, configuration /etc/postfix
stasbar-mail | 2020-12-11 18:08:47,105 INFO stopped: dovecot (exit status 0)
stasbar-mail | 2020-12-11 18:08:47,105 INFO reaped unknown pid 1562
stasbar-mail | 2020-12-11 18:08:47,108 INFO spawned: 'dovecot' with pid 453085
stasbar-mail | 2020-12-11 18:08:47,109 INFO success: dovecot entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
stasbar-mail | Dec 11 18:08:47 mail dovecot: master: Dovecot v2.3.4.1 (f79e8e7e4) starting up for imap, lmtp



md5-6d916e27f379bdb7ce2f555c2e5566d8



$ cat /etc/aliases
root: [email protected]

It looks like the postfix runs some script on startup, which overwrite /etc/aliases. Any ideas?

The change detector script overwrites /etc/aliases. Perhaps you can tell supervisor not to run that service from the user patches script?

@erik-wramner seeing that there are some quirks related to the aliases (as already seen in #1706), do you thinks it is intended behaviour of the check-for-changed.sh script to simply overwrite the aliases? This somehow seems odd to me, like there is no real structure...

@MakerMatrix now we know more about the aliases, perhaps this is some very useful information for you:)

Well, that was way before my time, but I think the idea was to let the startup script and then the change detector script own the aliases and update the config/postfix-aliases.cf file instead for custom aliases. Naturally we can change that, we just have to be careful not to break anything.

I understand. With respect to #1709 I think it's still fine to keep this behavior, but we should document somewhere that config/postfix-aliases.cf should be altered by custom scripts (user-patches.sh), don't you think?

It may not be a good idea to directly modify postfix-aliases.cf (though that is a possibility) as some people may have mounted it read only. If we do, make sure that the code handles failure for read-only mounts. I mentioned it to explain how the existing solution works.

Alright. But when the file is mounted read-only, wouldn't the startup scripts as well as the change-detector be unable to modify the file as well?

Hm, you are correct. It is ugly, but I think they do modify the file. In that case we could do it here as well. I don't like it, though, if the file is modified it can accidentally be corrupted if something crashes at the wrong time... But adding this in the start script is not worse than what is already done.

This is a somewhat unpleasant solution as it's not clean, I'm with you there. We should find a way to streamline this whole aliases issue.

I guess this needs it's own issue to track it rather than talking about it here. Can you create one? I'm currently stuck on moby/moby with rootless Docker...

@stasbar thank you for starting the (very necessary) debate on aliases with this issue. As we will re-work aliases with #1721, can this issue be considered done?

@aendeavor Sure, I will subscribe to that thread and wait for the fix. Thank you for your time 😄