167 lines
8.1 KiB
YAML
167 lines
8.1 KiB
YAML
version: '2'
|
|
services:
|
|
mailserver:
|
|
image: mailserver/docker-mailserver:11.2
|
|
cap_add:
|
|
- NET_ADMIN
|
|
container_name: ${HOST_COMPOSE_PROJECT_NAME}-mailserver
|
|
cpus: 0.5
|
|
domainname: ${DOMAIN}
|
|
environment:
|
|
- OVERRIDE_HOSTNAME=${HOST_MAILSERVER_OVERRIDE_HOSTNAME:-}
|
|
- DMS_DEBUG=${HOST_MAILSERVER_DMS_DEBUG:-0}
|
|
- LOG_LEVEL=${HOST_MAILSERVER_LOG_LEVEL:-info}
|
|
- SUPERVISOR_LOGLEVEL=${HOST_MAILSERVER_SUPERVISOR_LOGLEVEL:-}
|
|
- ONE_DIR=${HOST_MAILSERVER_ONE_DIR:-1}
|
|
- ACCOUNT_PROVISIONER=${HOST_MAILSERVER_ACCOUNT_PROVISIONER:-}
|
|
- POSTMASTER_ADDRESS=${HOST_MAILSERVER_POSTMASTER_ADDRESS:-}
|
|
- ENABLE_UPDATE_CHECK=${HOST_MAILSERVER_ENABLE_UPDATE_CHECK:-0}
|
|
- UPDATE_CHECK_INTERVAL=${HOST_MAILSERVER_UPDATE_CHECK_INTERVAL:-1d}
|
|
- PERMIT_DOCKER=${HOST_MAILSERVER_PERMIT_DOCKER:-none}
|
|
- TZ=${HOST_MAILSERVER_TZ:-${TZ}}
|
|
- NETWORK_INTERFACE=${HOST_MAILSERVER_NETWORK_INTERFACE:-}
|
|
- TLS_LEVEL=${HOST_MAILSERVER_TLS_LEVEL:-}
|
|
- SPOOF_PROTECTION=${HOST_MAILSERVER_SPOOF_PROTECTION:-1}
|
|
- ENABLE_SRS=${HOST_MAILSERVER_ENABLE_SRS:-0}
|
|
- ENABLE_POP3=${HOST_MAILSERVER_ENABLE_POP3:-}
|
|
- ENABLE_CLAMAV=${HOST_MAILSERVER_ENABLE_CLAMAV:-0}
|
|
- ENABLE_AMAVIS=${HOST_MAILSERVER_ENABLE_AMAVIS:-1}
|
|
- AMAVIS_LOGLEVEL=${HOST_MAILSERVER_AMAVIS_LOGLEVEL:-0}
|
|
- ENABLE_DNSBL=${HOST_MAILSERVER_ENABLE_DNSBL:-0}
|
|
- ENABLE_FAIL2BAN=${HOST_MAILSERVER_ENABLE_FAIL2BAN:-0}
|
|
- FAIL2BAN_BLOCKTYPE=${HOST_MAILSERVER_FAIL2BAN_BLOCKTYPE:-drop}
|
|
- ENABLE_MANAGESIEVE=${HOST_MAILSERVER_ENABLE_MANAGESIEVE:-1}
|
|
- POSTSCREEN_ACTION=${HOST_MAILSERVER_POSTSCREEN_ACTION:-enforce}
|
|
- SMTP_ONLY=${HOST_MAILSERVER_SMTP_ONLY:-}
|
|
- SSL_TYPE=${HOST_MAILSERVER_SSL_TYPE:-letsencrypt}
|
|
- SSL_CERT_PATH=${HOST_MAILSERVER_SSL_CERT_PATH:-}
|
|
- SSL_KEY_PATH=${HOST_MAILSERVER_SSL_KEY_PATH:-}
|
|
- SSL_ALT_CERT_PATH=${HOST_MAILSERVER_SSL_ALT_CERT_PATH:-}
|
|
- SSL_ALT_KEY_PATH=${HOST_MAILSERVER_SSL_ALT_KEY_PATH:-}
|
|
- VIRUSMAILS_DELETE_DELAY=${HOST_MAILSERVER_VIRUSMAILS_DELETE_DELAY:-}
|
