namshi / docker-smtp Goto Github PK

Please add a license file to the repo so that we know how/if we can use/re-use the code.

Hi, is there chance to tag version of your image, im trying to make sure that my application will be always built and I had some troubles with images at latest version.

Is there any reason for not creating concrete version?

entrypoint.sh contains the following conditional block that is either incorrect or unnecessary:

        if [ "$MAILNAME" ]; then
                echo "MAIN_TLS_ENABLE = yes" >> /etc/exim4/exim4.conf.localmacro
s
        else
                echo "MAIN_TLS_ENABLE = yes" >> /etc/exim4/exim4.conf.localmacros
        fi

I suspect that the else clause should be setting MAIN_TLS_ENABLE to no if there is MAILNAME variable set, but I could be mistaken.

Hey,
My PM noticed that the new smtp cluster based on this image is much slower than the classic IIS smtp for example, does anyone experience that aswell?

Moreover, since i believe that it is something related to the queue, i took a look at the logs and found that:

Is that a valid log? why does the queue start&end so many times?
Is there any way to make my swarm cluster work faster?

Thanks alot!

I have this in my docker-compose.yml (replace ... with anything valid):

wordpress:
    container_name: ...wordpress_1
    depends_on:
      - db
    image: wordpress:latest
    ports:
      - "80:80"
    volumes:
      - type: bind
        source: ./html
        target: /var/www/html
        volume:
          nocopy: true
    restart: "no"
    environment:
      WORDPRESS_DB_NAME: '...'
      WORDPRESS_DB_USER: '...'
      WORDPRESS_DB_PASSWORD: '...'
      WORDPRESS_DB_HOST: db:3306
      WORDPRESS_TABLE_PREFIX: 'wp_'
      WORDPRESS_AUTH_KEY: '...'
      WORDPRESS_SECURE_AUTH_KEY: '...'
      WORDPRESS_LOGGED_IN_KEY: '...'
      WORDPRESS_NONCE_KEY: '...'
      WORDPRESS_AUTH_SALT: '...'
      WORDPRESS_SECURE_AUTH_SALT: '...'
      WORDPRESS_LOGGED_IN_SALT: '...'
      WORDPRESS_NONCE_SALT: '...'

and this:

  smtp:
    image: namshi/smtp
    container_name: ...smtp_relay_1
    restart: "no"
    ports:
      - "25:25"

It seems that the SMTP is not accessible from the Contact Form 7 WordPress plugin which I use through the REST API. How can I test the smtp container in a fast and good way or how can I change the docker-compose.yml file to make it work?

When I run $ docker-compose up I do not get errors.

The JSON object I get in the browser is this:

{into: "#", status: "mail_failed", message: "There was an error trying to send your message. Please try again later."}

The related forum question is here.

Thank you.

Hi,
I was trying to use your container as a simple smtp server (without any relay). I've build the image from source and successfully ran it. The question is how can I configure it. Thought I can use the following command
sudo dpkg-reconfigure exim4-config but unfortunetely not able to attach to the running container, even when it was started with -itd options.

Problem
Hi, I am using namshi/smtp to be my smarthost SMTP relay for SendGrid. I need to enable TLS so that the SMTP replay only handles requests with certs. Therefore, I set the values for CERTIFICATE_PATH and KEY_PATH to enable TLS.

Performed
I ran the following command to initialize the container:

docker run -p 25:25 -v $(pwd)/:/etc/ssl/certs \
    -e "KEY_PATH=/etc/ssl/certs/MyKey.key" \
    -e "CERTIFICATE_PATH=/etc/ssl/certs/MyCertificate.crt" \
    -e "SMARTHOST_ADDRESS=smtp.sendgrid.net" \
    -e "SMARTHOST_USER=apikey" \
    -e "SMARTHOST_ALIASES=*" \
    -e "SMARTHOST_PORT=587" \
    -e "SMARTHOST_PASSWORD=MY_API_KEY" \
    namshi/smtp

Then I sent a testing email with this code

Expected Result
The email is supposed to be blocked because no cert is provided.

Actual Result
The email is sent.

Any suggestions?

Is it possible to use user and password to raise just the SMTP Server?

many thanks

Not totally sure why this is, but I have to 'allow less secure apps' in order to use the gmail relay setting. I get an email like:

Hi XXX,
Google just blocked someone from signing into your Google Account [email protected] from an app that may put your account at risk.
Less secure app
Friday, March 10, 2017 10:41 AM (EST)
Ashburn, VA, USA*
Don't recognize this activity?
If you didn't recently receive an error while trying to access a Google service, like Gmail, from a non-Google application, someone may have your password.

SECURE YOUR ACCOUNT

Are you the one who tried signing in?
Google will continue to block sign-in attempts from the app you're using because it has known security problems or is out of date. You can continue to use this app by allowing access to less secure apps, but this may leave your account vulnerable.

Best,
The Google Accounts team

Hi,

I have an issue with last updates when i launch this command :

docker run --name smtp     -p 25:25     -e GMAIL_USER="Xxxx@x...."     -e GMAIL_PASSWORD="XXXX"     -e RELAY_NETWORKS=":192.168.0.0/24"     docker-smtp     --restart=always     --rm
+ sed -ri '
    s/^#?(dc_local_interfaces)=.*/\1='\''[0.0.0.0]:25 ; [::0]:25'\''/;
    s/^#?(dc_other_hostnames)=.*/\1='\'''\''/;
    s/^#?(dc_relay_nets)=.*/\1='\''172.17.0.2\/16:192.168.0.0\/24'\''/;
    s/^#?(dc_eximconfig_configtype)=.*/\1='\''smarthost'\''/;
    s/^#?(dc_smarthost)=.*/\1='\''smtp.gmail.com::587'\''/;
' /etc/exim4/update-exim4.conf.conf
+ update-exim4.conf -v
using non-split configuration scheme from /etc/exim4/exim4.conf.template
/bin/entrypoint.sh: line 54: exec: --: invalid option
exec: usage: exec [-cl] [-a name] [command [arguments ...]] [redirection ...]

