Merge branch 'dev' into patch-1
This commit is contained in:
André Peters
GitHub
@@ -160,6 +160,84 @@ docker-compose exec postfix-mailcow chmod 660 /opt/postfix/conf/smarthost_passwd
|
||||
docker-compose exec postfix-mailcow postfix reload
|
||||
```
|
||||
|
||||
## Optional: Log to Syslog
|
||||
|
||||
Enable Rsyslog to receive logs on 524/tcp:
|
||||
|
||||
```
|
||||
# This setting depends on your Rsyslog version and configuration format.
|
||||
# For most Debian derivates it will work like this...
|
||||
$ModLoad imtcp
|
||||
$TCPServerAddress 127.0.0.1
|
||||
$InputTCPServerRun 524
|
||||
|
||||
# ...while for Ubuntu 16.04 it looks like this:
|
||||
module(load="imtcp")
|
||||
input(type="imtcp" address="127.0.0.1" port="524")
|
||||
|
||||
# No matter your Rsyslog version, you should set this option to off
|
||||
# if you plan to use Fail2ban
|
||||
$RepeatedMsgReduction off
|
||||
```
|
||||
|
||||
Restart rsyslog after enabling the TCP listener.
|
||||
|
||||
Now setup Docker daemon to start with the syslog driver.
|
||||
This enables the syslog driver for all containers!
|
||||
|
||||
Debian users can change the startup configuration in `/etc/default/docker` while CentOS users find it in `/etc/sysconfig/docker`:
|
||||
```
|
||||
...
|
||||
DOCKER_OPTS="--log-driver=syslog --log-opt syslog-address=tcp://127.0.0.1:524"
|
||||
...
|
||||
```
|
||||
|
||||
**Caution:** For some reason Ubuntu 16.04 and some, but not all, systemd based distros do not read the defaults file parameters.
|
||||
|
||||
Just run `systemctl edit docker.service` and add the following content to fix it.
|
||||
|
||||
**Note:** If "systemctl edit" is not available, just copy the content to `/etc/systemd/system/docker.service.d/override.conf`.
|
||||
|
||||
The first empty ExecStart parameter is not a mistake.
|
||||
|
||||
```
|
||||
[Service]
|
||||
EnvironmentFile=/etc/default/docker
|
||||
ExecStart=
|
||||
ExecStart=/usr/bin/docker daemon -H fd:// $DOCKER_OPTS
|
||||
```
|
||||
|
||||
Restart the Docker daemon and run `docker-compose down && docker-compose up -d` to recreate the containers.
|
||||
|
||||
### Use Fail2ban
|
||||
|
||||
**This is a subsection of "Log to Syslog", which is required for Fail2ban to work.**
|
||||
|
||||
Open `/etc/fail2ban/filter.d/common.conf` and search for the prefix_line parameter, change it to ".*":
|
||||
|
||||
```
|
||||
__prefix_line = .*
|
||||
```
|
||||
|
||||
Create `/etc/fail2ban/jail.d/dovecot.conf`...
|
||||
```
|
||||
[dovecot]
|
||||
enabled = true
|
||||
filter = dovecot
|
||||
logpath = /var/log/syslog
|
||||
chain = FORWARD
|
||||
```
|
||||
|
||||
and `jail.d/postfix-sasl.conf`:
|
||||
```
|
||||
[postfix-sasl]
|
||||
enabled = true
|
||||
filter = postfix-sasl
|
||||
logpath = /var/log/syslog
|
||||
chain = FORWARD
|
||||
```
|
||||
|
||||
Restart Fail2ban.
|
||||
|
||||
## Install a local MTA
|
||||
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
# mailcow: dockerized - 🐮 + 🐋 = 💕
|
||||
|
||||
[](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=JWBSYHF4SMC68)
|
||||
[](https://www.servercow.de)
|
||||
|
||||
If you want to support mailcow, consider hosting mailcow on a Servercow virtual machine @ Servercow!
|
||||
|
||||
## Screenshots
|
||||
|
||||
@@ -30,6 +32,7 @@ mailcow dockerized comes with **11 containers** linked in **one bridged network*
|
||||
- mysql-vol-1
|
||||
- rspamd-vol-1
|
||||
- postfix-vol-1
|
||||
- crypt-vol-1
|
||||
|
||||
The integrated **mailcow UI** allows administrative work on your mail server instance as well as separated domain administrator and mailbox user access:
|
||||
|
||||
|
||||
@@ -75,7 +75,7 @@ Beware that a mailbox user can login to mailcow and override a domain policy fil
|
||||
Make your changes in `data/Dockerfiles/$service` and build the image locally:
|
||||
|
||||
```
|
||||
docker build data/Dockerfiles/service -t andryyy/mailcow-dockerized:$service
|
||||
docker build data/Dockerfiles/service -t mailcow/$service
|
||||
```
|
||||
|
||||
Now auto-recreate modified containers:
|
||||
@@ -311,14 +311,11 @@ Running `docker-compose down -v` will **destroy all mailcow: dockerized volumes*
|
||||
## Reset admin password
|
||||
Reset mailcow admin to `admin:moohoo`:
|
||||
|
||||
1\. Drop admin table
|
||||
```
|
||||
source mailcow.conf
|
||||
docker-compose exec mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DROP TABLE admin;"
|
||||
cd mailcow_path
|
||||
bash reset_admin.sh
|
||||
```
|
||||
|
||||
2\. Open mailcow UI to auto-init the db
|
||||
|
||||
## Rspamd
|
||||
|
||||
### Learn spam and ham
|
||||
@@ -521,6 +518,14 @@ map $http_upgrade $connection_upgrade {
|
||||
|
||||
Now you can simply navigate to https://${MAILCOW_HOSTNAME}/portainer/ to view your Portainer container monitoring page. You’ll then be prompted to specify a new password for the **admin** account. After specifying your password, you’ll then be able to connect to the Portainer UI.
|
||||
|
||||
## Change autodiscover setup type
|
||||
|
||||
This disables ActiveSync in the autodiscover service for Outlook and configures it with IMAP and SMTP instead:
|
||||
|
||||
Open `data/web/autodiscover.php` and set `'useEASforOutlook' => 'yes'` to `'useEASforOutlook' => 'no'`.
|
||||
|
||||
To always use IMAP and SMTP instead of EAS, set `'autodiscoverType' => 'imap'`.
|
||||
|
||||
## Why Bind?
|
||||
|
||||
For DNS blacklist lookups and DNSSEC.
|
||||
|
||||
Reference in New Issue
Block a user