|
- ENABLE_POSTFIX_VIRTUAL_TRANSPORT=${HOST_MAILSERVER_ENABLE_POSTFIX_VIRTUAL_TRANSPORT:-}
|
|
- POSTFIX_DAGENT=${HOST_MAILSERVER_POSTFIX_DAGENT:-}
|
|
- POSTFIX_MAILBOX_SIZE_LIMIT=${HOST_MAILSERVER_POSTFIX_MAILBOX_SIZE_LIMIT:-}
|
|
- ENABLE_QUOTAS=${HOST_MAILSERVER_ENABLE_QUOTAS:-1}
|
|
- POSTFIX_MESSAGE_SIZE_LIMIT=${HOST_MAILSERVER_POSTFIX_MESSAGE_SIZE_LIMIT:-}
|
|
- CLAMAV_MESSAGE_SIZE_LIMIT=${HOST_MAILSERVER_CLAMAV_MESSAGE_SIZE_LIMIT:-}
|
|
- PFLOGSUMM_TRIGGER=${HOST_MAILSERVER_PFLOGSUMM_TRIGGER:-}
|
|
- PFLOGSUMM_RECIPIENT=${HOST_MAILSERVER_PFLOGSUMM_RECIPIENT:-}
|
|
- PFLOGSUMM_SENDER=${HOST_MAILSERVER_PFLOGSUMM_SENDER:-}
|
|
- LOGWATCH_INTERVAL=${HOST_MAILSERVER_LOGWATCH_INTERVAL:-}
|
|
- LOGWATCH_RECIPIENT=${HOST_MAILSERVER_LOGWATCH_RECIPIENT:-}
|
|
- LOGWATCH_SENDER=${HOST_MAILSERVER_LOGWATCH_SENDER:-}
|
|
- REPORT_RECIPIENT=${HOST_MAILSERVER_REPORT_RECIPIENT:-}
|
|
- REPORT_SENDER=${HOST_MAILSERVER_REPORT_SENDER:-}
|
|
- LOGROTATE_INTERVAL=${HOST_MAILSERVER_LOGROTATE_INTERVAL:-weekly}
|
|
- POSTFIX_INET_PROTOCOLS=${HOST_MAILSERVER_POSTFIX_INET_PROTOCOLS:-all}
|
|
- DOVECOT_INET_PROTOCOLS=${HOST_MAILSERVER_DOVECOT_INET_PROTOCOLS:-all}
|
|
- ENABLE_SPAMASSASSIN=${HOST_MAILSERVER_ENABLE_SPAMASSASSIN:-0}
|
|
- SPAMASSASSIN_SPAM_TO_INBOX=${HOST_MAILSERVER_SPAMASSASSIN_SPAM_TO_INBOX:-1}
|
|
- ENABLE_SPAMASSASSIN_KAM=${HOST_MAILSERVER_ENABLE_SPAMASSASSIN_KAM:-0}
|
|
- MOVE_SPAM_TO_JUNK=${HOST_MAILSERVER_MOVE_SPAM_TO_JUNK:-1}
|
|
- SA_TAG=${HOST_MAILSERVER_SA_TAG:-2.0}
|
|
- SA_TAG2=${HOST_MAILSERVER_SA_TAG2:-6.31}
|
|
- SA_KILL=${HOST_MAILSERVER_SA_KILL:-6.31}
|
|
- SA_SPAM_SUBJECT=${HOST_MAILSERVER_SA_SPAM_SUBJECT:-***SPAM*****}
|
|
- ENABLE_FETCHMAIL=${HOST_MAILSERVER_ENABLE_FETCHMAIL:-0}
|
|
- FETCHMAIL_POLL=${HOST_MAILSERVER_FETCHMAIL_POLL:-300}
|
|
- ENABLE_LDAP=${HOST_MAILSERVER_ENABLE_LDAP:-}
|
|
- LDAP_START_TLS=${HOST_MAILSERVER_LDAP_START_TLS:-}
|
|
- LDAP_SERVER_HOST=${HOST_MAILSERVER_LDAP_SERVER_HOST:-}
|
|
- LDAP_SEARCH_BASE=${HOST_MAILSERVER_LDAP_SEARCH_BASE:-}
|
|
- LDAP_BIND_DN=${HOST_MAILSERVER_LDAP_BIND_DN:-}
|
|
- LDAP_BIND_PW=${HOST_MAILSERVER_LDAP_BIND_PW:-}