I tried some syntax but allways the same error message.

What do you think ?

When configured as a relay docker-smtp doesn't support a TLS-only smart host. TCP connection can be initiated on port 465 but then docker-smtp doesn't even try to initiate the TLS connection.

When running this container, which directories do I need to declare as volume so that the queued messages would not be lost during restarts?

Hi,

Using your image on local linking with docker-compose, it works like a charm.

R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [74.125.136.27] X=TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128 DN="C=US,ST=California,L=Mountain View,O=Google Inc,CN=mx.google.com" C="250 2.0.0 OK 1462176390 s73si19565612wmd.29 - gsmtp"

But when I'm using it on Docker Cloud, it gets ip DNS resolution in ipv6...

legacy-smtp-1 | 2016-05-02T08:07:41.044967348Z   604 Connecting to aspmx.l.google.com [2a00:1450:400c:c07::1b]:25 ... failed: Network is unreachable
legacy-smtp-1 | 2016-05-02T08:07:41.044986778Z   604 LOG: MAIN
legacy-smtp-1 | 2016-05-02T08:07:41.045003489Z   604   aspmx.l.google.com [2a00:1450:400c:c07::1b] Network is unreachable

Docker doesn't seem to route ipv6 without starting it with --ipv6 from the doc.

The only difference is that I had to specify RELAY_NETWORKS=:10.7.0.0/24 for weave.

Any idea how to solve this issue ?
I saw there is some disable_ipv6 option but I couldn't make it work to force ipv4 ....

Thank you for this image, very useful. Can you please add release tag to docker hub, we need fixed version some times.

As of October 14th, this docker stopped working with my gmail account.

I manually changed the passwd.client from *.google.com: to *.gmail.com: and that appeared to work.

Not sure why this broke all of a sudden on a version of this image that was 2 years old running in a container up for over 7 months. I tried pulling the latest version and it still didn't work until I made the google->gmail change.

I was getting "Authentication Required" errors

smtp_1             |   289   ** [email protected] R=smarthost T=remote_smtp_smarthost X=TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128 DN="C=US,ST=California,L=Mountain View,O=Google LLC,CN=smtp.gmail.com": SMTP error from remote mail server after MAIL FROM:<> SIZE=2671: host smtp.gmail.com [173.194.68.109]: 530-5.5.1 Authentication Required. Learn more at\n530 5.5.1  https://support.google.com/mail/?p=WantAuthError value_wiped.92 - gsmtp

awesome image. the only thing missing for me at the moment is DKIM support.
I found this article, that describes on how to setup it.
Do you have a suggestion what would be the best way to incorporate it into your image? Then I could try to do that during the weekend.

Trying to use this container as a service in my docker-compose.yml this way however I'm receiving an error:

"No connection could be made because the target machine actively refused it 127.0.0.1:25"

  smtp:
    image: namshi/smtp
    container_name: jn_smtp_gmail
    environment:
      - RELAY_NETWORKS=:192.168.0.0/24
      - GMAIL_USER=<email>
      - GMAIL_PASSWORD=<password>    
    networks:
      - jn

Not sure what is wrong? Can you pls shed light on this?

Please note that I'm trying to call the container from a local application and not an internal container within the docker network

what environment variables do i actually need set to relay all incoming emails to a remote postfix server. please could you give an example?

Would it be possible to get the SMTP relay to support sending email via AWS SES via the API rather than relaying it to the AWS SMTP endpoint? This would allow us to just use an IAM role to authorize the sending of the email rather than generating the corresponding SMTP credentials for an IAM user.

someone will have to rebuild and republish this package bundling 4.89-2+deb9u4 or higher.

Hi,

it would be great if you could write a sentence or two on how to integrate own configurations into the container.

If managed to get DKIM working by bind-mounting over the generated exim4.conf.localmacros like
- ./00_local_macros.txt:/etc/exim4/exim4.conf.localmacros:ro
however, now I want to add a new config that would add VERP by mounting it into
- ./verp.conf:/etc/exim4/conf.d/rewrite/40_exim4-config_verp
but as the container is using a single-config file, it won't pick up this config.
I don't want to bind-mount the whole config file into the container, as then I would lose the flexibility gained by your sed-replacements (ips and so on..)

any hints / suggestions are highly appreciated!

If docker has to restart a running container (server reboot, docker service restart)

The container is not able to come back up.

I think this was caused by my changes for #5 .

Adding this as a placeholder so people know there is an issue and I'm looking into it.

Error:
2016-04-28 23:20:35 Exim configuration error:
macro "MAIN_HARDCODE_PRIMARY_HOSTNAME" is already defined (use "==" if you want to redefine it
Invalid new configfile /var/lib/exim4/config.autogenerated.tmp, not installing

would be nice / convenient if there were ways to rewrite TO and/or FROM fields. using this as a very simple relay for a home lab would like to rewrite all TO fields to my email account regardless of the original TO. I would assume that the ability to rewrite FROM to @example.com would also be a benefit to some.

thanks!

