test

Dockerfile

@@ -2,16 +2,10 @@ FROM alpine:3.12
 
 LABEL maintainer="team@appwrite.io"
 
-RUN apk add --no-cache bash exim iproute2
+RUN apk add --no-cache exim
 
-COPY entrypoint.sh /bin/
-COPY set-exim-update-conf /bin/
-
-RUN chmod a+x /bin/entrypoint.sh && \
-    chmod a+x /bin/set-exim-update-conf
+COPY exim.conf /etc/exim/exim.conf
 
 EXPOSE 25
 
-ENTRYPOINT ["/bin/entrypoint.sh"]
-
 CMD ["exim", "-bd", "-q15m", "-v"]

entrypoint.sh

@@ -1,90 +0,0 @@
-#!/bin/bash
-set -e
-
-# Initialize localmacros as an empty file
-echo -n "" > /etc/exim/exim.conf.localmacros
-
-if [ "$MAILNAME" ]; then
-	echo "MAIN_HARDCODE_PRIMARY_HOSTNAME = $MAILNAME" > /etc/exim/exim.conf.localmacros
-	echo $MAILNAME > /etc/mailname
-fi
-
-if [ "$KEY_PATH" -a "$CERTIFICATE_PATH" ]; then
-	if [ "$MAILNAME" ]; then
-	  echo "MAIN_TLS_ENABLE = yes" >>  /etc/exim/exim.conf.localmacros
-	else
-	  echo "MAIN_TLS_ENABLE = yes" >>  /etc/exim/exim.conf.localmacros
-	fi
-	cp $KEY_PATH /etc/exim/exim.key
-	cp $CERTIFICATE_PATH /etc/exim/exim.crt
-	chgrp Debian-exim /etc/exim/exim.key
-	chgrp Debian-exim /etc/exim/exim.crt
-	chmod 640 /etc/exim/exim.key
-	chmod 640 /etc/exim/exim.crt
-fi
-
-opts=(
-	dc_local_interfaces "[0.0.0.0]:${PORT:-25} ; [::0]:${PORT:-25}"
-	dc_other_hostnames ''
-	dc_relay_nets "$(ip addr show dev eth0 | awk '$1 == "inet" { print $2 }' | xargs | sed 's/ /:/g')${RELAY_NETWORKS}"
-)
-
-if [ "$DISABLE_IPV6" ]; then 
-        echo 'disable_ipv6=true' >> /etc/exim/exim.conf.localmacros
-fi
-
-if [ "$GMAIL_USER" -a "$GMAIL_PASSWORD" ]; then
-	opts+=(
-		dc_eximconfig_configtype 'smarthost'
-		dc_smarthost 'smtp.gmail.com::587'
-		dc_relay_domains "${RELAY_DOMAINS}"
-	)
-	echo "*.google.com:$GMAIL_USER:$GMAIL_PASSWORD" > /etc/exim/passwd.client
-elif [ "$SES_USER" -a "$SES_PASSWORD" ]; then
-	opts+=(
-		dc_eximconfig_configtype 'smarthost'
-		dc_smarthost "email-smtp.${SES_REGION:=us-east-1}.amazonaws.com::${SES_PORT:=587}"
-		dc_relay_domains "${RELAY_DOMAINS}"
-	)
-	echo "*.amazonaws.com:$SES_USER:$SES_PASSWORD" > /etc/exim/passwd.client
-# Allow to specify an arbitrary smarthost.
-# Parameters: SMARTHOST_USER, SMARTHOST_PASSWORD: authentication parameters
-# SMARTHOST_ALIASES: list of aliases to puth auth data for (semicolon separated)
-# SMARTHOST_ADDRESS, SMARTHOST_PORT: connection parameters.
-elif [ "$SMARTHOST_ADDRESS" ] ; then
-	opts+=(
-		dc_eximconfig_configtype 'smarthost'
-		dc_smarthost "${SMARTHOST_ADDRESS}::${SMARTHOST_PORT-25}"
-		dc_relay_domains "${RELAY_DOMAINS}"
-	)
-	rm -f /etc/exim/passwd.client
-	if [ "$SMARTHOST_ALIASES" -a "$SMARTHOST_USER" -a "$SMARTHOST_PASSWORD" ] ; then
-		echo "$SMARTHOST_ALIASES;" | while read -d ";" alias; do
-			echo "${alias}:$SMARTHOST_USER:$SMARTHOST_PASSWORD" >> /etc/exim/passwd.client
-		done
-	fi
-elif [ "$RELAY_DOMAINS" ]; then
-	opts+=(
-		dc_relay_domains "${RELAY_DOMAINS}"
-		dc_eximconfig_configtype 'internet'
-	)
-else
-	opts+=(
-		dc_eximconfig_configtype 'internet'
-	)
-fi
-
-# allow to add additional macros by bind-mounting a file
-if [ -f /etc/exim/_docker_additional_macros ]; then
-	cat /etc/exim/_docker_additional_macros >> /etc/exim/exim.conf.localmacros
-fi
-
-# /bin/set-exim-update-conf "${opts[@]}"
-
-echo "debug1"
-cat /etc/exim/exim.conf.localmacros
-echo "debug2"
-cat /etc/exim/exim.conf
-echo "debug3"
-
-exec "$@"

