-
-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
authentication not enabled #1247
Comments
I tried setting However, the default is PAM and I was surprised to see that this doesn't work either. I see endless output like this flying by when I simply enable saslauthd while leaving all other related options on their defaults:
After some research, it seems to me that there is no built-in mechanism at this point to run with SMTP_ONLY and use the existing configured accounts. Or am I missing something? |
Looks like previous discussions confirm my impression, specifically this comment. So the only way to use authentication in an SMTP_ONLY setup is to arrange for it manually. Guess I better dust off old sasl skills and try to do that. |
Right. If you want to improve this and find a general way, feel free to submit a PR. EDIT: at least we could update the readme or FAQ so that the next person can find the answer faster. |
I managed to make it work for my setup. Probably a little way from there to a "general" approach, but I thought it can't hurt to have the details here. I added this to
Then I created a file
I created a file
This file has permissions 660 and belongs to root:45 (to be compatible with the groups in the container). It's mounted as Finally I added a command to my Dockerfile so that the user
With this setup I can now modify the local sasldb file to configure accounts for the running SMTP server. |
Thanks for sharing! |
* Updated FAQ and Tips (markdown) * add a better example for sa-learn cron-jobs * Updated Configure SSL (markdown) * Updated Configure SSL (markdown) * Updated Configure SSL (markdown) * add a plain docker-compose example without docker swarm * change min docker-compose version * remove docker-compose swarm only statement * unify documentation * add a blank line in the docker-compose.yml example * add hint for system cron file * Added info about DMS_DEBUG variable * Typo in link * change user to root. amavis is not sufficient * emphasize difference between user and system crontab * change ham folder to Archives * add consitent comments * SA_SPAM_SUBJECT values * LetsEncrypt has a http challenge that runs http and https. * Created _Footer (markdown) * Updated Installation Examples (markdown) * Revert 2e2c1a9...64f2cfe on _Footer * Add info about mail-state * Fix wrong directory for spamassassin learning * Syntax correction. * Added note about POSTFIX_MESSAGE_SIZE_LIMIT * Updated Configure SSL (markdown) * Updated Configure SPF (markdown) * Updated Configure SSL (markdown) * Added reference to docker-mailserver/docker-mailserver#1247. * Edit backup script * Updated FAQ and Tips (markdown) * Updated FAQ and Tips (markdown) * path for generated certificates has changed * adding note about keys on multiple line * Added note about clamav memory usage and swap. * Replace deliveries/certbot docker image by official certbot/cerbot * Addded example for overriding postfix-master.cf * Added warning about spaces in options * Wrong filebeat config path * Fix wrong volume syntax * Fixed a typo in docker repository name (certbot instead of cerbot) * Spamassing cron directories are wrong for Archive and Inbox. On my fresh install it's not .Archives but .Archive and I don't have a separate INBOX folder, just cur, new etc under main mail dir. * Add sections for catch-all and delete * Added FAQ about naked/bare domains * Improved description for bare domains * updated the deployment manifests. Tested with Kubernetes 1.17 and docker-mailserver v6.2.1 * Add a note on the Biggest flaw of using `hostNetwork` * Proxy setup is nowhere mentioned. * Updated FAQ and Tips (markdown) * Updated FAQ and Tips (markdown) * added user-patches.sh explanation and example * Updated Configure SSL (markdown) * Updated Configure SSL (markdown) * command did not show up with the <> * Filebeat container (v7.0.0) * Updated Using in Kubernetes (markdown) * Rework section on PROXY protocol (including nameless previous change) * add ssl doc: traefik * quota update * quota update * quota update * quota update * Updated Configure Accounts (markdown) * quota update * Updated Configure Accounts (markdown) * Updated FAQ and Tips (markdown) * Add MOVE_SPAM_TO_JUNK * Update SA-learn * Added note about caddy * Update config file mentioned in cron instructions to env-mailserver * Update config file mentioned in cron instructions to env-mailserver * update image: tvial/docker-mailserver ---> always use latest (docker-mailserver/docker-mailserver#1504) * Added mail_max_userip_connections * Adding instructions for Caddy V2 * Updated Configure DKIM (markdown) * Add DMARC guide * Updated Configure DMARC (markdown) * Updated Configure