mother-docker-projects/dms-knusperkerne
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

version 1

Browse Source
This commit is contained in:
Lars Klemstein
2025-11-20 22:32:15 +01:00
commit e74a891919
23 changed files with 914 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
README.md Normal file
View File

@@ -0,0 +1,108 @@
# README.md — Docker Mailserver (DMS) Setup for knusperkerne.de
This document describes the stable, minimal configuration of your Docker Mailserver (DMS) installation and the daily operational commands required to manage domains and users.
## 1. Project Structure
The directory contains:
- compose.yml
- .env
- config/postfix-main.cf
- config/postfix-master.cf
- config/postfix-accounts.cf
- config/postfix-virtual.cf
- config/opendkim/*
- volumes: maildata, mailstate, maillogs
- snappymail/ (webmail)
## 2. Services
### mail (Docker Mailserver 12.x)
- Hostname: mailsystem.knusperkerne.de
- Ports: SMTP(25), SUBMISSION(587), IMAPS(993)
- Configuration directory mounted to `/tmp/docker-mailserver`
- SPF-Checks fully disabled via postfix-main.cf and postfix-master.cf overrides
- DKIM enabled via `/config/opendkim`
### snappymail (Webmail)
- Bound to 127.0.0.1:${SNAPPYMAIL_PORT}
- Stores data in ./snappymail
## 3. Essential Admin Commands
All commands are executed inside the mailserver container:
### Enter the container
docker exec -it mailserver bash
### 3.1 Add a domain
Domains do not require a separate explicit create-command.
To ensure DMS recognizes a domain, add a dummy account:
setup email add dms-domain-init@yourdomain.de somepassword
After DNS MX + A records propagate, the domain becomes active.
### 3.2 Add a real user
setup email add USER@DOMAIN.TLD PASSWORD
### 3.3 Change a user password
setup email update USER@DOMAIN.TLD PASSWORD
### 3.4 Delete a user
setup email del USER@DOMAIN.TLD
### 3.5 List all accounts
setup email list
### 3.6 Show mailbox sizes
du -sh /var/mail/vhosts/DOMAIN.TLD/USER/
### 3.7 Rebuild postfix/dovecot after config changes
Supervised automatically at startup; restart the container after modifying any file under config/:
docker compose restart mail
## 4. Config Overrides
### 4.1 postfix-main.cf
- Disables SPF policy checks completely
- Keeps only minimal safe recipient checks:
policyd-spf_time_limit = 0
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
### 4.2 postfix-master.cf
Overrides the policyd-spf service to discard:
policyd-spf unix - n n - 0 discard
### 4.3 postfix-accounts.cf
Auto-generated by DMS. Contains user → password-hash entries.
### 4.4 postfix-virtual.cf
Virtual alias configuration for mail routing.
## 5. DNS Requirements
For each domain:
MX 10 mailsystem.knusperkerne.de
A mailsystem.knusperkerne.de → YOUR.SERVER.IP
SPF TXT (liberal): "v=spf1 a mx ~all"
DKIM: Add the public key from config/opendkim/keys/DOMAIN/mail.txt
## 6. Backup
- Backup volumes: maildata, mailstate
- Backup config/: postfix configs and DKIM keys
- Logs are in maillogs/
## 7. Notes
- SPF checks are intentionally disabled (forwarding-friendly).
- DKIM signing remains active and reliable for reputation.
- DMS v12 receives security updates and remains stable.
- No additional MTA/MDA components are required; Postfix+Dovecot are fully integrated.