Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Feb 13 21:42
    thecem commented #17
  • Feb 13 21:41
    thecem commented #17
  • Dec 23 2020 17:46
    hendrikzuellig commented #294
  • Dec 12 2020 20:16
    stale[bot] closed #418
  • Dec 04 2020 20:58
    stale[bot] labeled #418
  • Dec 04 2020 20:58
    stale[bot] commented #418
  • Oct 09 2020 13:00
    stale[bot] closed #405
  • Oct 02 2020 02:31
    stale[bot] labeled #405
  • Oct 02 2020 02:31
    stale[bot] commented #405
  • Aug 14 2020 20:19
    stale[bot] closed #237
  • Aug 12 2020 06:07
    fasheng commented #366
  • Aug 07 2020 19:25
    stale[bot] labeled #237
  • Aug 07 2020 19:25
    stale[bot] commented #237
  • Jul 08 2020 10:38
    stale[bot] closed #419
  • Jul 01 2020 08:10
    stale[bot] labeled #419
  • Jul 01 2020 08:10
    stale[bot] commented #419
  • Jun 22 2020 12:38
    stale[bot] closed #400
  • Jun 15 2020 12:11
    stale[bot] labeled #400
  • Jun 15 2020 12:11
    stale[bot] commented #400
  • Jun 04 2020 22:55
    AndrewSav commented #418
42aroger
@42aroger
you mean DISABLE_GREYLISTING=true ?
Andrew Savinykh
@AndrewSav
sorry, no idea
it should be in some doco either for postfix or for rspamd I figure...
42aroger
@42aroger