exim.conf

@@ -0,0 +1,110 @@
+######################################################################
+#                    MAIN CONFIGURATION SETTINGS                     #
+######################################################################
+
+keep_environment = LOCAL_DOMAINS : RELAY_TO_DOMAINS : RELAY_FROM_HOSTS : SMARTHOST_PORT : SMARTHOST_HOST : SMARTHOST_USERNAME : SMARTHOST_PASSWORD
+domainlist local_domains = ${env{LOCAL_DOMAINS}{$value} fail}
+domainlist relay_to_domains = ${env{RELAY_TO_DOMAINS}{$value} fail}
+hostlist relay_from_hosts = <; ${env{RELAY_FROM_HOSTS}{$value} fail}
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+tls_advertise_hosts =
+daemon_smtp_ports = 25
+deliver_drop_privilege = true
+never_users = root
+prdr_enable = true
+log_file_path = /var/log/exim/%s
+syslog_duplication = false
+log_selector = \
+  +smtp_protocol_error \
+  +smtp_syntax_error \
+  +sender_on_delivery \
+  +received_recipients
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+######################################################################
+
+begin acl
+
+acl_check_rcpt:
+  accept  hosts         = :
+          control       = dkim_disable_verify
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+  accept  local_parts   = postmaster
+          domains       = +local_domains
+  # require verify        = sender
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+          control       = dkim_disable_verify
+  accept  authenticated = *
+          control       = submission
+          control       = dkim_disable_verify
+  require message	      = nice hosts say HELO first
+          condition	    = ${if def:sender_helo_name}
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+  require verify        = recipient
+  accept
+
+acl_check_data:
+  deny    condition  = ${if > {$max_received_linelength}{998}}
+  accept
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+######################################################################
+
+begin routers
+
+smarthost:
+  driver = manualroute
+  domains = ! +local_domains
+  transport = smarthost_smtp
+  route_data = ${env{SMARTHOST_HOST}{$value} fail}
+  ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1
+
+no_more
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+
+begin transports
+
+smarthost_smtp:
+  driver = smtp
+  port = ${env{SMARTHOST_PORT}{$value} fail}
+  hosts_require_auth = $host_address
+  hosts_require_tls = $host_address
+  message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+
+begin retry
+
+# Address/Domain  Error  Retries
+*                 *      F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+
+begin authenticators
+
+auth_login:
+  driver = plaintext
+  public_name = LOGIN
+  hide client_send = : ${env{SMARTHOST_USERNAME}{$value} fail} : ${env{SMARTHOST_PASSWORD}{$value} fail}
+
+# End of Exim configuration file

set-exim-update-conf

@@ -1,25 +0,0 @@
-#!/bin/bash
-set -e
-
-ls /etc/exim
-
-conf='/etc/exim/exim.conf'
-
-sedExpr=''
-while [ $# -gt 0 ]; do
-	key="$1"
-	value="$2"
-	shift 2
-
-	if ! grep -qE "^#?${key}=" "$conf"; then
-		echo >&2 "error: '$key' not found in '$conf'"
-		exit 1
-	fi
-
-	sed_escaped_value="$(echo "$value" | sed 's/[\/&]/\\&/g')"
-	sedExpr+=$'\n\t'"s/^#?(${key})=.*/\1='${sed_escaped_value}'/;"
-done
-
-set -x
-sed -ri "$sedExpr"$'\n' "$conf"
-update-exim.conf -v