2025-03-16 19:37:44 +01:00
|
|
|
#!/bin/bash
|
|
|
|
|
if [ -z "$SMTP_HOST" ]; then
|
|
|
|
|
echo "SMTP_HOST is required"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
if [ -z "$SMTP_PORT" ]; then
|
|
|
|
|
echo "SMTP_PORT is required"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
if [ -z "$SMTP_USER" ]; then
|
|
|
|
|
echo "SMTP_USER is required"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
if [ -z "$SMTP_PASSWORD" ]; then
|
|
|
|
|
echo "SMTP_PASSWORD is required"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
if [ -z "$DOVECOT_AUTH_ADDRESS" ]; then
|
|
|
|
|
echo "DOVECOT_AUTH_ADDRESS is required"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
if [ -z "$DOVECOT_AUTH_PORT" ]; then
|
|
|
|
|
echo "DOVECOT_AUTH_PORT is required"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
postconf -e "myhostname=$MAILNAME"
|
2025-04-24 19:15:04 +02:00
|
|
|
postconf -e "mydomain=$MY_PRIMARY_DOMAIN"
|
|
|
|
|
postconf -e "myorigin=$MY_PRIMARY_DOMAIN"
|
|
|
|
|
postconf -e "smtpd_banner=\$myhostname ESMTP \$mail_name"
|
|
|
|
|
postconf -e "mydestination=$MY_DESTINATION"
|
2025-03-16 19:37:44 +01:00
|
|
|
|
|
|
|
|
# Relay configuration
|
|
|
|
|
postconf -e "relayhost=[$SMTP_HOST]:$SMTP_PORT"
|
|
|
|
|
postconf -e "smtp_sasl_auth_enable=yes"
|
|
|
|
|
postconf -e "smtp_sasl_password_maps=static:$SMTP_USER:$SMTP_PASSWORD"
|
|
|
|
|
postconf -e "smtp_sasl_security_options=noanonymous"
|
|
|
|
|
postconf -e "smtp_tls_security_level=encrypt"
|
|
|
|
|
postconf -e "smtp_use_tls=yes"
|
|
|
|
|
postconf -e "smtp_tls_CAfile=/etc/ssl/certs/ca-certificates.crt"
|
|
|
|
|
|
|
|
|
|
# SASL configuration
|
|
|
|
|
postconf -e "smtpd_sasl_type=dovecot"
|
|
|
|
|
postconf -e "smtpd_sasl_path=inet:$DOVECOT_AUTH_ADDRESS:$DOVECOT_AUTH_PORT"
|
|
|
|
|
postconf -e "smtpd_sasl_auth_enable=yes"
|
|
|
|
|
postconf -e "smtpd_sasl_security_options=noanonymous"
|
|
|
|
|
postconf -e "smtpd_recipient_restrictions=permit_sasl_authenticated, reject"
|
|
|
|
|
postconf -e "smtpd_relay_restrictions=permit_sasl_authenticated, reject_unauth_destination"
|
|
|
|
|
postconf -e "smtpd_sasl_authenticated_header=yes"
|
|
|
|
|
postconf -e "smtpd_tls_wrappermode=yes"
|
|
|
|
|
|
|
|
|
|
# TLS configuration
|
|
|
|
|
postconf -e "smtpd_tls_cert_file=/etc/letsencrypt/tls.crt"
|
|
|
|
|
postconf -e "smtpd_tls_key_file=/etc/letsencrypt/tls.key"
|
|
|
|
|
postconf -e "smtpd_tls_security_level=encrypt"
|
|
|
|
|
postconf -e "smtp_tls_wrappermode=yes"
|
|
|
|
|
|
|
|
|
|
# BCC configuration
|
|
|
|
|
postconf -e "virtual_transport=lmtp:[$DOVECOT_LMTP_ADDRESS]:$DOVECOT_LMTP_PORT"
|
|
|
|
|
|
|
|
|
|
# Other configuration
|
|
|
|
|
postconf -e "inet_interfaces=all"
|
|
|
|
|
postconf -e "inet_protocols=ipv4"
|
|
|
|
|
postconf -e "queue_directory=/var/spool/postfix"
|
|
|
|
|
postconf -e "compatibility_level=2"
|
|
|
|
|
|
|
|
|
|
# Debugging
|
|
|
|
|
# postconf -e "debug_peer_list=127.0.0.1"
|
|
|
|
|
# postconf -e "debug_peer_level=3"
|
|
|
|
|
|
|
|
|
|
echo "
|
|
|
|
|
smtps inet n - n - - smtpd
|
|
|
|
|
-o syslog_name=postfix/smtps
|
|
|
|
|
-o smtpd_tls_wrappermode=yes
|
|
|
|
|
-o smtpd_sasl_auth_enable=yes
|
|
|
|
|
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
|
|
|
|
|
" | sudo tee -a /etc/postfix/master.cf
|
|
|
|
|
|
|
|
|
|
/usr/sbin/postfix -c /etc/postfix start
|
|
|
|
|
/usr/sbin/postfix -c /etc/postfix abort
|
|
|
|
|
exec "$POSTFIX_PATH" -c /etc/postfix -s
|