|
|
- LDAP_QUERY_FILTER_USER=${HOST_MAILSERVER_LDAP_QUERY_FILTER_USER:-}
|
|
- LDAP_QUERY_FILTER_GROUP=${HOST_MAILSERVER_LDAP_QUERY_FILTER_GROUP:-}
|
|
- LDAP_QUERY_FILTER_ALIAS=${HOST_MAILSERVER_LDAP_QUERY_FILTER_ALIAS:-}
|
|
- LDAP_QUERY_FILTER_DOMAIN=${HOST_MAILSERVER_LDAP_QUERY_FILTER_DOMAIN:-}
|
|
- DOVECOT_TLS=${HOST_MAILSERVER_DOVECOT_TLS:-}
|
|
- DOVECOT_USER_FILTER=${HOST_MAILSERVER_DOVECOT_USER_FILTER:-}
|
|
- DOVECOT_PASS_FILTER=${HOST_MAILSERVER_DOVECOT_PASS_FILTER:-}
|
|
- DOVECOT_MAILBOX_FORMAT=${HOST_MAILSERVER_DOVECOT_MAILBOX_FORMAT:-maildir}
|
|
- DOVECOT_AUTH_BIND=${HOST_MAILSERVER_DOVECOT_AUTH_BIND:-}
|
|
- ENABLE_POSTGREY=${HOST_MAILSERVER_ENABLE_POSTGREY:-0}
|
|
- POSTGREY_DELAY=${HOST_MAILSERVER_POSTGREY_DELAY:-300}
|
|
- POSTGREY_MAX_AGE=${HOST_MAILSERVER_POSTGREY_MAX_AGE:-35}
|
|
- POSTGREY_TEXT=${HOST_MAILSERVER_POSTGREY_TEXT:-"Delayed by Postgrey"}
|
|
- POSTGREY_AUTO_WHITELIST_CLIENTS=${HOST_MAILSERVER_POSTGREY_AUTO_WHITELIST_CLIENTS:-5}
|
|
- ENABLE_SASLAUTHD=${HOST_MAILSERVER_ENABLE_SASLAUTHD:-0}
|
|
- SASLAUTHD_MECHANISMS=${HOST_MAILSERVER_SASLAUTHD_MECHANISMS:-}
|
|
- SASLAUTHD_MECH_OPTIONS=${HOST_MAILSERVER_SASLAUTHD_MECH_OPTIONS:-}
|
|
- SASLAUTHD_LDAP_SERVER=${HOST_MAILSERVER_SASLAUTHD_LDAP_SERVER:-}
|
|
- SASLAUTHD_LDAP_BIND_DN=${HOST_MAILSERVER_SASLAUTHD_LDAP_BIND_DN:-}
|
|
- SASLAUTHD_LDAP_PASSWORD=${HOST_MAILSERVER_SASLAUTHD_LDAP_PASSWORD:-}
|
|
- SASLAUTHD_LDAP_SEARCH_BASE=${HOST_MAILSERVER_SASLAUTHD_LDAP_SEARCH_BASE:-}
|
|
- SASLAUTHD_LDAP_FILTER=${HOST_MAILSERVER_SASLAUTHD_LDAP_FILTER:-}
|
|
- SASLAUTHD_LDAP_START_TLS=${HOST_MAILSERVER_SASLAUTHD_LDAP_START_TLS:-}
|
|
- SASLAUTHD_LDAP_TLS_CHECK_PEER=${HOST_MAILSERVER_SASLAUTHD_LDAP_TLS_CHECK_PEER:-}
|
|
- SASLAUTHD_LDAP_TLS_CACERT_FILE=${HOST_MAILSERVER_SASLAUTHD_LDAP_TLS_CACERT_FILE:-}
|
|
- SASLAUTHD_LDAP_TLS_CACERT_DIR=${HOST_MAILSERVER_SASLAUTHD_LDAP_TLS_CACERT_DIR:-}
|
|
- SASLAUTHD_LDAP_PASSWORD_ATTR=${HOST_MAILSERVER_SASLAUTHD_LDAP_PASSWORD_ATTR:-}
|
|
- SASL_PASSWD=${HOST_MAILSERVER_SASL_PASSWD:-}
|
|
- SASLAUTHD_LDAP_AUTH_METHOD=${HOST_MAILSERVER_SASLAUTHD_LDAP_AUTH_METHOD:-}
