container-server/services/mail/docker-compose.yml

76 lines
3.2 KiB
YAML

version: '3.7'
# https://hub.docker.com/r/mailserver/docker-mailserver
# https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/basic-installation/
# https://github.com/docker-mailserver/docker-mailserver
# https://github.com/docker-mailserver/docker-mailserver/blob/master/docs/content/config/advanced/mail-sieve.md
# https://docker-mailserver.github.io/docker-mailserver/latest/faq/#how-can-i-make-spamassassin-better-recognize-spam
# https://docker-mailserver.github.io/docker-mailserver/latest/examples/use-cases/imap-folders/#mailboxes-aka-imap-folders
# https://doc.dovecot.org/configuration_manual/namespace/#core_setting-namespace/mailbox/autoexpunge
# https://notes.sagredo.eu/en/qmail-notes-185/expunging-expired-junk-and-trash-emails-with-dovecot-124.html
# create account: task srv:mail-setup -- email add <user>@<domain>
networks:
mail:
name: mail
services:
mail:
image: mailserver/docker-mailserver:12
container_name: mail
restart: "${RESTART:-no}"
hostname: post
domainname: ${BASE_DOMAIN}
cap_add:
- NET_ADMIN # For Fail2Ban to work
environment:
- SSL_TYPE=letsencrypt
# You may want to enable this: https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/#spoof_protection
# See step 8 below, which demonstrates setup with enabled/disabled SPOOF_PROTECTION:
- SPOOF_PROTECTION=0
# Allow sending emails from other docker containers
# Beware creating an Open Relay: https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/#permit_docker
- PERMIT_DOCKER=connected-networks
- ONE_DIR=1
- ENABLE_AMAVIS=1
- ENABLE_POSTGREY=0
- ENABLE_CLAMAV=0
- ENABLE_SPAMASSASSIN=1
- ENABLE_MANAGESIEVE=1
- ENABLE_FAIL2BAN=1
- TZ=${TIMEZONE}
- POSTMASTER_ADDRESS=postmaster@${BASE_DOMAIN}
- SPAMASSASSIN_SPAM_TO_INBOX=1
- MOVE_SPAM_TO_JUNK=1
- SA_TAG=-10000.0 # set headers on all mails
- SA_TAG2=3.75 # above is considered spam
- SA_KILL=10000.0 # don't bounce/quarantine anything
- "SA_SPAM_SUBJECT=[SPAM] "
ports:
- "25:25" # SMTP (explicit TLS => STARTTLS)
- "143:143" # IMAP4 (explicit TLS => STARTTLS)
- "465:465" # ESMTP (implicit TLS)
- "587:587" # ESMTP (explicit TLS => STARTTLS)
- "993:993" # IMAP4 (implicit TLS)
- "4190:4190" # managesieve
volumes:
# config
- ${BASE_DIR:-/srv}/mail/config:/tmp/docker-mailserver/
- ./mail/fail2ban-jail.cf:/tmp/docker-mailserver/fail2ban-jail.cf:ro
- ./mail/spamassassin-learn:/etc/cron.d/spamassassin-learn:ro
- ./mail/15-mailboxes.conf:/etc/dovecot/conf.d/15-mailboxes.conf:ro
# Mail data
- ${BASE_DIR:-/srv}/mail/mail-data:/var/mail/
- ${BASE_DIR:-/srv}/mail/mail-state:/var/mail-state/
- ${BASE_DIR:-/srv}/mail/mail-logs:/var/log/mail/
# certificates
- ${CERTS_DIR}/post.${BASE_DOMAIN}/post.${BASE_DOMAIN}.crt:/etc/letsencrypt/live/post.${BASE_DOMAIN}/fullchain.pem:ro
- ${CERTS_DIR}/post.${BASE_DOMAIN}/post.${BASE_DOMAIN}.key:/etc/letsencrypt/live/post.${BASE_DOMAIN}/privkey.pem:ro
networks:
mail:
aliases:
- post.${BASE_DOMAIN}