Docker Mailserver
Replies: 3 comments 3 replies
-
DMS has it's defaults but you can disable services via ENV, just follow our ENV docs.
Most of what you should need will be covered in the docs. It's usually better if users try to make sense of what we have in the docs, and let us know if there's anything they got stuck with or found was not as straight-forward as they'd like, since that'd help us improve it for future readers of the docs. There is quite a lot of different features, so we can't realistically tailor guidance to each use-case such as yours. I'm not experienced with most of these features myself, so what I share below is a rough outline to get you started but you'll want to double check with our docs, especially with ensuring you get config correct. ExampleThis example is for DMS v15, there's a known breaking change for
Ok so here's a rough services:
dms:
# Example is based on current edge docs, if you use v14 there may be some differences as noted by our CHANGELOG:
# https://github.com/docker-mailserver/docker-mailserver/blob/0ff9c0132a8914d6756739a7a3b085e47870b93d/CHANGELOG.md?plain=1#L9-L20
image: mailserver/docker-mailserver:edge # v15 (unreleased)
container_name: dms
hostname: mail.example.com
# Ports:
# https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/
# - Since you are only receiving mail via getmail you won't need port 25
# - Use 587 or 465 for your mail client to connect to DMS (Postfix) to send mail outbound
# - Use port 143 or 993 for your mail client to connect to DMS (Dovecot) via IMAP to access mail
ports:
- "465:465"
- "993:993"
# https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/
environment:
# You'll probably want to use LetsEncrypt for your TLS connections (or bring your own private certs)
# https://docker-mailserver.github.io/docker-mailserver/edge/config/security/ssl/#lets-encrypt-recommended
SSL_TYPE: letsencrypt
# Outbound relay setup:
# https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-forwarding/relay-hosts/
# All outbound mail will be relayed through this host:
DEFAULT_RELAY_HOST: "[relay-service.com]:587"
# Your relay host credentials for `relay-service.com`:
RELAY_USER: relay-account-here
RELAY_PASSWORD: your-secret-here
# Use getmail6:
# https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-getmail/
# NOTE: Adjust config accordingly, refer to docs link for more information
ENABLE_GETMAIL: 1
# Use rspamd:
# https://docker-mailserver.github.io/docker-mailserver/edge/config/security/rspamd/
# https://github.com/docker-mailserver/docker-mailserver/issues/4202#issuecomment-2381026609
# NOTE: You may need to refer to docs and add other configs
ENABLE_RSPAMD: 1
# Enabling rspamd replaces these services, disable them:
ENABLE_AMAVIS: 0
ENABLE_OPENDKIM: 0
ENABLE_OPENDMARC: 0
ENABLE_POLICYD_SPF: 0
volumes:
# Make sure you get this right, mount the full letsencrypt directory on the host as per our guidance in docs:
- /etc/letsencrypt:/etc/letsencrypt
# During initial setup/testing, these are all optional. Learn more about them from the docs:
# https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/optional-config/
- ./docker-data/dms/mail-data/:/var/mail/
- ./docker-data/dms/mail-state/:/var/mail-state/
- ./docker-data/dms/mail-logs/:/var/log/mail/
- ./docker-data/dms/config/:/tmp/docker-mailserver/
# You'd normally use `volumes` here but for simplicity of the example, all config is contained within `compose.yaml`:
configs:
- source: dms-accounts
target: /tmp/docker-mailserver/postfix-accounts.cf
- source: getmail
target: /tmp/docker-mailserver/getmail/gmail-johnny.cf
- source: xapian
target: /tmp/docker-mailserver/dovecot/fts-xapian-plugin.conf
# Using the Docker Compose `configs.content` feature instead of volume mounting separate files.
# NOTE: This feature requires Docker Compose v2.23.1 (Nov 2023) or newer:
# https://github.com/compose-spec/compose-spec/pull/446
configs:
# DMS requires an account to complete setup, normally you would create one with `setup email add [email protected] secret`,
# which creates a `postfix-accounts.cf` file with contents like below. For a quick example this `compose.yaml` provisions an account for you.
# Docs: https://docker-mailserver.github.io/docker-mailserver/edge/config/account-management/provisioner/file/
#
# Credentials:
# - Username: [email protected]
# - Password (SHA512-CRYPT hashed): secret
dms-accounts:
content: |
[email protected]|{SHA512-CRYPT}$$6$$sbgFRCmQ.KWS5ryb$$EsWrlYosiadgdUOxCBHY0DQ3qFbeudDhNMqHs6jZt.8gmxUwiLVy738knqkHD4zj4amkb296HFqQ3yDq4UXt8.
# IMAP example from DMS docs:
# - Pull mail from [email protected] via IMAP
# - Deliver to DMS local Dovecot for the `[email protected]` account (only use accounts, don't use aliases)
getmail:
content: |
[retriever]
type = SimpleIMAPSSLRetriever
server = imap.gmail.com
username = johnny
password = your-gmail-password-here
[destination]
type = MDA_external
path = /usr/lib/dovecot/deliver
allow_root_commands = true
arguments =("-d","[email protected]")
# Full-text-search Dovecot config for Xapian (example config from DMS docs without opt-in sections):
xapian:
content: |
mail_plugins = $mail_plugins fts fts_xapian
plugin {
fts = xapian
fts_xapian = partial=3 full=20 verbose=0
fts_autoindex = yes
fts_enforced = yes
}
service indexer-worker {
# limit size of indexer-worker RAM usage, ex: 512MB, 1GB, 2GB
vsz_limit = 1GB
}You can provision a LetsEncrypt cert or bring your own from an external source (like the ones you're already using, even if they're LetsEncrypt). Whenever your certs are updated from that host path DMS should recognize that and update them internally for Postfix and Dovecot too. If your |
Beta Was this translation helpful? Give feedback.
-
|
Wow, thank you so much. I will try this setup in the next days and report back. |
Beta Was this translation helpful? Give feedback.
-
|
Do you have positive feedback from people using fts_xapian? Back in the days when i tried to use it was slow, had memory leaks and basically was not very usable. I was very happy when dovecot announced that they will have "official" xapian support with fts_flatcurve in the core dovecot... |
Beta Was this translation helpful? Give feedback.
-
|
I'm not sure if it's much better, you'd have to give it a try. I don't run DMS myself, I just contribute to it. There are users that have expressed in the past year preferring SOLR, which we do mention in our docs (you might need to switch to |
Beta Was this translation helpful? Give feedback.
-
|
And another question: in your docker-compose example, the SHA512 hash of the password to go into the postfix-accounts.cf , particularly the dollar signs, are doubled, while in the DMS docs they are not. Do both ways work, should they be single or double in the context of this example? |
Beta Was this translation helpful? Give feedback.
-
No, it should normally be single |
Beta Was this translation helpful? Give feedback.
-
Hey there,
i am looking into replacing a "Mail VM" that i am using for a long time which runs getmail6, fetches several mail accounts, locally filters them with rspamd and delivers them via dovecot. dovecot running with fts flatcurve (xapian search) extension to provide an actually usable email search through imap, outgoing smtp via relay hosts.
as far as i understand, this could be replicated via DMS, but since its just a tiny subset of the functionality, it is not a well documented workflow. i really dont want to take care of IP reputation, DKIM, dns and all that stuff. So my question is: is there a "how-to" for people like me who just want to (ab)use DMS with this minimal requirements, skipping all the MX DNS config stuff etc?
Would it be straightforward to configure or is DMS insisting on getting the more complicated stuff configured as well?
Beta Was this translation helpful? Give feedback.
All reactions