DMARC (markdown) * Updated Configure DMARC (markdown) * Updated Setup docker mailserver using the script setup.sh (markdown) * Updated Configure Accounts (markdown) * Updated FAQ and Tips (markdown) * Updated FAQ and Tips (markdown) * Updated Update and cleanup (markdown) * Updated Update and cleanup (markdown) * Updated Update and cleanup (markdown) * better not to keep outdated example, upstream's doc is the way to go * Updated Configure SSL (markdown) * Updated Configure Accounts (markdown) * Updated Configure Accounts (markdown) * Updated Configure Accounts (markdown) * Updated Configure Accounts (markdown) * Updated Configure Aliases (markdown) * Updated Configure autodiscover (markdown) * Updated Configure DKIM (markdown) * Updated Configure DKIM (markdown) * Updated Configure DMARC (markdown) * Updated Configure ELK (markdown) * Updated FAQ and Tips (markdown) * Updated FAQ and Tips (markdown) * Updated Configure Sieve filters (markdown) * Updated Override Default Dovecot Configuration (markdown) * Updated Override Default Dovecot Configuration (markdown) * Updated Override Default Dovecot Configuration (markdown) * Updated Override Default Dovecot Configuration (markdown) * Updated Configure SPF (markdown) * Updated Configure SPF (markdown) * Updated Configure SPF (markdown) * Updated Configure SPF (markdown) * Updated FAQ and Tips (markdown) * Updated Home (markdown) * Created _Sidebar (markdown) * Updated Setup docker mailserver using the script setup.sh (markdown) * Updated Setup docker mailserver using the script setup.sh (markdown) * Updated Setup docker mailserver using the script setup.sh (markdown) * Updated Setup docker mailserver using the script setup.sh (markdown) * Updated Setup docker mailserver using the script setup.sh (markdown) * Created A mail server's 101 (markdown) * Updated _Sidebar (markdown) * Updated _Sidebar (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Minor changes: `plain text` to `cleartext`, inline codeblock `docker-mailserver`, some rephrasing and grammar fixes * Fix rendering of ASCII flows (assuming this isn't an inconsistency between mono fonts chosen by browsers) * Initial more details page to redirect from README on the ports section * Add ports page under security section, format single lines into sub-bullet points * Revert 936020e...fac8d4a on A mail server's 101 * More details on Submission (Outward vs Inward) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * Updated A mail server's 101 (markdown) * clarification about third-party sending email to dms' MTA * Add flowchart for SMTP, expand on inbound/outband SMTP traffic and ports * Slight changes to Alice and Bob example * Change postfix-aliases.cf to postfix-virtual.cf & add setup.sh alias link * mailto was missing from the forensics receiver (ruf) * Added information about stealth blocks on port 25 * traefik v2 section added * Changed stable to latest for Traefik as the code has not been merged into stable yet * how to set timezone for container * Traefik2's wildcard certificates now work with `:stable` * added warning message for PERMIT_DOCKER=network when using IPv6 (#1405) * added warning message for PERMIT_DOCKER=network when using IPv6 (#1405) * Update for key_type global option with Caddy v2 for people sharing their LE certs between Caddy and docker-mailserver * Updated FAQ and Tips (markdown) * Updated FAQ and Tips (markdown) * add account without restart container * Add Full-text search * Created Full-text search (markdown) * Updated Full text search (markdown) * Updated Full text search (markdown) * Updated _Sidebar (markdown) * Created IPv6 (markdown) * Fix example YAML markdown code block * Add new options to reflect support for SELinux * Moving Caddy pitfall to a dedicated section * Command-line to verify certificate dates * Better highlighting on config blocks * Update "Manage Sieve" link * Mention maintained autodiscover-email-settings * Add a ToDo note * Created Forward-Only mailserver with LDAP authentication (markdown) * Add link to 'Forward-Only mailserver with LDAP authentication' * Describe how to authenticate with LDAP * Mention that RELAY_HOST needs to be set even in advanced mode * style * Updated Setup docker mailserver using the script setup.sh (markdown) * Updated Setup docker mailserver using the script setup.sh (markdown) * Updated _Sidebar (markdown) * Add section to use mailserver with proxy protocol * Updated Installation Examples (markdown) * Otherwise it will completly set the variable and disable any plugins loaded beforehand e.x. quota * Updated Setup docker mailserver using the script setup.sh (markdown) * Updated Configure DKIM (markdown) * Updated Configure