Skip to content
Marko Schulz 01. December 2024 - 18:50 21. December 2024 - 23:21

Installation Postfix MTA als Docker Container

Zuerst laden wir uns ein Base Image (in diesem Fall Debian) herunter.

docker pull debian:latest

Mit folgenden Befehl können wir uns die installierte Debian Version anzeigen lassen.

docker run --rm -ti debian:latest cat /etc/issue

Nun erstellen wir uns ein Dockerfile wie folgt.

FROM debian:latest
MAINTAINER tuxnet24 <info@tuxnet24.de>

ENV DOCKERIZE_VERSION v0.6.1
ENV DEBIAN_FRONTEND noninteractive
ENV DEBCONF_NOWARNINGS="yes"
ENV LANG en_US.utf8
ENV TZ Europe/Berlin

# install packages
RUN apt-get update && apt-get upgrade -y
RUN apt-get install -y mailutils postfix bash wget
RUN apt-get install -y locales && rm -rf /var/lib/apt/lists/* \
    && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8

# install dockerize
RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
    && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
    && rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz

# copy postfix config file template into image
COPY main.cf.tmpl /etc/postfix/main.cf.tmpl

# copy entrypoint script into an image
COPY docker-entrypoint.sh /

# postfix is listening on port 25
EXPOSE 25
STOPSIGNAL SIGKILL

CMD /docker-entrypoint.sh

Als nächstes erstellen wir ein Init Skript docker-entrypoint.sh mit folgendem Inhalt.

#/bin/bash

# Run dockerize and template file main.cf.tmpl into main.cf
# then start postfix as child process
dockerize -template /etc/postfix/main.cf.tmpl:/etc/postfix/main.cf postfix start-fg

Nun machen wir das Skript noch ausführbar.

chmod +x docker-entrypoint.sh

Dann erstellen wir eine Template Datei main.cf.tmpl für die Postfix Konfiguration.

maillog_file = /dev/stdout
smtp_helo_name = {{ .Env.POSTFIX_SMTP_HELO_NAME }}
myorigin = {{ .Env.POSTFIX_MYORIGIN }}

smtpd_banner = $myhostname ESMTP
biff = no
append_dot_mydomain = no
readme_directory = no

compatibility_level = 2

smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = {{ .Env.POSTFIX_MYHOSTNAME }}
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.localdomain, localhost
relayhost = {{ .Env.POSTFIX_RELAYHOST }}
mynetworks = {{ .Env.POSTFIX_MYNETWORKS }}
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4

Nun bauen wir das Image wie folgt.

docker build -t postfix-debian:latest .

Dann können wir das Image starten. In diesem Fall wird der Port 25 auf 8025 gemappt.

docker run \
        -d \
        --rm \
        --init \
        --env POSTFIX_SMTP_HELO_NAME=localhost \
        --env POSTFIX_MYORIGIN=localhost \
        --env POSTFIX_MYHOSTNAME=localhost \
        --env POSTFIX_RELAYHOST= \
        --env POSTFIX_MYNETWORKS="127.0.0.0/8 192.168.0.0/16 172.16.0.0/12" \
        --name postfix-debian \
        -p 8025:25 \
        postfix-debian:latest

Mit docker ps prüfen wir, ob der Container auch läuft.

CONTAINER ID   IMAGE                   COMMAND                  CREATED       STATUS       PORTS                                                                                                                                                                                                                                                                                                                                                                                            NAMES
9e436504d387   postfix-debian:latest   "/bin/sh -c /docker-…"   2 hours ago   Up 2 hours   0.0.0.0:8025->25/tcp, :::8025->25/tcp

Mit docker exec und dem Befehl cat /etc/postfix/main.cf können wir uns die Konfiguration ansehen.

docker exec -ti 9e436504d387 cat /etc/postfix/main.cf
maillog_file = /dev/stdout
smtp_helo_name = localhost
myorigin = localhost

smtpd_banner = $myhostname ESMTP
biff = no
append_dot_mydomain = no
readme_directory = no

compatibility_level = 2

smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 192.168.0.0/16 172.16.0.0/12
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4

Mit netcat können wir nun die Verbindung zu Port 8025 testen.

nc localhost 8025
220 localhost ESMTP
^C