Skip to content

Basic Postfix server with SASL based SMTP AUTH, ideal for services

License

Notifications You must be signed in to change notification settings

cloudbase/postfix-auth-relay

Repository files navigation

postfix-auth-relay

The purpose of this repository is to provide a Dockerfile and related resources to easily deploy a Postfix service with SMTP authentication and TLS encryption with a certificate optionally provided by Let's Encrypt.

Note: this requires a DNS entry matching your IP and, for your Postfix SMTP service to be trusted by the next hop, a matching reverse DNS PTR record.

Build the docker image:

docker build . -t postfix-auth-relay

Replace "smtp_host_fqdn" in main.cf, nginx/default.conf, docker_certbot_init.sh and docker_certbot_renew.sh. Set also your email in docker_certbot_init.sh.

Start the containers:

mkdir -p certbot/conf
mkdir -p certbot/www
mkdir -p spool
touch sasldb2

docker compose up -d

Get a Let's Encrypt certificate with Certbot:

./docker_certbot_init.sh

Reload Postfix:

docker exec -ti docker-postfix-postfix-1 postfix reload

Create a new user for your SMTP service. This has to be an email address user@domain (e.g. usern1@example.com)

docker exec -ti docker-postfix-postfix-1 saslpasswd2 -c -u domain user

To list the users already defined:

docker exec -ti docker-postfix-postfix-1 sasldblistusers2

A simple Python script to test your SMTP service by sending an email is included:

python3 smtp_auth_test.py \
--host smtp_host_fqdn \
--port port \
--username user@domain \
--password password \
--recipient user@domain

Optionally you can also add --no-login or --no-tls to verify if the SMTP service's authentication and TLS settings are properly configured.

Check the docker logs for any issues:

docker logs docker-postfix-postfix-1

Let's Encrypt certificates have a limited viability, so you migh want to automate the renewal process with e.g. crontab:

0 6 * * 1 /path/to/docker_certbot_renew.sh

About

Basic Postfix server with SASL based SMTP AUTH, ideal for services

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published