When connecting to Gmail via the $GMAIL_USER and $GMAIL_PASSWORD env variables, Google bugs me about it being a 'less secure app'. I tried enabling less secure apps, but it is a pain and it reverts back if no emails are sent for a few days.
According to Google, I should use OAUTH, is there a way to use it with this container?

A few days ago, Debian announced the removal of non-LTS Jessie from their mirrors:

https://lists.debian.org/debian-devel-announce/2019/03/msg00006.html

This causes problems when trying to use the namshi/smtp docker image:

 ---> f2dffd734243
Step 2/2 : RUN apt-get update && apt-get dist-upgrade -y
 ---> Running in cff38b0d4315
Get:1 http://security.debian.org jessie/updates InRelease [44.9 kB]
Ign http://deb.debian.org jessie InRelease
Ign http://deb.debian.org jessie-updates InRelease
Get:2 http://deb.debian.org jessie Release.gpg [2420 B]
Ign http://deb.debian.org jessie-updates Release.gpg
Get:3 http://deb.debian.org jessie Release [148 kB]
Get:4 http://security.debian.org jessie/updates/main amd64 Packages [824 kB]
Ign http://deb.debian.org jessie-updates Release
Get:5 http://deb.debian.org jessie/main amd64 Packages [9098 kB]
Err http://deb.debian.org jessie-updates/main amd64 Packages

Err http://deb.debian.org jessie-updates/main amd64 Packages

Err http://deb.debian.org jessie-updates/main amd64 Packages

Err http://deb.debian.org jessie-updates/main amd64 Packages

Err http://deb.debian.org jessie-updates/main amd64 Packages
  404  Not Found
Fetched 10.1 MB in 6s (1606 kB/s)
W: Failed to fetch http://deb.debian.org/debian/dists/jessie-updates/main/binary-amd64/Packages  404  Not Found

Would it be possible to switch to Stretch?

Smtp does not seem to accept including 8 bit letter that are mime coded

I'm trying to increase the amount of emails this would accept from 10 to 100, but no matter where I put the config it is not being picked up when I restart the exim4 service. Can someone let me know where I'm supposed to put this?

After setting KEY_PATH and CERTIFICATE_PATH I do not have TLS enabled. I can see that it finds the certs, it copy's them over successfully, then the daemon starts without TLS.

exim 4.89 daemon started: pid=1, -q15m, listening for SMTP on port 25 (IPv6 and IPv4)

$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

220 2d716bca357d ESMTP Exim 4.89 Thu, 11 Jul 2019 14:51:29 +0000
STARTTLS
503 STARTTLS command used when not advertised

Any suggestions would be appreciated

I am trying to have gmail relay and it does not work in my company network, the same container works fine in my home network. I am trying to figure out the network restrictions using the logs but with no luck. Below are the logs for both cases.

Home Network [Where it is working]

