Página Principal Explorar Ajuda
Iniciar Sessão
mirrors
/
mailcow-dockerized
mirror de https://github.com/mailcow/mailcow-dockerized
2
0
Fork 0
Ficheiros Problemas 0 Wiki
Ver Fonte

adapt configs and dockerfile for PF 3.10 (Trixie Release)

DerLinkman há 2 semanas atrás
pai
d1bb2777f1
commit
7569fbdc5a
4 ficheiros alterados com 6 adições e 12 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 5 7
      data/Dockerfiles/postfix/Dockerfile
  2. 1 1
      data/Dockerfiles/postfix/supervisord.conf
  3. 0 2
      data/conf/postfix/main.cf
  4. 0 2
      data/conf/postfix/master.cf

+ 5 - 7
data/Dockerfiles/postfix/Dockerfile
Ver Ficheiro 

@@ -1,9 +1,9 @@
 
-FROM debian:bookworm-slim
 
+FROM debian:trixie-slim
 
 
-LABEL maintainer = "The Infrastructure Company GmbH <info@servercow.de>"
 
+LABEL maintainer="The Infrastructure Company GmbH <info@servercow.de>"
 
 
 ARG DEBIAN_FRONTEND=noninteractive
 
-ENV LC_ALL C
 
+ENV LC_ALL=C
 
 
 RUN dpkg-divert --local --rename --add /sbin/initctl \
 
 	&& ln -sf /bin/true /sbin/initctl \
 
@@ -34,15 +34,13 @@ RUN groupadd -g 102 postfix \
 
 	syslog-ng-core \
 
 	syslog-ng-mod-redis \
 
   	tzdata \
 
-	python3-pip \
 
+	postfix-mta-sts-resolver \
 
+	python3-uvloop \
 
 	&& rm -rf /var/lib/apt/lists/* \
 
 	&& touch /etc/default/locale \
 
   && printf '#!/bin/bash\n/usr/sbin/postconf -c /opt/postfix/conf "$@"' > /usr/local/sbin/postconf \
 
   && chmod +x /usr/local/sbin/postconf
 
 
-# New for MTA-STS Resolver Daemon
 
-RUN python3 -m pip install postfix-mta-sts-resolver[redis] uvloop --break-system-packages
 
-
 
 COPY supervisord.conf /etc/supervisor/supervisord.conf
 
 COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
 
 COPY syslog-ng-redis_slave.conf /etc/syslog-ng/syslog-ng-redis_slave.conf

+ 1 - 1
data/Dockerfiles/postfix/supervisord.conf
Ver Ficheiro 

@@ -14,7 +14,7 @@ autostart=true
 
 [program:postfix-mta-sts-resolver]
 
 startsecs=10
 
 autorestart=true
 
-command=/usr/local/bin/mta-sts-daemon -c /opt/postfix/conf/mta-sts-resolver/daemon.yml
 
+command=/usr/bin/mta-sts-daemon -c /opt/postfix/conf/mta-sts-resolver/daemon.yml
 
 stdout_logfile=/dev/stdout
 
 stdout_logfile_maxbytes=0
 
 stderr_logfile=/dev/stderr

+ 0 - 2
data/conf/postfix/main.cf
Ver Ficheiro 

@@ -107,8 +107,6 @@ smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch,
 
   reject_unknown_sender_domain
 
 smtpd_soft_error_limit = 3
 
 smtpd_tls_auth_only = yes
 
-smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
 
-smtpd_tls_eecdh_grade = auto
 
 smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL, DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA
 
 smtpd_tls_loglevel = 1

+ 0 - 2
data/conf/postfix/master.cf
Ver Ficheiro 

@@ -29,7 +29,6 @@ smtps    inet  n       -       n       -       -       smtpd
 
 # TLS protocol can be modified by setting submission_smtpd_tls_mandatory_protocols in extra.cf
 
 submission inet n       -       n       -       -       smtpd
 
   -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
 
-  -o smtpd_enforce_tls=yes
 
   -o smtpd_tls_security_level=encrypt
 
   -o smtpd_tls_mandatory_protocols=$submission_smtpd_tls_mandatory_protocols
 
   -o tls_preempt_cipherlist=yes
 
@@ -38,7 +37,6 @@ submission inet n       -       n       -       -       smtpd
 
 10587      inet n       -       n       -       -       smtpd
 
   -o smtpd_upstream_proxy_protocol=haproxy
 
   -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
 
-  -o smtpd_enforce_tls=yes
 
   -o smtpd_tls_security_level=encrypt
 
   -o smtpd_tls_mandatory_protocols=$submission_smtpd_tls_mandatory_protocols
 
   -o tls_preempt_cipherlist=yes