lostakj/postfix-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
10 Commits 1 Branch 1 Tag
6fcd061f71907282ca4c747c58e01bef7d0988fd
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jan Lošťák 6fcd061f71
All checks were successful
Build Docker image on push / docker (push) Successful in 7s
Details
Build and push Docker image on tag / docker (push) Successful in 41s
Details
Fixed entrypoint
2026-03-29 09:02:13 +02:00
.gitea/workflows
Fixed typo
2026-03-27 21:02:10 +01:00
Dockerfile
Fixed buildx issue
2026-03-28 01:06:48 +01:00
entrypoint.sh
Fixed entrypoint
2026-03-29 09:02:13 +02:00
LICENSE
Initial commit
2026-03-27 03:09:40 +00:00
README.md
Fixed buildx issue
2026-03-28 01:06:48 +01:00

README.md

Building the image

docker build --rm -t postfix:latest .

Running the image

docker run -it --rm --name test \
  -p 25:25 \
  -p 465:465 \
  -p 587:587 \
  postfix:latest

Example with custom values:

docker run -it --rm --name test \
  -p 25:25 \
  -p 465:465 \
  -p 587:587 \
  -e POSTFIX_MYHOSTNAME=mail.example.com \
  -e POSTFIX_MYDOMAIN=example.com \
  -e POSTFIX_MYNETWORKS="127.0.0.0/8 [::1]/128 10.0.0.0/8" \
  -e POSTFIX_SMTPD_TLS_SECURITY_LEVEL=may \
  postfix:latest

Environment variables

These values are defaults and can be overridden by setting environment variables.

Core settings

# SMTP greeting banner.
POSTFIX_SMTPD_BANNER="$myhostname ESMTP $mail_name ($mail_version)"

# Enable standard SMTP on port 25.
POSTFIX_SMTP_ENABLED="yes"

# Enable submission on port 587.
POSTFIX_SUBMISSION_ENABLED="yes"

# Enable SMTPS on port 465.
POSTFIX_SMTPS_ENABLED="yes"

# TLS security level for the SMTP server.
# Common values:
#   none    - disable TLS
#   may     - offer STARTTLS if available
#   encrypt - require TLS
POSTFIX_SMTPD_TLS_SECURITY_LEVEL="may"

# Allow SASL authentication only over TLS.
POSTFIX_SMTPD_TLS_AUTH_ONLY="yes"

# Path to SMTP server certificate in PEM format.
POSTFIX_SMTPD_TLS_CERT_FILE="/etc/ssl/certs/ssl-cert-snakeoil.pem"

# Path to SMTP server private key in PEM format.
POSTFIX_SMTPD_TLS_KEY_FILE="/etc/ssl/private/ssl-cert-snakeoil.key"

# CA certificate directory for the Postfix SMTP client.
POSTFIX_SMTP_TLS_CAPATH="/etc/ssl/certs"

# TLS security level for outgoing SMTP client connections.
POSTFIX_SMTP_TLS_SECURITY_LEVEL="encrypt"

# TLS session cache database for outgoing SMTP client connections.
POSTFIX_SMTP_TLS_SESSION_CACHE_DATABASE="btree:$data_directory/smtp_scache"

# Hostname of this mail server.
POSTFIX_MYHOSTNAME="$(hostname --fqdn 2>/dev/null || hostname)"

# Mail domain of this server.
POSTFIX_MYDOMAIN="$POSTFIX_MYHOSTNAME"

# Trusted client networks.
POSTFIX_MYNETWORKS="127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8"

# Interfaces Postfix listens on.
POSTFIX_INET_INTERFACES="all"

# Internet protocols Postfix uses.
POSTFIX_INET_PROTOCOLS="all"

# Relay restrictions for smtpd.
POSTFIX_SMTPD_RELAY_RESTRICTIONS="permit_mynetworks, defer_unauth_destination"

# Recipient restrictions for smtpd.
POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS="permit_mynetworks, reject_unauth_destination"

# Relay host for outgoing mail, for example:
#   [smtp.example.com]:587
POSTFIX_RELAYHOST=""

# Final local destinations for this mail server.
POSTFIX_MYDESTINATION="$myhostname, localhost.$mydomain, localhost, $mydomain"

# Milter protocol version.
POSTFIX_MILTER_PROTOCOL="6"

# Default action when a milter is unavailable.
POSTFIX_MILTER_DEFAULT_ACTION="accept"

# Timeout for HELO/EHLO when Postfix acts as SMTP client.
POSTFIX_RELAY_SMTP_HELO_TIMEOUT="5"

# Timeout for connect when Postfix acts as SMTP client.
POSTFIX_RELAY_SMTP_CONNECT_TIMEOUT="5"

# Milters for mail received via smtpd.
# Example value:
#   opendkim:8891
# The script adds the "inet:" prefix automatically.
POSTFIX_SMTPD_MILTERS=""

# Milters for mail not received via smtpd.
# Example value:
#   opendkim:8891
# The script adds the "inet:" prefix automatically.
POSTFIX_NON_SMTPD_MILTERS=""

Miscellaneous settings

# Enable or disable biff notifications.
POSTFIX_BIFF="no"

# Postfix log output file.
POSTFIX_MAILLOG_FILE="/dev/stdout"

# Debug peer level.
POSTFIX_DEBUG_PEER_LEVEL="1"

# Postfix compatibility level.
POSTFIX_COMPATIBILITY_LEVEL="3.6"

# Append .$mydomain to locally-posted mail addresses without domain part.
POSTFIX_APPEND_DOT_MYDOMAIN="no"

# Path to Postfix README directory, or "no" to disable.
POSTFIX_README_DIRECTORY="no"

# Local mailbox delivery command.
POSTFIX_MAILBOX_COMMAND='procmail -a "$EXTENSION"'

# Maximum mailbox size in bytes, 0 means unlimited.
POSTFIX_MAILBOX_SIZE_LIMIT="0"

# Address extension delimiter.
POSTFIX_RECIPIENT_DELIMITER="+"

# TLS security level for submission service in master.cf.
POSTFIX_SUBMISSION_TLS_SECURITY_LEVEL="encrypt"

# Enable or disable TLS wrapper mode for SMTPS service in master.cf.
POSTFIX_SMTPS_TLS_WRAPPERMODE="yes"

Notes

  • The container automatically generates /etc/postfix/master.cf at startup.
  • The container configures /etc/postfix/main.cf using postconf -e.
  • /etc/aliases is created automatically if missing, and newaliases is run on startup.
  • /etc/resolv.conf is copied into /var/spool/postfix/etc/resolv.conf so DNS lookups work in chrooted Postfix services.
  • POSTFIX_SMTPD_MILTERS and POSTFIX_NON_SMTPD_MILTERS should contain only host:port. The script adds the inet: prefix automatically.
Reference in New Issue View Git Blame Copy Permalink
Description
A lightweight Postfix mail server packaged as a Docker image, designed for simple deployment, configuration, and integration into self-hosted infrastructure.
dockerpostfix
Readme MIT 46 KiB
Releases 1
v3.10.8 Latest
2026-03-29 07:03:25 +00:00
Languages
Shell 76%
Dockerfile 24%