jamesp/sasa-maillist
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow external emails to send

Browse Source
This commit is contained in:
James Pattinson
2025-10-12 18:52:16 +00:00
parent 55d9da3fb5
commit b54014ac76
4 changed files with 32 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
postfix/Dockerfile
View File

@@ -13,11 +13,13 @@ RUN apt-get update && \
COPY main.cf.template /etc/postfix/main.cf.template COPY main.cf.template /etc/postfix/main.cf.template
COPY sasl_passwd.template /etc/postfix/sasl_passwd.template COPY sasl_passwd.template /etc/postfix/sasl_passwd.template
COPY virtual_aliases.cf /etc/postfix/virtual_aliases.cf COPY virtual_aliases.cf /etc/postfix/virtual_aliases.cf
COPY sender_access /etc/postfix/sender_access
COPY entrypoint.sh /entrypoint.sh COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh RUN chmod +x /entrypoint.sh
# Generate Postfix maps for virtual aliases # Generate Postfix maps for virtual aliases and sender access
RUN postmap /etc/postfix/virtual_aliases.cf RUN postmap /etc/postfix/virtual_aliases.cf
RUN postmap /etc/postfix/sender_access
# Expose SMTP # Expose SMTP
EXPOSE 25 EXPOSE 25

6
postfix/entrypoint.sh
View File

@@ -7,9 +7,13 @@ envsubst < /etc/postfix/main.cf.template > /etc/postfix/main.cf
# Generate SASL password file from environment variables # Generate SASL password file from environment variables
envsubst < /etc/postfix/sasl_passwd.template > /etc/postfix/sasl_passwd envsubst < /etc/postfix/sasl_passwd.template > /etc/postfix/sasl_passwd
# Generate Postfix hash # Generate Postfix hash databases
postmap /etc/postfix/sasl_passwd postmap /etc/postfix/sasl_passwd
chmod 600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db chmod 600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
# Regenerate sender_access database (in case of updates)
postmap /etc/postfix/sender_access
chmod 644 /etc/postfix/sender_access /etc/postfix/sender_access.db
# Start Postfix in foreground # Start Postfix in foreground
exec postfix start-fg exec postfix start-fg

14
postfix/main.cf.template
View File

@@ -3,6 +3,9 @@ myhostname = lists.sasalliance.org
myorigin = sasalliance.org myorigin = sasalliance.org
mydestination = $myhostname, localhost.$mydomain, localhost mydestination = $myhostname, localhost.$mydomain, localhost
# Virtual alias domains - domains we handle via virtual_alias_maps
virtual_alias_domains = lists.sasalliance.org
# Relay through SES # Relay through SES
relayhost = [${SMTP_HOST}]:${SMTP_PORT} relayhost = [${SMTP_HOST}]:${SMTP_PORT}
smtp_tls_security_level = encrypt smtp_tls_security_level = encrypt
@@ -16,6 +19,17 @@ smtp_sasl_security_options = noanonymous
# Virtual aliases (static for now) # Virtual aliases (static for now)
virtual_alias_maps = hash:/etc/postfix/virtual_aliases.cf virtual_alias_maps = hash:/etc/postfix/virtual_aliases.cf
# Sender restrictions - enforce whitelist
smtpd_sender_restrictions =
permit_mynetworks,
check_sender_access hash:/etc/postfix/sender_access,
reject
# Recipient restrictions - accept mail for our domains
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination
# Other recommended settings # Other recommended settings
alias_maps = hash:/etc/aliases alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases alias_database = hash:/etc/aliases

10
postfix/sender_access Normal file
View File

@@ -0,0 +1,10 @@
# Sender access control for mailing lists
# Format: sender_address ACTION
# Actions: OK (allow), REJECT (block with message), DISCARD (silently drop)
# Allow all board members from sasalliance.org domain
sasalliance.org OK
# Add other authorized senders as needed
# user@external.com OK
# anotherdomain.com OK