From ca2b1fa5939cfb18c787d6c3430deb29152eaa0d Mon Sep 17 00:00:00 2001 From: Eldad Fux Date: Sun, 27 Sep 2020 15:32:04 +0300 Subject: [PATCH] test --- Dockerfile | 10 +--- entrypoint.sh | 90 ----------------------------------- exim.conf | 110 +++++++++++++++++++++++++++++++++++++++++++ set-exim-update-conf | 25 ---------- 4 files changed, 112 insertions(+), 123 deletions(-) delete mode 100644 entrypoint.sh create mode 100644 exim.conf delete mode 100644 set-exim-update-conf diff --git a/Dockerfile b/Dockerfile index a85b92b..d3bc1e7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,16 +2,10 @@ FROM alpine:3.12 LABEL maintainer="team@appwrite.io" -RUN apk add --no-cache bash exim iproute2 +RUN apk add --no-cache exim -COPY entrypoint.sh /bin/ -COPY set-exim-update-conf /bin/ - -RUN chmod a+x /bin/entrypoint.sh && \ - chmod a+x /bin/set-exim-update-conf +COPY exim.conf /etc/exim/exim.conf EXPOSE 25 -ENTRYPOINT ["/bin/entrypoint.sh"] - CMD ["exim", "-bd", "-q15m", "-v"] diff --git a/entrypoint.sh b/entrypoint.sh deleted file mode 100644 index db4744a..0000000 --- a/entrypoint.sh +++ /dev/null @@ -1,90 +0,0 @@ -#!/bin/bash -set -e - -# Initialize localmacros as an empty file -echo -n "" > /etc/exim/exim.conf.localmacros - -if [ "$MAILNAME" ]; then - echo "MAIN_HARDCODE_PRIMARY_HOSTNAME = $MAILNAME" > /etc/exim/exim.conf.localmacros - echo $MAILNAME > /etc/mailname -fi - -if [ "$KEY_PATH" -a "$CERTIFICATE_PATH" ]; then - if [ "$MAILNAME" ]; then - echo "MAIN_TLS_ENABLE = yes" >> /etc/exim/exim.conf.localmacros - else - echo "MAIN_TLS_ENABLE = yes" >> /etc/exim/exim.conf.localmacros - fi - cp $KEY_PATH /etc/exim/exim.key - cp $CERTIFICATE_PATH /etc/exim/exim.crt - chgrp Debian-exim /etc/exim/exim.key - chgrp Debian-exim /etc/exim/exim.crt - chmod 640 /etc/exim/exim.key - chmod 640 /etc/exim/exim.crt -fi - -opts=( - dc_local_interfaces "[0.0.0.0]:${PORT:-25} ; [::0]:${PORT:-25}" - dc_other_hostnames '' - dc_relay_nets "$(ip addr show dev eth0 | awk '$1 == "inet" { print $2 }' | xargs | sed 's/ /:/g')${RELAY_NETWORKS}" -) - -if [ "$DISABLE_IPV6" ]; then - echo 'disable_ipv6=true' >> /etc/exim/exim.conf.localmacros -fi - -if [ "$GMAIL_USER" -a "$GMAIL_PASSWORD" ]; then - opts+=( - dc_eximconfig_configtype 'smarthost' - dc_smarthost 'smtp.gmail.com::587' - dc_relay_domains "${RELAY_DOMAINS}" - ) - echo "*.google.com:$GMAIL_USER:$GMAIL_PASSWORD" > /etc/exim/passwd.client -elif [ "$SES_USER" -a "$SES_PASSWORD" ]; then - opts+=( - dc_eximconfig_configtype 'smarthost' - dc_smarthost "email-smtp.${SES_REGION:=us-east-1}.amazonaws.com::${SES_PORT:=587}" - dc_relay_domains "${RELAY_DOMAINS}" - ) - echo "*.amazonaws.com:$SES_USER:$SES_PASSWORD" > /etc/exim/passwd.client -# Allow to specify an arbitrary smarthost. -# Parameters: SMARTHOST_USER, SMARTHOST_PASSWORD: authentication parameters -# SMARTHOST_ALIASES: list of aliases to puth auth data for (semicolon separated) -# SMARTHOST_ADDRESS, SMARTHOST_PORT: connection parameters. -elif [ "$SMARTHOST_ADDRESS" ] ; then - opts+=( - dc_eximconfig_configtype 'smarthost' - dc_smarthost "${SMARTHOST_ADDRESS}::${SMARTHOST_PORT-25}" - dc_relay_domains "${RELAY_DOMAINS}" - ) - rm -f /etc/exim/passwd.client - if [ "$SMARTHOST_ALIASES" -a "$SMARTHOST_USER" -a "$SMARTHOST_PASSWORD" ] ; then - echo "$SMARTHOST_ALIASES;" | while read -d ";" alias; do - echo "${alias}:$SMARTHOST_USER:$SMARTHOST_PASSWORD" >> /etc/exim/passwd.client - done - fi -elif [ "$RELAY_DOMAINS" ]; then - opts+=( - dc_relay_domains "${RELAY_DOMAINS}" - dc_eximconfig_configtype 'internet' - ) -else - opts+=( - dc_eximconfig_configtype 'internet' - ) -fi - -# allow to add additional macros by bind-mounting a file -if [ -f /etc/exim/_docker_additional_macros ]; then - cat /etc/exim/_docker_additional_macros >> /etc/exim/exim.conf.localmacros -fi - -# /bin/set-exim-update-conf "${opts[@]}" - -echo "debug1" -cat /etc/exim/exim.conf.localmacros -echo "debug2" -cat /etc/exim/exim.conf -echo "debug3" - -exec "$@" \ No newline at end of file diff --git a/exim.conf b/exim.conf new file mode 100644 index 0000000..038110a --- /dev/null +++ b/exim.conf @@ -0,0 +1,110 @@ +###################################################################### +# MAIN CONFIGURATION SETTINGS # +###################################################################### + +keep_environment = LOCAL_DOMAINS : RELAY_TO_DOMAINS : RELAY_FROM_HOSTS : SMARTHOST_PORT : SMARTHOST_HOST : SMARTHOST_USERNAME : SMARTHOST_PASSWORD +domainlist local_domains = ${env{LOCAL_DOMAINS}{$value} fail} +domainlist relay_to_domains = ${env{RELAY_TO_DOMAINS}{$value} fail} +hostlist relay_from_hosts = <; ${env{RELAY_FROM_HOSTS}{$value} fail} +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +tls_advertise_hosts = +daemon_smtp_ports = 25 +deliver_drop_privilege = true +never_users = root +prdr_enable = true +log_file_path = /var/log/exim/%s +syslog_duplication = false +log_selector = \ + +smtp_protocol_error \ + +smtp_syntax_error \ + +sender_on_delivery \ + +received_recipients +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +###################################################################### +# ACL CONFIGURATION # +###################################################################### + +begin acl + +acl_check_rcpt: + accept hosts = : + control = dkim_disable_verify + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + accept local_parts = postmaster + domains = +local_domains + # require verify = sender + accept hosts = +relay_from_hosts + control = submission + control = dkim_disable_verify + accept authenticated = * + control = submission + control = dkim_disable_verify + require message = nice hosts say HELO first + condition = ${if def:sender_helo_name} + require message = relay not permitted + domains = +local_domains : +relay_to_domains + require verify = recipient + accept + +acl_check_data: + deny condition = ${if > {$max_received_linelength}{998}} + accept + +###################################################################### +# ROUTERS CONFIGURATION # +###################################################################### + +begin routers + +smarthost: + driver = manualroute + domains = ! +local_domains + transport = smarthost_smtp + route_data = ${env{SMARTHOST_HOST}{$value} fail} + ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1 + +no_more + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### + +begin transports + +smarthost_smtp: + driver = smtp + port = ${env{SMARTHOST_PORT}{$value} fail} + hosts_require_auth = $host_address + hosts_require_tls = $host_address + message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### + +begin retry + +# Address/Domain Error Retries +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### + +begin authenticators + +auth_login: + driver = plaintext + public_name = LOGIN + hide client_send = : ${env{SMARTHOST_USERNAME}{$value} fail} : ${env{SMARTHOST_PASSWORD}{$value} fail} + +# End of Exim configuration file \ No newline at end of file diff --git a/set-exim-update-conf b/set-exim-update-conf deleted file mode 100644 index 867217c..0000000 --- a/set-exim-update-conf +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -set -e - -ls /etc/exim - -conf='/etc/exim/exim.conf' - -sedExpr='' -while [ $# -gt 0 ]; do - key="$1" - value="$2" - shift 2 - - if ! grep -qE "^#?${key}=" "$conf"; then - echo >&2 "error: '$key' not found in '$conf'" - exit 1 - fi - - sed_escaped_value="$(echo "$value" | sed 's/[\/&]/\\&/g')" - sedExpr+=$'\n\t'"s/^#?(${key})=.*/\1='${sed_escaped_value}'/;" -done - -set -x -sed -ri "$sedExpr"$'\n' "$conf" -update-exim.conf -v \ No newline at end of file