76 lines
3.2 KiB
YAML
76 lines
3.2 KiB
YAML
version: '3.7'
|
|
|
|
# https://hub.docker.com/r/mailserver/docker-mailserver
|
|
# https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/basic-installation/
|
|
# https://github.com/docker-mailserver/docker-mailserver
|
|
# https://github.com/docker-mailserver/docker-mailserver/blob/master/docs/content/config/advanced/mail-sieve.md
|
|
# https://docker-mailserver.github.io/docker-mailserver/latest/faq/#how-can-i-make-spamassassin-better-recognize-spam
|
|
# https://docker-mailserver.github.io/docker-mailserver/latest/examples/use-cases/imap-folders/#mailboxes-aka-imap-folders
|
|
# https://doc.dovecot.org/configuration_manual/namespace/#core_setting-namespace/mailbox/autoexpunge
|
|
# https://notes.sagredo.eu/en/qmail-notes-185/expunging-expired-junk-and-trash-emails-with-dovecot-124.html
|
|
|
|
# create account: task srv:mail-setup -- email add <user>@<domain>
|
|
|
|
networks:
|
|
mail:
|
|
name: mail
|
|
|
|
services:
|
|
mail:
|
|
image: mailserver/docker-mailserver:12
|
|
container_name: mail
|
|
restart: "${RESTART:-no}"
|
|
hostname: post
|
|
domainname: ${BASE_DOMAIN}
|
|
cap_add:
|
|
- NET_ADMIN # For Fail2Ban to work
|
|
environment:
|
|
- SSL_TYPE=letsencrypt
|
|
# You may want to enable this: https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/#spoof_protection
|
|
# See step 8 below, which demonstrates setup with enabled/disabled SPOOF_PROTECTION:
|
|
- SPOOF_PROTECTION=0
|
|
# Allow sending emails from other docker containers
|
|
# Beware creating an Open Relay: https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/#permit_docker
|
|
- PERMIT_DOCKER=connected-networks
|
|
- ONE_DIR=1
|
|
|
|
- ENABLE_AMAVIS=1
|
|
- ENABLE_POSTGREY=0
|
|
- ENABLE_CLAMAV=0
|
|
- ENABLE_SPAMASSASSIN=1
|
|
- ENABLE_MANAGESIEVE=1
|
|
- ENABLE_FAIL2BAN=1
|
|
|
|
- TZ=${TIMEZONE}
|
|
- POSTMASTER_ADDRESS=postmaster@${BASE_DOMAIN}
|
|
|
|
- SPAMASSASSIN_SPAM_TO_INBOX=1
|
|
- MOVE_SPAM_TO_JUNK=1
|
|
- SA_TAG=-10000.0 # set headers on all mails
|
|
- SA_TAG2=3.75 # above is considered spam
|
|
- SA_KILL=10000.0 # don't bounce/quarantine anything
|
|
- "SA_SPAM_SUBJECT=[SPAM] "
|
|
ports:
|
|
- "25:25" # SMTP (explicit TLS => STARTTLS)
|
|
- "143:143" # IMAP4 (explicit TLS => STARTTLS)
|
|
- "465:465" # ESMTP (implicit TLS)
|
|
- "587:587" # ESMTP (explicit TLS => STARTTLS)
|
|
- "993:993" # IMAP4 (implicit TLS)
|
|
- "4190:4190" # managesieve
|
|
volumes:
|
|
# config
|
|
- ${BASE_DIR:-/srv}/mail/config:/tmp/docker-mailserver/
|
|
- ./mail/fail2ban-jail.cf:/tmp/docker-mailserver/fail2ban-jail.cf:ro
|
|
- ./mail/spamassassin-learn:/etc/cron.d/spamassassin-learn:ro
|
|
- ./mail/15-mailboxes.conf:/etc/dovecot/conf.d/15-mailboxes.conf:ro
|
|
# Mail data
|
|
- ${BASE_DIR:-/srv}/mail/mail-data:/var/mail/
|
|
- ${BASE_DIR:-/srv}/mail/mail-state:/var/mail-state/
|
|
- ${BASE_DIR:-/srv}/mail/mail-logs:/var/log/mail/
|
|
# certificates
|
|
- ${CERTS_DIR}/post.${BASE_DOMAIN}/post.${BASE_DOMAIN}.crt:/etc/letsencrypt/live/post.${BASE_DOMAIN}/fullchain.pem:ro
|
|
- ${CERTS_DIR}/post.${BASE_DOMAIN}/post.${BASE_DOMAIN}.key:/etc/letsencrypt/live/post.${BASE_DOMAIN}/privkey.pem:ro
|
|
networks:
|
|
mail:
|
|
aliases:
|
|
- post.${BASE_DOMAIN}
|