robin.thoni
/
docker-mx-server
Watch 1
Star 0
Fork 0
Code Issues 2 Pull Requests 0 Releases 12 Wiki Activity
Browse Source

added postsrs

feature/postsrs
Robin Thoni 7 years ago
parent
ece22092a9
commit
80586fb16c
14 changed files with 169 additions and 1 deletions
Split View Show Diff Stats
  1. 9
    0
      docker-compose.yml
  2. 4
    0
      dovecot/vars-vars
  3. 4
    0
      env
  4. 4
    0
      milter-sasl/vars-vars
  5. 4
    0
      opendkim/vars-vars
  6. 5
    0
      postfix/config/main.cf
  7. 4
    0
      postfix/vars-vars
  8. 4
    0
      postfixadmin/vars-vars
  9. 30
    0
      postsrs/Dockerfile
  10. 41
    0
      postsrs/config/postsrs.conf
  11. 31
    0
      postsrs/run.sh
  12. 1
    0
      postsrs/vars-files
  13. 27
    0
      postsrs/vars-vars
  14. 1
    1
      update_vars.sh

+ 9
- 0
docker-compose.yml View File 

@@ -81,6 +81,15 @@ services:
81 81 
                   - milter-sasl.mx.internal.docker
82 82 
         env_file:
83 83 
             - env
84 
+    postsrs:
85 
+        build: ./postsrs
86 
+        container_name: mx-postsrs
87 
+        networks:
88 
+            mx.internal.docker:
89 
+                aliases:
90 
+                  - postsrs.mx.internal.docker
91 
+        env_file:
92 
+            - env
84 93
85 94 
 networks:
86 95 
     mx.internal.docker:

+ 4
- 0
dovecot/vars-vars View File 

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18 
 MILTER_SASL_HOST
19 19 
 MILTER_SASL_PORT
20 20
21 
+POSTSRS_HOST
22 
+POSTSRS_PORT_FORWARD
23 
+POSTSRS_PORT_REVERSE
24 
+
21 25 
 EXIM_SMARTHOST_HOST
22 26 
 EXIM_SMARTHOST_USER
23 27 
 EXIM_SMARTHOST_PASSWORD

+ 4
- 0
env View File 

@@ -18,6 +18,10 @@ OPENDKIM_PORT=12345
18 18 
 MILTER_SASL_HOST=milter-sasl.mx.internal.docker
19 19 
 MILTER_SASL_PORT=12345
20 20
21 
+POSTSRS_HOST=postsrs.mx.internal.docker
22 
+POSTSRS_PORT_FORWARD=10001
23 
+POSTSRS_PORT_REVERSE=10002
24 
+
21 25 
 EXIM_SMARTHOST_HOST=test-mx.rthoni.com
22 26 
 EXIM_SMARTHOST_USER=smarthost@test-mx.rthoni.com
23 27 
 EXIM_SMARTHOST_PASSWORD=smarthost

+ 4
- 0
milter-sasl/vars-vars View File 

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18 
 MILTER_SASL_HOST
19 19 
 MILTER_SASL_PORT
20 20
21 
+POSTSRS_HOST
22 
+POSTSRS_PORT_FORWARD
23 
+POSTSRS_PORT_REVERSE
24 
+
21 25 
 EXIM_SMARTHOST_HOST
22 26 
 EXIM_SMARTHOST_USER
23 27 
 EXIM_SMARTHOST_PASSWORD

+ 4
- 0
opendkim/vars-vars View File 

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18 
 MILTER_SASL_HOST
19 19 
 MILTER_SASL_PORT
20 20
21 
+POSTSRS_HOST
22 
+POSTSRS_PORT_FORWARD
23 
+POSTSRS_PORT_REVERSE
24 
+
21 25 
 EXIM_SMARTHOST_HOST
22 26 
 EXIM_SMARTHOST_USER
23 27 
 EXIM_SMARTHOST_PASSWORD

