3.0 KiB
README.md — Docker Mailserver (DMS) Setup for knusperkerne.de
This document describes the stable, minimal configuration of your Docker Mailserver (DMS) installation and the daily operational commands required to manage domains and users.
1. Project Structure
The directory contains:
- compose.yml
- .env
- config/postfix-main.cf
- config/postfix-master.cf
- config/postfix-accounts.cf
- config/postfix-virtual.cf
- config/opendkim/*
- volumes: maildata, mailstate, maillogs
- snappymail/ (webmail)
2. Services
mail (Docker Mailserver 12.x)
- Hostname: mailsystem.knusperkerne.de
- Ports: SMTP(25), SUBMISSION(587), IMAPS(993)
- Configuration directory mounted to
/tmp/docker-mailserver - SPF-Checks fully disabled via postfix-main.cf and postfix-master.cf overrides
- DKIM enabled via
/config/opendkim
snappymail (Webmail)
- Bound to 127.0.0.1:${SNAPPYMAIL_PORT}
- Stores data in ./snappymail
3. Essential Admin Commands
All commands are executed inside the mailserver container:
Enter the container
docker exec -it mailserver bash
3.1 Add a domain
Domains do not require a separate explicit create-command.
To ensure DMS recognizes a domain, add a dummy account:
setup email add dms-domain-init@yourdomain.de somepassword
After DNS MX + A records propagate, the domain becomes active.
3.2 Add a real user
setup email add USER@DOMAIN.TLD PASSWORD
3.3 Change a user password
setup email update USER@DOMAIN.TLD PASSWORD
3.4 Delete a user
setup email del USER@DOMAIN.TLD
3.5 List all accounts
setup email list
3.6 Show mailbox sizes
du -sh /var/mail/vhosts/DOMAIN.TLD/USER/
3.7 Rebuild postfix/dovecot after config changes
Supervised automatically at startup; restart the container after modifying any file under config/: docker compose restart mail
4. Config Overrides
4.1 postfix-main.cf
- Disables SPF policy checks completely
- Keeps only minimal safe recipient checks:
policyd-spf_time_limit = 0 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
4.2 postfix-master.cf
Overrides the policyd-spf service to discard:
policyd-spf unix - n n - 0 discard
4.3 postfix-accounts.cf
Auto-generated by DMS. Contains user → password-hash entries.
4.4 postfix-virtual.cf
Virtual alias configuration for mail routing.
5. DNS Requirements
For each domain:
MX 10 mailsystem.knusperkerne.de
A mailsystem.knusperkerne.de → YOUR.SERVER.IP
SPF TXT (liberal): "v=spf1 a mx ~all"
DKIM: Add the public key from config/opendkim/keys/DOMAIN/mail.txt
6. Backup
- Backup volumes: maildata, mailstate
- Backup config/: postfix configs and DKIM keys
- Logs are in maillogs/
7. Notes
- SPF checks are intentionally disabled (forwarding-friendly).
- DKIM signing remains active and reliable for reputation.
- DMS v12 receives security updates and remains stable.
- No additional MTA/MDA components are required; Postfix+Dovecot are fully integrated.