smtp_1  |   336 LOG: host_lookup_failed MAIN
smtp_1  |   336   no host name found for IP address 172.20.0.1
smtp_1  |   336 LOG: host_lookup_failed MAIN
smtp_1  |   336   no host name found for IP address 172.20.0.1
smtp_1  |   336 LOG: MAIN
smtp_1  |   336   <= [email protected] H=([127.0.0.1]) [172.20.0.1] P=esmtp S=420
smtp_1  |   336 LOG: smtp_connection MAIN
smtp_1  |   336   SMTP connection from ([127.0.0.1]) [172.20.0.1] lost
smtp_1  |   337 Exim version 4.84_2 uid=104 gid=108 pid=337 D=40001
smtp_1  | Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
smtp_1  | Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM PRDR OCSP
smtp_1  | Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
smtp_1  | Authenticators: cram_md5 plaintext
smtp_1  | Routers: accept dnslookup ipliteral manualroute queryprogram redirect
smtp_1  | Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
smtp_1  | Fixed never_users: 0
smtp_1  | Size of off_t: 8
smtp_1  |   337 delivering 1e0ft8-00005Q-27
smtp_1  |   337 R: smarthost for [email protected]
smtp_1  |   339 T: remote_smtp_smarthost for [email protected]
smtp_1  |   339 Transport port=25 replaced by host-specific port=587
smtp_1  |   339 Connecting to gmail-smtp-msa.l.google.com [2404:6800:4008:c04::6d]:587 ... failed: Cannot assign requested address
smtp_1  |   339 LOG: MAIN
smtp_1  |   339   gmail-smtp-msa.l.google.com [2404:6800:4008:c04::6d] Cannot assign requested address
smtp_1  |   339 Transport port=25 replaced by host-specific port=587
smtp_1  |   339 Connecting to gmail-smtp-msa.l.google.com [74.125.204.108]:587 ... connected
smtp_1  |   339   SMTP<< 220 smtp.gmail.com ESMTP l5sm4580152pgs.3 - gsmtp
smtp_1  |   339   SMTP>> EHLO 32cc415b506d
smtp_1  |   339   SMTP<< 250-smtp.gmail.com at your service, [58.111.143.170]
smtp_1  |   339          250-SIZE 35882577
smtp_1  |   339          250-8BITMIME
smtp_1  |   339          250-STARTTLS
smtp_1  |   339          250-ENHANCEDSTATUSCODES
smtp_1  |   339          250-PIPELINING
smtp_1  |   339          250-CHUNKING
smtp_1  |   339          250 SMTPUTF8
smtp_1  |   339   SMTP>> STARTTLS
smtp_1  |   339   SMTP<< 220 2.0.0 Ready to start TLS
smtp_1  |   339   SMTP>> EHLO 32cc415b506d
smtp_1  |   339   SMTP<< 250-smtp.gmail.com at your service, [58.111.143.170]
smtp_1  |   339          250-SIZE 35882577
smtp_1  |   339          250-8BITMIME
smtp_1  |   339          250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
smtp_1  |   339          250-ENHANCEDSTATUSCODES
smtp_1  |   339          250-PIPELINING
smtp_1  |   339          250-CHUNKING
smtp_1  |   339          250 SMTPUTF8
smtp_1  |   339   SMTP>> AUTH PLAIN ********************************************
smtp_1  |   339   SMTP<< 235 2.7.0 Accepted
smtp_1  |   339   SMTP>> MAIL FROM:<[email protected]> SIZE=1455
smtp_1  |   339   SMTP>> RCPT TO:<[email protected]>
smtp_1  |   339   SMTP>> DATA
smtp_1  |   339   SMTP<< 250 2.1.0 OK l5sm4580152pgs.3 - gsmtp
smtp_1  |   339   SMTP<< 250 2.1.5 OK l5sm4580152pgs.3 - gsmtp
smtp_1  |   339   SMTP<< 354  Go ahead l5sm4580152pgs.3 - gsmtp
smtp_1  |   339   SMTP>> writing message and terminating "."
smtp_1  |   339   SMTP<< 250 2.0.0 OK 1507347298 l5sm4580152pgs.3 - gsmtp
smtp_1  |   339   SMTP>> QUIT
smtp_1  |   337 LOG: MAIN
smtp_1  |   337   => [email protected] R=smarthost T=remote_smtp_smarthost H=gmail-smtp-msa.l.google.com [74.125.204.108] X=TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128 DN="C=US,ST=California,L=Mountain View,O=Google Inc,CN=smtp.gmail.com" A=plain C="250 2.0.0 OK 1507347298 l5sm4580152pgs.3 - gsmtp"
smtp_1  |   337 LOG: MAIN
smtp_1  |   337   Completed
smtp_1  |   331 LOG: MAIN
smtp_1  |   331   SMTP timeout while connected to gmail-smtp-msa.l.google.com [173.194.203.109] after initial connection: Connection timed out
smtp_1  |   331 Transport port=25 replaced by host-specific port=587
smtp_1  |   331 Connecting to gmail-smtp-msa.l.google.com [173.194.203.108]:587 ... connected
smtp_1  |   331   SMTP<< 220 smtp.gmail.com ESMTP u3sm4885654pfu.5 - gsmtp
smtp_1  |   331   SMTP>> EHLO 32cc415b506d
smtp_1  |   331   SMTP<< 250-smtp.gmail.com at your service, [58.111.143.170]
smtp_1  |   331          250-SIZE 35882577
smtp_1  |   331          250-8BITMIME
smtp_1  |   331          250-STARTTLS
smtp_1  |   331          250-ENHANCEDSTATUSCODES
smtp_1  |   331          250-PIPELINING
smtp_1  |   331          250-CHUNKING
smtp_1  |   331          250 SMTPUTF8
smtp_1  |   331   SMTP>> STARTTLS
smtp_1  |   331   SMTP<< 220 2.0.0 Ready to start TLS
smtp_1  |   331   SMTP>> EHLO 32cc415b506d
smtp_1  |   331   SMTP<< 250-smtp.gmail.com at your service, [58.111.143.170]
smtp_1  |   331          250-SIZE 35882577
smtp_1  |   331          250-8BITMIME
smtp_1  |   331          250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
smtp_1  |   331          250-ENHANCEDSTATUSCODES
smtp_1  |   331          250-PIPELINING
smtp_1  |   331          250-CHUNKING
smtp_1  |   331          250 SMTPUTF8
smtp_1  |   331   SMTP>> AUTH PLAIN ********************************************
smtp_1  |   331   SMTP<< 235 2.7.0 Accepted
smtp_1  |   331   SMTP>> MAIL FROM:<[email protected]> SIZE=1459
smtp_1  |   331   SMTP>> RCPT TO:<[email protected]>
smtp_1  |   331   SMTP>> DATA
smtp_1  |   331   SMTP<< 250 2.1.0 OK u3sm4885654pfu.5 - gsmtp
smtp_1  |   331   SMTP<< 250 2.1.5 OK u3sm4885654pfu.5 - gsmtp
smtp_1  |   331   SMTP<< 354  Go ahead u3sm4885654pfu.5 - gsmtp
smtp_1  |   331   SMTP>> writing message and terminating "."
smtp_1  |   331   SMTP<< 250 2.0.0 OK 1507347311 u3sm4885654pfu.5 - gsmtp
smtp_1  |   331   SMTP>> QUIT
smtp_1  |   329 LOG: MAIN
smtp_1  |   329   => [email protected] R=smarthost T=remote_smtp_smarthost H=gmail-smtp-msa.l.google.com [173.194.203.108] X=TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128 DN="C=US,ST=California,L=Mountain View,O=Google Inc,CN=smtp.gmail.com" A=plain C="250 2.0.0 OK 1507347311 u3sm4885654pfu.5 - gsmtp"
smtp_1  |   329 LOG: MAIN
smtp_1  |   329   Completed

