version: '3.7' # https://hub.docker.com/r/mailserver/docker-mailserver # https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/basic-installation/ # https://github.com/docker-mailserver/docker-mailserver # https://github.com/docker-mailserver/docker-mailserver/blob/master/docs/content/config/advanced/mail-sieve.md # create account: task srv:mail-setup -- email add @ networks: mail: name: mail services: mail: image: mailserver/docker-mailserver:11 container_name: mail restart: "${RESTART:-no}" hostname: mail domainname: ${BASE_DOMAIN} environment: - ACCOUNT_PROVISIONER=LDAP - LDAP_SERVER_HOST=ldap - LDAP_SEARCH_BASE='dc=ldap,dc=goauthentik,dc=io' - LDAP_BIND_DN='cn=ldapservice,ou=users,dc=ldap,dc=goauthentik,dc=io' - LDAP_BIND_PW=${AUTHENTIK_LDAP_BIND_PW} - LDAP_QUERY_FILTER_USER='(&(mail=%s)(memberOf=*mailusers*))' - LDAP_QUERY_FILTER_ALIAS='(&(mailAlias=%s)(memberOf=*mailusers*))' - LDAP_QUERY_FILTER_DOMAIN='(&(|(mail=*@%s)(mailAlias=*@%s))(memberOf=*mailusers*))' - LDAP_QUERY_FILTER_SENDERS='(|(memberOf=*admins*)(&(|(mail=%s)(mailAlias=%s))(memberOf=*mailusers*)))' - DOVECOT_USER_FILTER='(&(mail=%u)(memberOf=*mailusers*))' - DOVECOT_PASS_ATTRS='mail=user' - DOVECOT_AUTH_BIND=yes - ENABLE_FAIL2BAN=0 # Using letsencrypt for SSL/TLS certificates - SSL_TYPE=letsencrypt # Allow sending emails from other docker containers # Beware creating an Open Relay: https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/#permit_docker - PERMIT_DOCKER=connected-networks # All env below are default settings: - ONE_DIR=1 - ENABLE_POSTGREY=0 - ENABLE_CLAMAV=0 - ENABLE_SPAMASSASSIN=0 - ENABLE_MANAGESIEVE=1 # You may want to enable this: https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/#spoof_protection # See step 8 below, which demonstrates setup with enabled/disabled SPOOF_PROTECTION: - SPOOF_PROTECTION=0 - TZ=${TIMEZONE} ports: - "25:25" - "143:143" - "587:587" - "465:465" - "993:993" - "4190:4190" # managesieve volumes: # config - ./mail/config/dovecot-local.conf:/etc/dovecot/local.conf:ro - ${BASE_DIR:-/srv}/mail/config:/tmp/docker-mailserver/ # Mail data - ${BASE_DIR:-/srv}/mail/mail-data:/var/mail/ - ${BASE_DIR:-/srv}/mail/mail-state:/var/mail-state/ - ${BASE_DIR:-/srv}/mail/mail-logs:/var/log/mail/ # certificates - ${CERTS_DIR}/mail.${BASE_DOMAIN}/mail.${BASE_DOMAIN}.crt:/etc/letsencrypt/live/mail.${BASE_DOMAIN}/fullchain.pem:ro - ${CERTS_DIR}/mail.${BASE_DOMAIN}/mail.${BASE_DOMAIN}.key:/etc/letsencrypt/live/mail.${BASE_DOMAIN}/privkey.pem:ro # - ${CERTS_DIR}/mail.${BASE_DOMAIN}:/etc/letsencrypt/live/ networks: - mail - auth # cap_add: # - NET_ADMIN # For Fail2Ban to work