+ 5
- 0
postfix/config/main.cf View File 

@@ -91,3 +91,8 @@ smtpd_relay_restrictions = permit_mynetworks,
91 91 
         reject_unknown_recipient_domain,
92 92 
         reject_unauth_pipelining,
93 93 
         reject_unauth_destination
94 
+
95 
+sender_canonical_maps = tcp:POSTSRS_HOST:POSTSRS_PORT_FORWARD
96 
+sender_canonical_classes = envelope_sender
97 
+recipient_canonical_maps = tcp:POSTSRS_HOST:POSTSRS_PORT_REVERSE
98 
+recipient_canonical_classes = envelope_recipient

+ 4
- 0
postfix/vars-vars View File 

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18 
 MILTER_SASL_HOST
19 19 
 MILTER_SASL_PORT
20 20
21 
+POSTSRS_HOST
22 
+POSTSRS_PORT_FORWARD
23 
+POSTSRS_PORT_REVERSE
24 
+
21 25 
 EXIM_SMARTHOST_HOST
22 26 
 EXIM_SMARTHOST_USER
23 27 
 EXIM_SMARTHOST_PASSWORD

+ 4
- 0
postfixadmin/vars-vars View File 

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18 
 MILTER_SASL_HOST
19 19 
 MILTER_SASL_PORT
20 20
21 
+POSTSRS_HOST
22 
+POSTSRS_PORT_FORWARD
23 
+POSTSRS_PORT_REVERSE
24 
+
21 25 
 EXIM_SMARTHOST_HOST
22 26 
 EXIM_SMARTHOST_USER
23 27 
 EXIM_SMARTHOST_PASSWORD

+ 30
- 0
postsrs/Dockerfile View File 

@@ -0,0 +1,30 @@
1 
+FROM debian:jessie
2 
+
3 
+MAINTAINER Robin Thoni <robin@rthoni.com>
4 
+
5 
+RUN apt-get update &&\
6 
+    apt-get install -y gcc cmake make git &&\
7 
+    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
8 
+
9 
+RUN git clone https://git.rthoni.com/robin.thoni/roehling-postsrsd &&\
10 
+    cd roehling-postsrsd &&\
11 
+    git checkout 1.4 &&\
12 
+    make &&\
13 
+    make install
14 
+
15 
+RUN rm -rf /var/log/* &&\
16 
+    mkfifo /var/log/syslog &&\
17 
+    ln -s /dev/null /var/log/mail.log &&\
18 
+    ln -s /dev/null /var/log/mail.err &&\
19 
+    ln -s /dev/null /var/log/main.info &&\
20 
+    ln -s /dev/null /var/log/messages
21 
+
22 
+COPY ./config/postsrs.conf /etc/default/postsrsd
23 
+
24 
+COPY ./vars-vars /etc/vars-vars
25 
+
26 
+COPY ./vars-files /etc/vars-files
27 
+
28 
+COPY ./run.sh /run.sh
29 
+
30 
+CMD ["/run.sh"]