Company Network [Where it is not working]

smtp_1  |   332 LOG: host_lookup_failed MAIN
smtp_1  |   332   no host name found for IP address 172.20.0.1
smtp_1  |   332 LOG: MAIN
smtp_1  |   332   <= [email protected] H=([10.225.98.132]) [172.20.0.1] P=esmtp S=424
smtp_1  |   332 LOG: smtp_connection MAIN
smtp_1  |   332   SMTP connection from ([10.225.98.132]) [172.20.0.1] lost
smtp_1  |   333 Exim version 4.84_2 uid=104 gid=108 pid=333 D=40001
smtp_1  | Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
smtp_1  | Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM PRDR OCSP
smtp_1  | Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
smtp_1  | Authenticators: cram_md5 plaintext
smtp_1  | Routers: accept dnslookup ipliteral manualroute queryprogram redirect
smtp_1  | Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
smtp_1  | Fixed never_users: 0
smtp_1  | Size of off_t: 8
smtp_1  |   333 delivering 1e0fq0-00005M-4a
smtp_1  |   333 R: smarthost for [email protected]
smtp_1  |   335 T: remote_smtp_smarthost for [email protected]
smtp_1  |   335 Transport port=25 replaced by host-specific port=587
smtp_1  |   335 Connecting to gmail-smtp-msa.l.google.com [2607:f8b0:400e:c05::6c]:587 ... failed: Cannot assign requested address
smtp_1  |   335 LOG: MAIN
smtp_1  |   335   gmail-smtp-msa.l.google.com [2607:f8b0:400e:c05::6c] Cannot assign requested address
smtp_1  |   335 Transport port=25 replaced by host-specific port=587
smtp_1  |   335 Connecting to gmail-smtp-msa.l.google.com [173.194.203.109]:587 ... connected

There is no error but it just stucks at this point and does not go any further. Can you please suggest what is happening. The step: SMTP<< 220 smtp.gmail.com ESMTP u3sm4885654pfu.5 - gsmtp is not being performed in the case it is not working. What does it mean? What could be the network restriction to address?

Thanks a lot!

Running docker-smtp in docker swarm or as a service with

docker service create --name smtp  -p 25:25 --replicas 1 namshi/smtp:latest

fails to start the container with the following error reported in the logs:

sed: -e expression #1, char 145: unterminated `s' command`

It would be great if this image could be used in swarm mode.

I tried using sendgrid and everything is fine.

SMTP<< 250-smtp.sendgrid.net
290 250-8BITMIME
290 250-PIPELINING
290 250-SIZE 31457280
290 250-STARTTLS
290 250-AUTH PLAIN LOGIN
290 250 AUTH=PLAIN LOGIN
290 SMTP>> AUTH PLAIN ************************
290 SMTP<< 235 Authentication successful

Now when I am trying to use an exchange server in my internal network as a relay, it doesn't work.

292 SMTP<< 220 2.0.0 SMTP server ready
292 SMTP>> EHLO 5a941ff55a4f
292 SMTP<< 250-mail.internal Hello [123.123.123.123]
292 250-SIZE 36700160
292 250-PIPELINING
292 250-DSN
292 250-ENHANCEDSTATUSCODES
292 250-AUTH GSSAPI NTLM LOGIN
292 250-8BITMIME
292 250-BINARYMIME
292 250 CHUNKING
292 SMTP>> MAIL FROM:[email protected] SIZE=1378
292 SMTP>> RCPT TO:[email protected]
292 SMTP>> DATA
292 SMTP<< 530 5.7.1 Client was not authenticated
292 LOG: MAIN
292 TLS error on connection to mail.internal [123.123.123.123] (recv): The TLS connection was non-properly terminated.
292 SMTP>> QUIT
292 LOG: MAIN
292 TLS error on connection to mail.internal [123.123.123.123] (send): The specified session has been invalidated for some reason.
290 LOG: MAIN
290 ** [email protected] R=smarthost T=remote_smtp_smarthost X=TLS1.0:ECDHE_RSA_AES_256_CBC_SHA1:256 DN="CN=mail.internal": SMTP error from remote mail server after MAIL FROM:[email protected] SIZE=1378: host mail.internal [123.123.123.123]: 530 5.7.1 Client was not authenticated

I just run with the below command:

docker service create \
	--name smtp \
	--mode replicated \
	--constraint 'node.hostname == xxx' \
	--env [email protected] \
	--env PORT=25 \
	--publish 33338:25 \
	namshi/smtp

Then I got:

+ sed -ri '
	s/^#?(dc_local_interfaces)=.*/\1='\''[0.0.0.0]:25 ; [::0]:25'\''/;
	s/^#?(dc_other_hostnames)=.*/\1='\'''\''/;
	s/^#?(dc_relay_nets)=.*/\1='\''10.255.0.7\/16
10.255.0.2\/32:192.168.0.0\/24:10.0.0.0\/16'\''/;
	s/^#?(dc_eximconfig_configtype)=.*/\1='\''internet'\''/;
' /etc/exim4/update-exim4.conf.conf
sed: -e expression #1, char 144: unterminated `s' command

Also tried just run with docker run --name smtp namshi/smtp, still got:

+ sed -ri '
	s/^#?(dc_local_interfaces)=.*/\1='\''[0.0.0.0]:25 ; [::0]:25'\''/;
	s/^#?(dc_other_hostnames)=.*/\1='\'''\''/;
	s/^#?(dc_relay_nets)=.*/\1='\''172.17.0.3\/16'\''/;
	s/^#?(dc_eximconfig_configtype)=.*/\1='\''internet'\''/;
' /etc/exim4/update-exim4.conf.conf
+ update-exim4.conf -v
using non-split configuration scheme from /etc/exim4/exim4.conf.template
    1 LOG: MAIN
    1   exim 4.84_2 daemon started: pid=1, -q15m, listening for SMTP on port 25 (IPv6 and IPv4)

What am I missing?

