Cutedgesystems mailserve smtp ports4/3/2023 ![]() If you disable ClamAV, # you can use less RAM and CPU. apiVersion : apps/v1 kind : Deployment metadata : name : mailserver annotations : /run-as-non-root : >- 'mailserver' needs to run as root /privileged-ports : >- 'mailserver' needs privilegdes ports /no-read-only-root-fs : >- There are too many files written to make The root FS read-only spec : replicas : 1 selector : matchLabels : app : mailserver template : metadata : labels : app : mailserver annotations : .kubernetes.io/mailserver : runtime/default spec : hostname : mail containers : - name : mailserver image : docker.io/mailserver/docker-mailserver:latest imagePullPolicy : IfNotPresent securit圜ontext : allowPrivilegeEscalation : false readOnlyRootFilesystem : false runAsUser : 0 runAsGroup : 0 runAsNonRoot : false privileged : false capabilities : add : # file permission capabilities - CHOWN - FOWNER - MKNOD - SETGID - SETUID - DAC_OVERRIDE # network capabilities - NET_ADMIN # needed for F2B - NET_RAW # needed for F2B - NET_BIND_SERVICE # miscellaneous capabilities - SYS_CHROOT - KILL drop : seccompProfile : type : RuntimeDefault # You want to tune this to your needs. This example is absolutely minimal and only goes to show what can be done. We encourage you to have a look at Kustomize for creating ConfigMaps from multiple files, but for now, we will provide a simple, hand-written example. ![]() user-patches.sh, postfix-accounts.cf and more, to adjust docker-mailserver to our likings. We can also make use of user-provided configuration files, e.g. apiVersion : v1 kind : ConfigMap metadata : name : mailserver.environment immutable : false data : TLS_LEVEL : modern POSTSCREEN_ACTION : drop OVERRIDE_HOSTNAME : FAIL2BAN_BLOCKTYPE : drop POSTMASTER_ADDRESS : UPDATE_CHECK_INTERVAL : 10d POSTFIX_INET_PROTOCOLS : ipv4 ONE_DIR : '1' ENABLE_CLAMAV : '1' ENABLE_POSTGREY : '0' ENABLE_FAIL2BAN : '1' AMAVIS_LOGLEVEL : '-1' SPOOF_PROTECTION : '1' MOVE_SPAM_TO_JUNK : '1' ENABLE_UPDATE_CHECK : '1' ENABLE_SPAMASSASSIN : '1' SUPERVISOR_LOGLEVEL : warn SPAMASSASSIN_SPAM_TO_INBOX : '1' # here, we provide an example for the SSL configuration SSL_TYPE : manual SSL_CERT_PATH : /secrets/ssl/rsa/tls.crt SSL_KEY_PATH : /secrets/ssl/rsa/tls.key If not (1), then is it better to create a smtp container and map ports.Is so, whats the reason for getting the above error.Exposing your Mail-Server to the Outside Worldīind to concrete Node and use host network Should the smtp server be created within the app container. The 2nd part to this question is, what is the Ideal way to deal with smtp server. Not sure what could be wrong here, following the other posts I tried restarting the docker client, as well as verified that there is nothing else running on port 25 lsof -i:25 Let me know if I am missing something here. That didnt quite work well, as it kept throwing the following errorĮRROR: for smtp Cannot start service smtp: driver failed programming external connectivity on endpoint push_smtp_1 (25f260f6185dd34cfdb8fb9956c28187028aaca4d850d7a73acc4c2180c55696): Error starting userland proxy: Bind for 0.0.0.0:25: unexpected error (Failure EADDRINUSE) ![]() For which I created another container and mapped port 25 from host to container. I have an app which sends email and requires smtp running on port 25. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |