No official Postfix image, tailor-made for SimpleLogin, currently exists.
Let's fix that, by providing to the community something very lightweight, secure* (with Let's Encrypt support) and simple to use 💖
Compatibility: this image has been tested in a production environment with SimpleLogin 3.4.0
* if a TLS certificate cannot be automatically generated when starting the container, Postfix will run without TLS activated, until the next attempt (happens every hour)
Can be configured with the following environment variables:
Setting | Description |
---|---|
ALIASES_DEFAULT_DOMAIN | Default domain to use for your aliases. |
DB_HOST | Where is hosted your SimpleLogin PostgreSQL database. |
DB_USER | User to connect to the database. |
DB_PASSWORD | User's password to connect to the database. You can also use DB_PASSWORD_FILE if using with docker secrets. |
DB_NAME | Name of the database. |
EMAIL_HANDLER_HOST | Where is hosted your SimpleLogin email handler instance. |
LETSENCRYPT_EMAIL | Email address used by Let's Encrypt, to send you expiry notices*. |
POSTFIX_FQDN | Fully Qualified Domain Name of your Postfix instance (i.e., the MX server address you configured in your DNS zone for your ALIASES_DEFAULT_DOMAIN). |
RELAY_HOST | If your Postfix instance's IP address is blacklisted (e.g., because it is not a static address), you must use your Internet Service Provider's mail server as a relay, to be able to send emails to the outer world. If RELAY_HOST_USERNAME and RELAY_HOST_PASSWORD specified in Docker Run / Compose, it will enable authentication to SMTP relay host. |
RELAY_HOST_USERNAME | SMTP Relay Host username. |
RELAY_HOST_PASSWORD | SMTP Relay Host password. You can also use RELAY_HOST_PASSWORD_FILE if using with docker secrets. |
TLS_KEY_FILE | Custom key file that provides custom TLS certificate. This disables Let's Encrypt. Useful if you use a reverse proxy which manages your certificates. If you are using Letsencrypt to get certificate, this file name would be: privkey.pem . |
TLS_CERT_FILE | Custom certificate file that provides custom TLS certificate. This disables Let's Encrypt. Useful if you use a reverse proxy which manages your certificates. If you are using Letsencrypt to get certificate, this file name would be: fullchain.pem . |
SIMPLELOGIN_COMPATIBILITY_MODE | Compatibility with Simplelogin major application version. The supported values are v3 and v4 . If not defined, it will default to v3 . |
ENABLE_PROXY_PROTOCOL | Enables Proxy Protocal if postfix is behind a reverse proxy that can use Proxy Protocol like trafik or haproxy . The default value is false . Note: You must also enable this in your reverse to use this feature. |
* automatic renewal is managed with Certbot and shouldn't fail, unless you have reached Let's Encrypt rate limits
NOTE: This project is a fork of Kloügle.
There are some example compose files in examples
that show how to use this container in different scenarios.
If you don't receive emails from SimpleLogin, have a look to Postfix logs:
docker logs -f <POSTFIX_CONTAINER>
If Postfix doesn't seem to use TLS, have a look to Certbot logs:
docker exec -ti <POSTFIX_CONTAINER> cat /var/log/letsencrypt/letsencrypt.log