How can I integrate with Traefik for SSL and more?

hi,

how would I in the best manner make the letsencrypt certfile and keyfile available.
I tried setting the env variables

CERTIFICATE_PATH=/etc/letsencrypt/archive/xxx/fullchain1.pem
KEY_PATH=/etc/letsencrypt/archive/xxx/privkey1.pem

but the container wont start up with the message:

cp: cannot stat '/etc/letsencrypt/archive/xxx/privkey1.pem': No such file or directory

There were a bunch of exim4 security updates announced today, including several remote code executions.

https://lists.debian.org/debian-security-announce/2021/msg00093.html

The fixes are in buster, so it should be a matter of rebuilding images to pull the latest packages from there.
Can you please do this and push to docker hub?

Hello I am simply trying to send mail using smtplib.

I added the certificate to the smtp container, and when I ran that code, this '550, b'relay not permitted' occurred. It seems that it cannot be received from other receiving servers.

Please help.
Thank you.

import mail
from flask import Flask, request, Response, jsonify
import smtplib

app = Flask(__name__)


@app.route("/sendMail", methods=['POST'])
def sendMail():
    data = request.get_json()
    print(data)

    from_email = data.get('from email')
    to_email = data.get('to email')
    subject = data.get('subject')
    contents = data.get('contents')

    sender = from_email
    receiver = to_email
    msg = '''\
... From: [email protected]
... Subject: testin'...
...
... This is a test '''

    smtpObj = smtplib.SMTP('mail.kfems.org', 25)
    smtpObj.sendmail(sender, receiver, msg)

    return jsonify(data)

if __name__ == '__main__':
    app.run(host='0.0.0.0', debug=True, port=5050)

When I try to send email to my personal gmail id it goes in to SPAM folder that is fine but when I try to send it to my official email it never comes thru ? what should be done to fix. I m new to this docker smtp so please provide clear instructions as for a novice.

sudo docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8dd489efe836 namshi/smtp "/bin/entrypoint.sh …" 2 hours ago Up 2 hours 25/tcp awesome_easley

Regards
Gururaj

Hey,
I have few SMTP containers under AWS load balancer.
The problem is that the LB sends signals from internal IP which exim4 can't resolve.
the result is a lot of spam inside my logs:

15616 LOG: smtp_connection MAIN
15616   SMTP connection from [10.2.9.119] lost D=0s
15617 LOG: host_lookup_failed MAIN
15617   no host name found for IP address 10.2.9.119
15617 LOG: smtp_connection MAIN
15617   SMTP connection from [10.2.9.119] lost D=0s
15618 LOG: host_lookup_failed MAIN
15618   no host name found for IP address 10.2.9.119
15618 LOG: smtp_connection MAIN
15618   SMTP connection from [10.2.9.119] lost D=0s

This keeps on going forever.

It would be great if there were an option to disable **host_lookup = **
Inside the config file which is generated from exim4.conf.localmacros and exim4.conf.template of this solution.

Hi, I really appreciate this image and am now trying to get it working on my Google Cloud VPS. As you may already know, they block the normal outgoing ports for SMTP. As I was figuring this out, I ran across this stackof: http://stackoverflow.com/questions/24834047/amazon-ses-on-google-cloud-computing-instance-vm-using-postfix

Is this possible to include in your .sh?

Hi there, just wanted to say thanks for putting this docker-based smtp server together. It works as expected. Thanks again and good luck!

I have the image running with gmail user and gmail password set. How do I send mails now?

In a deployment I saw this error:

all relevant MX records point to non-existent hosts

After some research I discovered the ignore_target_hosts configuration option. This was configured in both:

/etc/exim4/conf.d/router/200_exim4-config_primary
/etc/exim4/exim4.conf.template

Since my MX server's A records record resolves to an address in the 10.0.0.0/8 it was being ignored as a viable host. I had to modify both configuration files and reload the service in order to send messages.

Can we add environment variables to allow modifying this configuration option?

Hello,

I would like to send mail from app service by using mail command like

echo "hello" | mail -s "test subject" -r [email protected] [email protected]

but this mail is not working.

If I use same mail command from smtp service then I am always get mail to mailbox.

If I use heirloom-mailx then it is working from app service

apt-get install heirloom-mailx
echo "This is the message body and contains the message" | heirloom-mailx -v -r "[email protected]" -s "This is the subject" -S smtp="smpt:25" [email protected]

My swarm configuration

docker stack deploy -c - smtp << EOF
version: '3.7'
services:
  smtp:
    image: namshi/smtp
    networks:
      - smtp
    environment:
      - RELAY_NETWORKS=:192.168.0.0/24:10.0.0.0/16
      - SMARTHOST_ADDRESS=${SMTP_HOST}
      - SMARTHOST_PORT=${SMTP_PORT}
      - SMARTHOST_USER=${SMTP_USER}
      - SMARTHOST_PASSWORD=${SMTP_PASSWORD}
    deploy:
      restart_policy:
          condition: any
      placement:
        constraints:
          - node.role == manager
networks:
  smtp:
    external: true
    name: smtp
EOF


docker stack deploy -c - mailtest << EOF
version: '3.7'

services:
  app:
    image: php7-fpm
    command: tail -f /dev/null
    networks:
      - smtp
    deploy:
      restart_policy:
        condition: any
      placement:
        constraints:
          - node.labels.role == web

networks:
  smtp:
    external: true
    name: smtp

EOF

Test with ssmtp

I try to install ssmtp on the app service but it is not working too.

apt-get install ssmtp

and set set up config like

> cat /etc/ssmtp/ssmtp.conf

root=postmaster
hostname=dc4285ba769a
mailhub=smtp:25

Thank you for help

Is possible to add feature where the container would pipe request to docker logs and not send email? This would be helpful when using this image during app development.

The destination email provider in the provided logs is outlook.com. Sending messages to Gmail also failed. No environment variables configured.
Here are the logs:

+ sed -ri '
        s/^#?(dc_local_interfaces)=.*/\1='\''[0.0.0.0]:25 ; [::0]:25'\''/;
        s/^#?(dc_other_hostnames)=.*/\1='\'''\''/;
        s/^#?(dc_relay_nets)=.*/\1='\''172.17.0.2\/16'\''/;
        s/^#?(dc_eximconfig_configtype)=.*/\1='\''internet'\''/;
' /etc/exim4/update-exim4.conf.conf
+ update-exim4.conf -v
using non-split configuration scheme from /etc/exim4/exim4.conf.template
    1 LOG: MAIN
    1   exim 4.92 daemon started: pid=1, -q15m, listening for SMTP on port 25 (IPv6 and IPv4)
  273 LOG: host_lookup_failed MAIN
  273   no host name found for IP address 172.17.0.1
  273 LOG: MAIN
  273   <= [email protected] H=(SFL4819L470.sflpro.local) [172.17.0.1] P=esmtp S=459
  273 LOG: smtp_connection MAIN
  273   SMTP connection from (SFL4819L470.sflpro.local) [172.17.0.1] lost D=0s
  274 Exim version 4.92 uid=101 gid=101 pid=274 D=80001
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DANE DKIM DNSSEC Event OCSP PRDR SOCKS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
  274 delivering 1jfP9W-00004P-G7
  274 R: dnslookup for [email protected]
  275 T: remote_smtp for [email protected]
  275 Connecting to live-com.olc.protection.outlook.com [104.47.66.33]:25 ... failed: Connection refused
  275 LOG: MAIN
  275   H=live-com.olc.protection.outlook.com [104.47.66.33] Connection refused
  275 Connecting to live-com.olc.protection.outlook.com [104.47.55.161]:25 ... failed: Connection refused
  275 LOG: MAIN
  275   H=live-com.olc.protection.outlook.com [104.47.55.161] Connection refused
  274 LOG: MAIN
  274   == [email protected] R=dnslookup T=remote_smtp defer (111): Connection refused

As a security measure, the Dockerfile should have a USER directive in order to run using a non privileged user account.

Can you add it ?

Hi, I have a application running inside docker container, and my application has a functionality of sending emails to the registered user.

Problem :

1. Email functionality of the application is not working
2. Application is not able to send the emails from the docker container

I believe the smtp support has not added to the docker container, can you please let me know on how to add the smtp server, so that i can send email from the application.

I have an email like, [email protected] which is my organization email id and i want my application to send an email to the users using [email protected] as from address.

Hello, not sure to write it here, but I can't solve the problem by myself, so...
I used this docker image to run as single smtp server for web app via docker-compose.
Compose configuration:
smtp: image: namshi/smtp:latest networks: - nginx_ext_network environment: MAILNAME: 'mailer' restart: always ports: - "25:25"
But then the web app require to send an email, smtp server tries to do it, but fails.
I tried it multiple times. With different ports. With different emails. Nothing works.
Can you help me? Maybe some problem with my configuration? Or maybe you've seen this before?

Logs:
`

• sed -ri '
  s/^#?(dc_local_interfaces)=./\1='''[0.0.0.0]:25 ; [::0]:25'''/;
  s/^#?(dc_other_hostnames)=./\1=''''''/;
  s/^#?(dc_relay_nets)=./\1='''172.19.0.2/16'''/;
  s/^#?(dc_eximconfig_configtype)=./\1='''internet'''/;
  ' /etc/exim4/update-exim4.conf.conf
• update-exim4.conf -v
  using non-split configuration scheme from /etc/exim4/exim4.conf.template
  1 LOG: MAIN
  1 exim 4.89 daemon started: pid=1, -q15m, listening for SMTP on port 25 (IPv6 and IPv4)
  273 LOG: MAIN
  273 <= webmaster@localhost H=mailer_apache_1.mailer_nginx_ext_network (83d1331a44cb) [172.19.0.3] P=esmtp S=2162 id=156606357503.34.13723816267095054951@83d1331a44cb
  273 LOG: smtp_connection MAIN
  273 SMTP connection from mailer_apache_1.mailer_nginx_ext_network (83d1331a44cb) [172.19.0.3] closed by QUIT
  274 Exim version 4.89 uid=101 gid=101 pid=274 D=40001
  Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013)
  Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM DNSSEC Event OCSP PRDR SOCKS TCP_Fast_Open
  Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
  Authenticators: cram_md5 plaintext
  Routers: accept dnslookup ipliteral manualroute queryprogram redirect
  Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
  Fixed never_users: 0
  Configure owner: 0:0
  Size of off_t: 8
  274 delivering 1hz2fv-00004P-1K
  274 R: dnslookup for [email protected]
  275 T: remote_smtp for [email protected]
  275 Connecting to gmail-smtp-in.l.google.com [2a00:1450:4010:c08::1a]:25 ... failed: Cannot assign requested address
  275 LOG: MAIN
  275 H=gmail-smtp-in.l.google.com [2a00:1450:4010:c08::1a] Cannot assign requested address
  275 Connecting to gmail-smtp-in.l.google.com [64.233.165.27]:25 ... connected
  275 SMTP(close)>>
  275 LOG: MAIN
  275 H=gmail-smtp-in.l.google.com [64.233.165.27]: Remote host closed connection in response to initial connection
  275 Connecting to alt1.gmail-smtp-in.l.google.com [2404:6800:4008:c04::1a]:25 ... failed: Cannot assign requested address
  275 LOG: MAIN
  275 H=alt1.gmail-smtp-in.l.google.com [2404:6800:4008:c04::1a] Cannot assign requested address
  275 Connecting to alt1.gmail-smtp-in.l.google.com [74.125.204.27]:25 ... connected
  275 SMTP(close)>>
  275 LOG: MAIN
  275 H=alt1.gmail-smtp-in.l.google.com [74.125.204.27]: Remote host closed connection in response to initial connection
  275 Connecting to alt2.gmail-smtp-in.l.google.com [2607:f8b0:400e:c04::1b]:25 ... failed: Cannot assign requested address
  275 LOG: MAIN
  275 H=alt2.gmail-smtp-in.l.google.com [2607:f8b0:400e:c04::1b] Cannot assign requested address
  275 Connecting to alt3.gmail-smtp-in.l.google.com [2607:f8b0:4003:c09::1b]:25 ... failed: Cannot assign requested address
  275 LOG: MAIN
  275 H=alt3.gmail-smtp-in.l.google.com [2607:f8b0:4003:c09::1b] Cannot assign requested address
  275 Connecting to alt4.gmail-smtp-in.l.google.com [2607:f8b0:4001:c16::1b]:25 ... failed: Cannot assign requested address
  275 LOG: MAIN
  275 H=alt4.gmail-smtp-in.l.google.com [2607:f8b0:4001:c16::1b] Cannot assign requested address
  274 LOG: MAIN
  274 == [email protected] R=dnslookup T=remote_smtp defer (99): Cannot assign requested address H=alt1.gmail-smtp-in.l.google.com [74.125.204.27]
  276 LOG: MAIN
  276 <= webmaster@localhost H=mailer_apache_1.mailer_nginx_ext_network (83d1331a44cb) [172.19.0.3] P=esmtp S=2187 id=156606361852.33.3228996691969512605@83d1331a44cb
  276 LOG: smtp_connection MAIN
  276 SMTP connection from mailer_apache_1.mailer_nginx_ext_network (83d1331a44cb) [172.19.0.3] closed by QUIT
  277 Exim version 4.89 uid=101 gid=101 pid=277 D=40001
  Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013)
  Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM DNSSEC Event OCSP PRDR SOCKS TCP_Fast_Open
  Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
  Authenticators: cram_md5 plaintext
  Routers: accept dnslookup ipliteral manualroute queryprogram redirect
  Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
  Fixed never_users: 0
  Configure owner: 0:0
  Size of off_t: 8
  277 delivering 1hz2gc-00004S-H8
  277 R: dnslookup for [email protected]
  278 T: remote_smtp for [email protected]
  278 Connecting to mx.yandex.ru [2a02:6b8::89]:25 ... failed: Cannot assign requested address
  278 LOG: MAIN
  278 H=mx.yandex.ru [2a02:6b8::89] Cannot assign requested address
  278 Connecting to mx.yandex.ru [87.250.250.89]:25 ... connected
  278 SMTP(close)>>
  278 LOG: MAIN
  278 H=mx.yandex.ru [87.250.250.89]: Remote host closed connection in response to initial connection
  278 Connecting to mx.yandex.ru [213.180.193.89]:25 ... connected
  278 SMTP(close)>>
  278 LOG: MAIN
  278 H=mx.yandex.ru [213.180.193.89]: Remote host closed connection in response to initial connection
  278 Connecting to mx.yandex.ru [213.180.204.89]:25 ... connected
  278 SMTP(close)>>
  278 LOG: MAIN
  278 H=mx.yandex.ru [213.180.204.89]: Remote host closed connection in response to initial connection
  278 Connecting to mx.yandex.ru [77.88.21.89]:25 ... connected
  278 SMTP(close)>>
  278 LOG: MAIN
  278 H=mx.yandex.ru [77.88.21.89]: Remote host closed connection in response to initial connection
  277 LOG: MAIN
  277 == [email protected] R=dnslookup T=remote_smtp defer (-18) H=mx.yandex.ru [77.88.21.89]: Remote host closed connection in response to initial connection

`

I have the following problem.

Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM PRDR OCSP
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
  278 delivering 1gwqzr-00004T-MX
  278 R: dnslookup for [email protected]
  278 LOG: MAIN
  278   == [email protected] R=dnslookup defer (-1): host lookup did not complete
  341 LOG: MAIN
  341   <= [email protected] H=(z10.localdomain) [172.17.0.1] P=esmtp S=1031 id=201902211625.x1LGPGjL015425@zabbix10.us-east1-b.c.windy-marker-216605.internal
  341 LOG: smtp_connection MAIN
  341   SMTP connection from (z.localdomain) [172.17.0.1] closed by QUIT
  343 Exim version 4.84_2 uid=104 gid=109 pid=343 D=40001
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM PRDR OCSP
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
  343 delivering 1gwrA7-00005V-Tr
  343 R: dnslookup for [email protected]
  343 LOG: MAIN
  343   == [email protected] R=dnslookup defer (-1): host lookup did not complete
 

I executed the following commands

docker run -p 2587:25 namshi/smtp

Soon after I released port 2587 from my internal network so that my other server could see.

Then I executed the command below to check the problem.

docker exec -i -t fe6e205955e1 /bin/bash

I tried pinging out ... Ex: ping 8.8.8.8
He can not even drip ...

Should we do anything else to solve this problem?