added milter-sasl

docker-compose.yml

         env_file:
             - env
 
+    milter-sasl:
+        build: ./milter-sasl
+        container_name: mx-milter-sasl
+        networks:
+            mx.internal.docker:
+                aliases:
+                  - milter-sasl.mx.internal.docker
+        env_file:
+            - env
+
 networks:
     mx.internal.docker:

dovecot/vars-vars

 OPENDKIM_HOST
 OPENDKIM_PORT
 
+MILTER_SASL_HOST
+MILTER_SASL_PORT
+
 EXIM_SMARTHOST_HOST
 EXIM_SMARTHOST_USER
 EXIM_SMARTHOST_PASSWORD

env

 OPENDKIM_HOST=opendkim.mx.internal.docker
 OPENDKIM_PORT=12345
 
+MILTER_SASL_HOST=milter-sasl.mx.internal.docker
+MILTER_SASL_PORT=12345
+
 EXIM_SMARTHOST_HOST=test-mx.rthoni.com
 EXIM_SMARTHOST_USER=smarthost@test-mx.rthoni.com
 EXIM_SMARTHOST_PASSWORD=smarthost

milter-sasl/Dockerfile

+FROM debian:jessie
+
+MAINTAINER Robin Thoni <robin@rthoni.com>
+
+RUN apt-get update &&\
+    apt-get install -y gcc g++ cmake libssl-dev libjsoncpp-dev libmilter-dev git &&\
+    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+RUN git clone https://git.rthoni.com/robin.thoni/milter-sasl &&\
+    cd milter-sasl && git checkout develop  &&\
+    mkdir build && cd build &&\
+    cmake .. && make &&\
+    cp src/milter-sasl /usr/local/bin
+
+RUN rm -rf /var/log/* &&\
+    mkfifo /var/log/syslog &&\
+    ln -s /dev/null /var/log/mail.log &&\
+    ln -s /dev/null /var/log/mail.err &&\
+    ln -s /dev/null /var/log/main.info &&\
+    ln -s /dev/null /var/log/messages
+
+COPY ./config /etc/milter-sasl/
+
+COPY ./vars-vars /etc/vars-vars
+
+COPY ./vars-files /etc/vars-files
+
+COPY ./run.sh /run.sh
+
+CMD ["/run.sh"]

milter-sasl/config/milter-sasl.json

+{
+  "key": "your key here",
+  "socket": "inet:MILTER_SASL_PORT@0.0.0.0"
+}

milter-sasl/run.sh

+#! /usr/bin/env bash
+
+replace_var()
+{
+  file="${1}"
+  var="${2}"
+  sed -e "s?${var}?${!var}?g" -i "${file}"
+}
+
+replace_vars()
+{
+  file="${1}"
+  for var in $(cat /etc/vars-vars)
+  do
+    replace_var "${file}" "${var}"
+  done
+}
+
+replace_files()
+{
+  for file in $(cat /etc/vars-files)
+  do
+    replace_vars "${file}"
+  done
+}
+
+replace_files
+
+milter-sasl

milter-sasl/vars-files

+/etc/milter-sasl/milter-sasl.json

milter-sasl/vars-vars

+POSTGRES_HOST
+POSTGRES_USER
+POSTGRES_PASSWORD
+POSTGRES_DB
+
+MAIL_DOMAIN
+MAIL_HOSTNAME
+
+DOVECOT_HOST
+DOVECOT_SASL_PORT
+DOVECOT_LMTP_PORT
+
+POSTFIX_HOST
+
+OPENDKIM_HOST
+OPENDKIM_PORT
+
+MILTER_SASL_HOST
+MILTER_SASL_PORT
+
+EXIM_SMARTHOST_HOST
+EXIM_SMARTHOST_USER
+EXIM_SMARTHOST_PASSWORD

opendkim/config/opendkim.conf

 KeyTable                refile:/etc/opendkim/KeyTable
 SigningTable            refile:/etc/opendkim/SigningTable
 
+SignHeaders             Date,From,To,Subject,X-Sasl-User
+
 Mode                    sv
 PidFile                 /var/run/opendkim/opendkim.pid
 SignatureAlgorithm      rsa-sha256

opendkim/vars-vars

 OPENDKIM_HOST
 OPENDKIM_PORT
 
+MILTER_SASL_HOST
+MILTER_SASL_PORT
+
 EXIM_SMARTHOST_HOST
 EXIM_SMARTHOST_USER
 EXIM_SMARTHOST_PASSWORD

postfix/config/main.cf

 
 milter_default_action = accept
 milter_protocol = 6
-smtpd_milters = inet:OPENDKIM_HOST:OPENDKIM_PORT
+smtpd_milters = inet:MILTER_SASL_HOST:MILTER_SASL_PORT,
+                inet:OPENDKIM_HOST:OPENDKIM_PORT
 non_smtpd_milters = inet:OPENDKIM_HOST:OPENDKIM_PORT
 smtpd_relay_restrictions = permit_mynetworks,
         permit_sasl_authenticated,

postfix/vars-vars

 OPENDKIM_HOST
 OPENDKIM_PORT
 
+MILTER_SASL_HOST
+MILTER_SASL_PORT
+
 EXIM_SMARTHOST_HOST
 EXIM_SMARTHOST_USER
 EXIM_SMARTHOST_PASSWORD

postfixadmin/vars-vars

 OPENDKIM_HOST
 OPENDKIM_PORT
 
+MILTER_SASL_HOST
+MILTER_SASL_PORT
+
 EXIM_SMARTHOST_HOST
 EXIM_SMARTHOST_USER
 EXIM_SMARTHOST_PASSWORD