|
|
- SASLAUTHD_LDAP_MECH=${HOST_MAILSERVER_SASLAUTHD_LDAP_MECH:-}
|
|
- SRS_SENDER_CLASSES=${HOST_MAILSERVER_SRS_SENDER_CLASSES:-envelope_sender}
|
|
- SRS_EXCLUDE_DOMAINS=${HOST_MAILSERVER_SRS_EXCLUDE_DOMAINS:-}
|
|
- SRS_SECRET=${HOST_MAILSERVER_SRS_SECRET:-}
|
|
- DEFAULT_RELAY_HOST=${HOST_MAILSERVER_DEFAULT_RELAY_HOST:-}
|
|
- RELAY_HOST=${HOST_MAILSERVER_RELAY_HOST:-}
|
|
- RELAY_PORT=${HOST_MAILSERVER_RELAY_PORT:-25}
|
|
- RELAY_USER=${HOST_MAILSERVER_RELAY_USER:-}
|
|
- RELAY_PASSWORD=${HOST_MAILSERVER_RELAY_PASSWORD:-}
|
|
healthcheck:
|
|
test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
|
|
timeout: 3s
|
|
retries: 0
|
|
hostname: ${HOSTNAME}
|
|
labels:
|
|
- SERVICE_25_CHECK_TCP=true
|
|
- SERVICE_25_NAME=${HOST_COMPOSE_SERVICE_NAME}-mailserver-25
|
|
- SERVICE_110_IGNORE=true
|
|
- SERVICE_143_CHECK_TCP=true
|
|
- SERVICE_143_NAME=${HOST_COMPOSE_SERVICE_NAME}-mailserver-143
|
|
- SERVICE_465_CHECK_TCP=true
|
|
- SERVICE_465_NAME=${HOST_COMPOSE_SERVICE_NAME}-mailserver-465
|
|
- SERVICE_587_CHECK_TCP=true
|
|
- SERVICE_587_NAME=${HOST_COMPOSE_SERVICE_NAME}-mailserver-587
|
|
- SERVICE_993_CHECK_TCP=true
|
|
- SERVICE_993_NAME=${HOST_COMPOSE_SERVICE_NAME}-mailserver-993
|
|
- SERVICE_995_IGNORE=true
|
|
- SERVICE_4190_CHECK_TCP=true
|
|
- SERVICE_4190_NAME=${HOST_COMPOSE_SERVICE_NAME}-mailserver-4190
|
|
networks:
|
|
- private
|
|
- public
|
|
ports:
|
|
- "25:25"
|
|
- "143:143"
|
|
- "465:465"
|
|
- "587:587"
|
|
- "993:993"
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- mailserver-config:/tmp/docker-mailserver/
|
|
- mailserver-data:/var/mail
|
|
- mailserver-logs:/var/log/mail
|
|
- mailserver-state:/var/mail-state
|
|
- host:/etc/letsencrypt:ro
|
|
restart: always
|
|
stop_grace_period: 1m
|
|
volumes:
|
|
mailserver-config:
|
|
mailserver-data:
|
|
mailserver-logs:
|
|
mailserver-state:
|
|
host:
|
|
external: true
|
|
name: ${HOST_DOCKER_VOLUME}
|
|
|
|
networks:
|
|
private:
|
|
external: true
|
|
name: ${DOCKER_NETWORK_PRIVATE}
|
|
public:
|
|
external: true
|
|
name: ${DOCKER_NETWORK_PUBLIC}
|