+ 41
- 0
postsrs/config/postsrs.conf View File 

@@ -0,0 +1,41 @@
1 
+# Default settings for postsrsd
2 
+
3 
+# Local domain name.
4 
+# Addresses are rewritten to originate from this domain. The default value
5 
+# is taken from `postconf -h mydomain` and probably okay.
6 
+#
7 
+SRS_DOMAIN=MAIL_DOMAIN
8 
+
9 
+# Exclude additional domains.
10 
+# You may list domains which shall not be subjected to address rewriting.
11 
+# If a domain name starts with a dot, it matches all subdomains, but not
12 
+# the domain itself. Separate multiple domains by space or comma.
13 
+#
14 
+#SRS_EXCLUDE_DOMAINS=.example.com,example.org
15 
+
16 
+# First separator character after SRS0 or SRS1.
17 
+# Can be one of: -+=
18 
+SRS_SEPARATOR==
19 
+
20 
+# Secret key to sign rewritten addresses.
21 
+# When postsrsd is installed for the first time, a random secret is generated
22 
+# and stored in /etc/postsrsd.secret. For most installations, that's just fine.
23 
+#
24 
+SRS_SECRET=/etc/postsrsd.secret
25 
+
26 
+# Local ports for TCP list.
27 
+# These ports are used to bind the TCP list for postfix. If you change
28 
+# these, you have to modify the postfix settings accordingly. The ports
29 
+# are bound to the loopback interface, and should never be exposed on
30 
+# the internet.
31 
+#
32 
+SRS_FORWARD_PORT=10001
33 
+SRS_REVERSE_PORT=10002
34 
+
35 
+# Drop root privileges and run as another user after initialization.
36 
+# This is highly recommended as postsrsd handles untrusted input.
37 
+#
38 
+RUN_AS=nobody
39 
+
40 
+# Jail daemon in chroot environment
41 
+CHROOT=/usr/local/lib/postsrsd

+ 31
- 0
postsrs/run.sh View File 

@@ -0,0 +1,31 @@
1 
+#! /usr/bin/env bash
2 
+
3 
+replace_var()
4 
+{
5 
+  file="${1}"
6 
+  var="${2}"
7 
+  sed -e "s?${var}?${!var}?g" -i "${file}"
8 
+}
9 
+
10 
+replace_vars()
11 
+{
12 
+  file="${1}"
13 
+  for var in $(cat /etc/vars-vars)
14 
+  do
15 
+    replace_var "${file}" "${var}"
16 
+  done
17 
+}
18 
+
19 
+replace_files()
20 
+{
21 
+  for file in $(cat /etc/vars-files)
22 
+  do
23 
+    replace_vars "${file}"
24 
+  done
25 
+}
26 
+
27 
+replace_files
28 
+
29 
+. /etc/default/postsrsd
30 
+
31 
+postsrsd -f "${SRS_FORWARD_PORT}" -r "${SRS_REVERSE_PORT}" -d "${SRS_DOMAIN}" -s "${SRS_SECRET}" -a "${SRS_SEPARATOR}" -u "${RUN_AS}" -c "${CHROOT}" -X"${SRS_EXCLUDE_DOMAINS}"

+ 1
- 0
postsrs/vars-files View File 

@@ -0,0 +1 @@
1 
+/etc/default/postsrsd

+ 27
- 0
postsrs/vars-vars View File 

@@ -0,0 +1,27 @@
1 
+POSTGRES_HOST
2 
+POSTGRES_USER
3 
+POSTGRES_PASSWORD
4 
+POSTGRES_DB
5 
+
6 
+MAIL_DOMAIN
7 
+MAIL_HOSTNAME
8 
+
9 
+DOVECOT_HOST
10 
+DOVECOT_SASL_PORT
11 
+DOVECOT_LMTP_PORT
12 
+
13 
+POSTFIX_HOST
14 
+
15 
+OPENDKIM_HOST
16 
+OPENDKIM_PORT
17 
+
18 
+MILTER_SASL_HOST
19 
+MILTER_SASL_PORT
20 
+
21 
+POSTSRS_HOST
22 
+POSTSRS_PORT_FORWARD
23 
+POSTSRS_PORT_REVERSE
24 
+
25 
+EXIM_SMARTHOST_HOST
26 
+EXIM_SMARTHOST_USER
27 
+EXIM_SMARTHOST_PASSWORD

+ 1
- 1
update_vars.sh View File 

@@ -1,7 +1,7 @@
1 1 
 #! /usr/bin/env sh
2 2
3 3 
 vars=$(cat env | cut -d= -f1)
4 
-for docker in dovecot opendkim postfix postfixadmin
4 
+for docker in dovecot opendkim postfix postfixadmin milter-sasl postsrs
5 5 
 do
6 6 
   echo "${vars}" > "./${docker}/vars-vars"
7 7 
 done

Write Preview
Loading…
Cancel
Save