Enable smtps on port 465

jchonig · Oct 4, 2024 · e911517 · e911517
1 parent 9fd794c
commit e911517
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 2 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -28,5 +28,6 @@ RUN \
         ca-certificates
 
 EXPOSE 25
+EXPOSE 465
 
 VOLUME /config
diff --git a/README.md b/README.md
@@ -54,13 +54,14 @@ volumes:
 ## Environment Variables (-e)
 
 | Env                            | Function                                                     |
-| ---                            | --------                                                     |
+|--------------------------------|--------------------------------------------------------------|
 | PUID=1000                      | for UserID - see below for explanation                       |
 | PGID=1000                      | for GroupID - see below for explanation                      |
 | USE_SASL=yes                   | Use sasl for user authentication                             |
 | USE_SASLAUTHD=yes              | Use saslauthd                                                |
 | USE_DKIM=yes                   | Not yet implemented                                          |
-| USE_TLS=yes                    | Enable TLS for incoming connectinos                          |
+| USE_TLS=yes                    | Enable STARTTLS for incoming connections on port 25          |
+| USE_SMTPS=yes                  | Enable TLS wrapper on port 465                               |
 | MYHOSTNAME=example.com         | Configure postfix myhostname parameter                       |
 | MYORIGIN=example.com           | Configure postfix myorigin parameter                         |
 | MYDESTINATION=                 | Configure postfix mydestination parameter                    |

diff --git a/root/etc/s6-overlay/s6-rc.d/init-postfix/run b/root/etc/s6-overlay/s6-rc.d/init-postfix/run
@@ -10,6 +10,7 @@ print_vars () {
     echo "    PUID=${PUID}"
     echo "    PGID=${PGID}"
     echo "    USE_TLS=${USE_TLS}"
+    echo "    USE_SMTPS=${USE_SMTPS}"
     echo "    MYHOSTNAME=${MYHOSTNAME}"
     echo "    MYORIGIN=${MYORIGIN}"
     echo "    MYDESTINATION=${MYDESTINATION}"
@@ -78,6 +79,16 @@ case ${USE_TLS} in
 	else
 	    postconf -e smtpd_tls_security_level=encrypt
 	fi
+	case ${USE_SMTPS} in
+	    yes|true)
+		postconf -M submissions/inet="submissions inet n - - - - smtpd"
+		postconf -P "submissions/inet/smtpd_tls_wrappermode=yes"
+		postconf -P "submissions/inet/smtpd_sasl_auth_enable=yes"
+		postconf -P "submissions/inet/smtpd_client_restrictions=permit_sasl_authenticated,reject"
+		postconf -P "submissions/inet/smtpd_relay_restrictions=permit_sasl_authenticated,reject"
+		postconf -P "submissions/inet/milter_macro_daemon_name=ORIGINATING"	
+		;;
+	esac
     ;;
 esac