/etc/rspamd/override.d/actions.conf

reject = null;
Kuro
@dotKuro
Do you really need a dns entry with the ip 1.2.3.4?
Andrew Savinykh
@AndrewSav
some people do some people don't. It's similar to asking if you really need umbrella when raining ;)
Many people use it because it accomplishes what they need. If you don't need it then don't use it.
chrismrutherford
@chrismrutherford
Could someone tell me how to configure the postfix server to use an external SMTP relay.
Andrew Savinykh
@AndrewSav
@chrismrutherford there is not many people active here you probably will get more help in postix documentation and/or postfix related communities (if any)
Marco Aceti
@MarcoBuster
Hi! One question: which is the http port of rainloop? I'm using nginx-proxy
Andrew Savinykh
@AndrewSav
Don't remember offhand, but you should be able to look up in the docker-compose file pretty easily. @MarcoBuster
v
@vogelfreiheit
hi
are the containers running with least privilege? ex. no root unless absolutely necessary?
im considering migrating from mailu just for the sieve support
mailu has some minor issues still running certain parts of the system as root, despite not needing t. ex. rspamd
Andrew Savinykh
@AndrewSav
@vogelfreiheit unless you can qualify your question I'd suggest you read up on docker security in general. That is it is up to you how you run your containers. If this is mailserver specific question, then you need to clarify what exactly is running with which priveledge.
v
@vogelfreiheit
@AndrewSav ? docker security except for some cases is abysmal as containers effectively run uid=0, regardless of what capabilities might be dropped, the kernel ABI is exposed as-is, unlike with LXC, which is not panacea but still goes the extra mile by using namespaces and unpriv uid/gid mapping by default. the vast majority of docker containers i see, still run their entrypoints and processes as root
and yes it is very much mailserver specific. I asked which services are ran as root and what kind of approach is used to run the containers as non-root user/group, see linuxserver.io containers for an approach that does the same but implemented before docker actually had support for user/group arguments
maybe I need to name drop and mention where exactly my name is mentioned in the contributor list of the linux kernel... if that 'qualifies'. I know a thing or two about ABI exposure to containers since I wrote the ioctl permission model in the LSM framework, among other things...
i have multiple people asking about 'off the shelf' mail server solutions and would like to know the internals before recommending anything to them, or just telling them to roll their own postfix setup manually. they will learn more that way but these are folks with limited experience setting up MTAs.
Andrew Savinykh
@AndrewSav
@vogelfreiheit mailserver uses s6 as init process, most of the user processes, e.g postfix, dovecot, rspamd are running under their own accounts
These are the s6 services that it runs: https://github.com/hardware/mailserver/tree/master/rootfs/services you can see yourself there how this is set up
And thank you for clearing up what exactly you are after ;)
v
@vogelfreiheit
I'm happy to help in any way I can, ftr
@AndrewSav looking at it now
I wonder how much you could lockdown with seccomp too, if at all
it makes sense for small things only
note that docker's support for apparmor is super wonky, so i would not bother with that :-)
v
@vogelfreiheit
@AndrewSav i might test an instance to work with using real data from an actual install i had with mailu, are standard gz maildirs supported or you suggest setting up a temporary server somewhere else and imapsync'ing the two?
romprod
@romprod
Hi, is it possible to deploy this on a Raspberry Pi?
v
@vogelfreiheit
anyone integrated mailing list solutions with mailserver?
probs not mailman as it is ancient at this point
Izzz31
@Izzz31
Hi, I'd like to know how to backup data properly and how to migrate the installation on a new server.
Andrew Savinykh
@AndrewSav
Backing up / moving the volumes should do it
Brett
@brettinternet
Does mail.domain.tld have to point to the traefik container , or is the point to just direct the mail subdomain to the server in some capacity?
D347HxD
@D347HxD
Hi there, new to this stuff. I have a reverse proxy server that I already use that all my external connections go through (how I serve websites on 80 and 443) that forwards the request to the specific vm the domain/hostname entered was. I personally use NGINX. How would I deal with this integrating these containers into this? normally I proxypass to the servername:port I specified in the container would it be the pretty much the same here? direect the domains mail. , spam. etc to the container's serverip:80 ?
n9net
@n9net
Hi! Is it possible to increase message size limit, for example, to 100MB both in Postfix and Rainloop?
Andrew Savinykh
@AndrewSav
@brettinternet as I understand traefik container is not mandatory in that setup, so it's up to you
@D347HxD if you talking about web ui then yes, but then you also have the rest of protocols to deal with, e.g imap, smtp, pop, and optionally sieve, etc
@n9net from what I remember postfix does not care, in rainloop there is a setting to do that you need to google it. there is also a php setting to go with that
jordanamr
@jordanamr
Hello, do you know how can I allow an account (like admin@mydomain?tld) to send an email as any other user?
Guillaume
@subkryl
hi, what is the best way/place to override postfix configuration with docker env vars ? Do I need to use a volume and edit main.cf, etc... ? I have to add an external relay MTA to relay my emails.
Do you already have something for that ?
Bong Aquino
@bongaquino_gitlab
Hello guys!
Ian Sim
@iansim
hello
philipleit
@philipleit

Hi,

Where do you have your mailserver hosted? i have tried to have them on OVH and Digital Ocean. but my email for hotmail and gmail ends in SPAM? MY PTR record is correct, and i have configure SPF, DKIM and DMARC, there are all passed when i come to ex. Gmail. but still ends in spam? The IP adresses i get assigned from OVH and Digital Ocean are not presented on any blacklist? I'm not sure how Google or Microsoft handle spam, but my last thought was my mail volumes wasnt high enough or it could be the hole range there are "Blacklisted" ??

Enjoy Wallpapers
@enjoywallpapers_twitter
Hello guys, is there a quick and easy way to whitelist a sender "x@y.com" so that it's never treated as spam from the rspamd webgui?
42aroger
@42aroger
@philipleit I have the same problem but only with Microsoft, I contacted them, joined JMRP,SDNS, added unsubscribe header and my datacenter send them a email confirming the date where the IP was assigned to my server. Nothing changed, still ending in spam even if I whitelist the sender...
Microsoft is not replying to my ticket since many days.