GARAGENUM/docker-mail-server
GARAGENUM/docker-mail-server
15
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update DNS conf

Browse Source
This commit is contained in:
Grégory Lebreton 2025-03-23 02:57:29 +01:00
parent 4986e75e87
commit 25f7168e1b
3 changed files with 69 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
README.md
View File

@ -1,27 +1,71 @@
# DOCKER MAIL SERVER (DMS)
Héberger sa boîte mail sur son serveur
Héberger sa boîte mail sur son serveur grâce à [Docker Mail Server](https://github.com/docker-mailserver/docker-mailserver)
## PRE REQUIS :paperclip:
- Docker + compose plugin
- Nom de domaine
- Nom de domaine (ici exemple.com)
- Le port 25 ouvert par son FAI (pas Free !)
## CONFIGURER :wrench:
#### DNS
- mailserver.env
```env
MAIL_DNS=mail.exemple.com
POSTMASTER_ADDRESS=
```
- ISP
- compose.yml
## USAGE :rocket:
- Créer les DNS suivant:
- A record:
```
# mail.exemple.com point sur <IP_SERVER>
mail 10800 IN A <IP_SERVER>
```
- MX record:
```
# ne pas oublier le point à la fin !!!
@ 10800 IN MX 10 mail.exemple.com.
```
- TXT record (ancien SPF deprécié):
```
@ 10800 IN TXT "v=spf1 ip4:<IP_SERVER> ~all"
```
- TXT record (DMARC)
```
_dmarc 10800 IN TXT "v=DMARC1; p=quarantine; sp=reject; rua=mailto:reports@exemple.com; ruf=mailto:forensics@xemple.com; fo=1"
```
- CNAME record (autodiscover conf du server)
```
autodiscover 10800 IN CNAME mail.exemple.com
```
#### ENVS
- Lancer la stack:
```yml
```bash
docker compose up -d
```
- Créer une adresse mail:
```bash
```
- Créer les clefs DKIM:
```bash
```
- Reporter les datas dans un
Relancer la stack pour valider l'usage des clefs DKIM:
```bash
docker compose down && docker compose up -d
```
## DOCUMENTATION :books:
[USAGE](https://docker-mailserver.github.io/docker-mailserver/latest/usage/)
- [DNS]()
- [DMS](https://docker-mailserver.github.io/docker-mailserver/latest/usage/)

21
compose.yml
View File

@ -2,28 +2,25 @@ services:
mailserver:
image: ghcr.io/docker-mailserver/docker-mailserver:latest
container_name: mailserver
# Provide the FQDN of your mail server here (Your DNS MX record should point to this value)
hostname: mail.example.com
hostname: ${MAIL_DNS}
env_file: mailserver.env
# More information about the mail-server ports:
# https://docker-mailserver.github.io/docker-mailserver/latest/config/security/understanding-the-ports/
ports:
- "25:25" # SMTP (explicit TLS => STARTTLS, Authentication is DISABLED => use port 465/587 instead)
- "143:143" # IMAP4 (explicit TLS => STARTTLS)
- "465:465" # ESMTP (implicit TLS)
- "587:587" # ESMTP (explicit TLS => STARTTLS)
- "993:993" # IMAP4 (implicit TLS)
- "25:25"
- "143:143"
- "465:465"
- "587:587"
- "993:993"
volumes:
- ./docker-data/dms/mail-data/:/var/mail/
- ./docker-data/dms/mail-state/:/var/mail-state/
- ./docker-data/dms/mail-logs/:/var/log/mail/
- ./docker-data/dms/config/:/tmp/docker-mailserver/
- ./docker-data/certbot/certs/:/etc/letsencrypt
- /etc/localtime:/etc/localtime:ro
restart: always
stop_grace_period: 1m
# Uncomment if using `ENABLE_FAIL2BAN=1`:
# cap_add:
# - NET_ADMIN
cap_add:
- NET_ADMIN
healthcheck:
test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
timeout: 3s

13
mailserver.env
View File

@ -11,6 +11,7 @@
# empty => uses the `hostname` command to get the mail server's canonical hostname
# => Specify a fully-qualified domainname to serve mail for. This is used for many of the config features so if you can't set your hostname (e.g. you're in a container platform that doesn't let you) specify it in this environment variable.
MAIL_DNS=mail.exemple.com
OVERRIDE_HOSTNAME=
# REMOVED in version v11.0.0! Use LOG_LEVEL instead.
@ -44,7 +45,7 @@ ACCOUNT_PROVISIONER=
# empty => postmaster@domain.com
# => Specify the postmaster address
POSTMASTER_ADDRESS=
POSTMASTER_ADDRESS=postmaster@exemple.com
# Check for updates on container start and then once a day
# If an update is available, a mail is sent to POSTMASTER_ADDRESS
@ -68,7 +69,7 @@ UPDATE_CHECK_INTERVAL=1d
# host => Add docker container network (ipv4 only)
# network => Add all docker container networks (ipv4 only)
# connected-networks => Add all connected docker networks (ipv4 only)
PERMIT_DOCKER=none
PERMIT_DOCKER=network
# Set the timezone. If this variable is unset, the container runtime will try to detect the time using
# `/etc/localtime`, which you can alternatively mount into the container. The value of this variable
@ -90,7 +91,7 @@ TLS_LEVEL=
#
# **0** => (not recommended) Mail address spoofing allowed. Any logged in user may create email messages with a forged sender address (see also https://en.wikipedia.org/wiki/Email_spoofing).
# 1 => Mail spoofing denied. Each user may only send with their own or their alias addresses. Addresses with extension delimiters(http://www.postfix.org/postconf.5.html#recipient_delimiter) are not able to send messages.
SPOOF_PROTECTION=
SPOOF_PROTECTION=1
# Enables the Sender Rewriting Scheme. SRS is needed if your mail server acts as forwarder. See [postsrsd](https://github.com/roehling/postsrsd/blob/master/README.md#sender-rewriting-scheme-crash-course) for further explanation.
# - **0** => Disabled
@ -128,7 +129,7 @@ ENABLE_IMAP=1
# Enables ClamAV, and anti-virus scanner.
# 1 => Enabled
# **0** => Disabled
ENABLE_CLAMAV=0
ENABLE_CLAMAV=1
# Add the value of this ENV as a prefix to the mail subject when spam is detected.
# NOTE: This subject prefix may be redundant (by default spam is delivered to a junk folder).
@ -211,7 +212,7 @@ ENABLE_DNSBL=0
# cap_add:
# - NET_ADMIN
# Otherwise, `nftables` won't be able to ban IPs.
ENABLE_FAIL2BAN=0
ENABLE_FAIL2BAN=1
# Fail2Ban blocktype
# drop => drop packet (send NO reply)
@ -238,7 +239,7 @@ SMTP_ONLY=
# custom => Enables custom certificates
# manual => Let's you manually specify locations of your SSL certificates for non-standard cases
# self-signed => Enables self-signed certificates
SSL_TYPE=
SSL_TYPE=letsencrypt
# These are only supported with `SSL_TYPE=manual`.
# Provide the path to your cert and key files that you've mounted access to within the container.