docker icon indicating copy to clipboard operation
docker copied to clipboard

Published 20 hours ago verified publisher icon anonaddy

changing postfix main.cf settings

Open dgc1980 opened this issue 2 years ago • 4 comments

I have a site attempting to send an authorization email, but it is failing due to Helo command rejected: Host not found;

seems that reject_unknown_helo_hostname needs to be removed from the main.cf for the email to be accepted.

is there anyway you will be able to add this to ENV settings to be able to have it disabled, I have manually edited the main.cf and restarted the docker container, but it reverts it back

dgc1980 avatar Jun 10 '22 18:06 dgc1980

just an update to this,

commenting out the reject_unknown_helo_hostname then kill -HUP PID worked. but it would still be great if there was a way we could disable it permanently.

dgc1980 avatar Jun 10 '22 19:06 dgc1980

I had to manually edit this file as well to change the spamhaus filters to use the new Data Query Service as I was getting the open resolver error when trying to route mail through the instance.

I'm wondering if we can map a file on the host to the docker container main.cf. I've seen other containers do something similar for 1 file, but not sure as I just spun this up this weekend.

darkknight7777777 avatar Jun 12 '22 21:06 darkknight7777777

thought I'd try this real quick and it didn't work for me. tried adding the below modified file as a volume, it appeared to overwrite when the container started, but couldn't get mail to relay through

  - /path/to/file/main.cf:/etc/postfix/main.cf

darkknight7777777 avatar Jun 12 '22 21:06 darkknight7777777

We can provide a way to override or allow adding extra postfix configuration.

crazy-max avatar Aug 01 '22 11:08 crazy-max

@crazy-max this is exactly what i am looking for too. Recently i started getting emails rejected by my anonaddy due to spamhaus "open resolver" issues. I changed the DNS in my container to use openDNS instead of cloudflare, and it worked. But, ideally we shoudn't be using any public DNS providers to query spamhaus. So, the 2 possible sollutions are: to spin up our own DNS with bind9 (which is hard and complicated) or simply use their DQS (its free for non-commercial use).

This requires us to change the query url in main.cf from zen.spamhaus.com to a specific, unique domain. Maybe it could be passed via .env variables. something like: USE_SPAMHAUS_DQS=true SPAMHAUS_QUERY_KEY={random key generated in user spamhouse portal}

More info: https://docs.spamhaus.com/datasets/docs/source/40-real-world-usage/MTAs/020-Postfix.html

yurividal avatar Aug 24 '22 14:08 yurividal

@yurividal Thanks for your feedback on this issue with spamhaus, that makes sense. Instead of bind9 we could use FTL or unbound. Will take a look.

crazy-max avatar Aug 24 '22 14:08 crazy-max

@darkknight7777777 @dgc1980 So the reason passing /etc/postfix/main through docker volumes didn't work is because the file is edited on starting the container by the initialization scripts. You can achieve the same effect by editing the initializing script for postfix configuration, and then passing that through docker volumes instead. That should allow you to make the changes permanent.

- "${ANONDADDYDIR}/myconfigs/15-config-postfix.sh:/etc/cont-init.d/15-config-postfix.sh"

xplreitr avatar Aug 30 '22 14:08 xplreitr

@xplreitr thanks for this, it appears to be working for me. 1 less step to do when updating

darkknight7777777 avatar Sep 09 '22 01:09 darkknight7777777