DKIM (markdown) * Updated Setup docker mailserver using the script setup.sh (markdown) * adjusting to the migrated repo and improvements * Created _Footer (markdown) * Updated Home (markdown) * Updated Setup docker mailserver using the script setup.sh (markdown) * Updated Configure Accounts (markdown) * Updated Configure Aliases (markdown) * Updated Configure DKIM (markdown) * Updated Configure DKIM (markdown) * Destroyed Configure ELK (markdown) * Updated Setup docker mailserver using the setup.sh script (markdown) * Updated _Sidebar (markdown) * Updated _Sidebar (markdown) * Updated _Sidebar (markdown) * Updated A mail server's 101 (markdown) * Updated _Sidebar (markdown) * Updated _Sidebar (markdown) * Updated Configure Accounts (markdown) * Updated Configure Aliases (markdown) * Updated _Sidebar (markdown) * Updated Configure DKIM (markdown) * Updated Home (markdown) * Updated Home (markdown) * Import wiki Co-authored-by: Christian Glahn <cpglahn@gmail.com> Co-authored-by: Anne <34578028+voordev@users.noreply.github.com> Co-authored-by: Sebastian Wiesendahl <swiesend@users.noreply.github.com> Co-authored-by: Jeremy Shipman <jeremy@burnbright.net> Co-authored-by: MegaXLR <8215278+megaxlr@users.noreply.github.com> Co-authored-by: Albert Louzon <46165265+albert-darillium@users.noreply.github.com> Co-authored-by: marios88 <marios88@gmail.com> Co-authored-by: Thomas Drake <tom@tom-drake.co.uk> Co-authored-by: Thomas VIAL <github@ifusio.com> Co-authored-by: cternes <github@slackspace.de> Co-authored-by: Ovidiu Predescu <ovidiu@gmail.com> Co-authored-by: Erik Wramner <erik@wramner.name> Co-authored-by: lukas <open@mindrunner.de> Co-authored-by: Andreas Perhab <38032588+ap-wtioit@users.noreply.github.com> Co-authored-by: mchamplain <email@mchamplain.com> Co-authored-by: Germain Masse <gmasse@users.noreply.github.com> Co-authored-by: Vilius <34487517+vilisas@users.noreply.github.com> Co-authored-by: Kaan88 <kaankasim88@gmail.com> Co-authored-by: Remo E <remo.eichenberger@gmail.com> Co-authored-by: Claus Beerta <claus@beerta.de> Co-authored-by: odinis <23659698+odinis@users.noreply.github.com> Co-authored-by: Hans-Cees Speel <hanscees@hanscees.com> Co-authored-by: Lars Pötter <justanotherone@gmx.net> Co-authored-by: DuncanvR <DuncanvR@users.noreply.github.com> Co-authored-by: youtous <contact@youtous.me> Co-authored-by: msheakoski <michael.sheakoski@gmail.com> Co-authored-by: rhyst <rhystyers1@gmail.com> Co-authored-by: Oleg Kainov <godfathernn@gmail.com> Co-authored-by: Jean-Denis Vauguet <jd@vauguet.fr> Co-authored-by: Sascha Scandella <sascha.scandella@gmail.com> Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com> Co-authored-by: Amin Vakil <info@aminvakil.com> Co-authored-by: idaadi <idaadi@gmail.com> Co-authored-by: Trangar <victor.koenders@gmail.com> Co-authored-by: Michael <MichaelSp@users.noreply.github.com> Co-authored-by: pyy <pyy@users.noreply.github.com> Co-authored-by: Georg Lauterbach <44545919+aendeavor@users.noreply.github.com> Co-authored-by: squash <josh@shortcutsolutions.net> Co-authored-by: engelant <mumie_die@yahoo.de> Co-authored-by: Luke Cyca <me@lukecyca.com> Co-authored-by: Dorian Ayllón <ayllon.dorian@gmail.com> Co-authored-by: omarc1492 <10967529+omarc1492@users.noreply.github.com> Co-authored-by: William Desportes <williamdes@wdes.fr> Co-authored-by: Patrizio Bekerle <patrizio@bekerle.com> Co-authored-by: Dashamir Hoxha <dashohoxha@gmail.com> Co-authored-by: FL42 <46161216+fl42@users.noreply.github.com> Co-authored-by: Tin <kontakt@martin-becker.ovh>
@oliversturm , that helped a lot. On my side I was able to achieve this without using First I added to the
Then on the
|
I'm running the image with SMTP_ONLY=1 and PERMIT_DOCKER=network. For months now, I have successfully sent email from other docker containers, no problem. External sending was not possible and there were no "emails" configured (as understood by the setup.sh script), only a few aliases.
Now I'm trying to enable sending for a single external account, so that an app running on a different machine can use the server. So I added an "email" account and set a password:
I have since restarted the container (I think that might be important). I can also see the newly created account in postfix-accounts.cf.
However, when the external machine tries to deliver mail to the server, I see this error (on the side of the client):
The server logs show one interesting line: apparently /etc/postfix/vmailbox can't be opened. Not sure what that means though.
Am I missing something here? Do I need to do something else to make the server accept the login attempt?
The text was updated successfully, but these errors were encountered: