Add relay support

Dockerfile

@@ -6,14 +6,22 @@ FROM alpine
 # Change to http respositories, so they we can cache the install packages
 RUN if [ -n ${HTTP_PROXY} ] ; then sed -ie s'/https/http/' /etc/apk/repositories; fi
 
-RUN apk add shadow && useradd -rc "HUB Mail Relay" -M relay -NG mail -s /sbin/nologin && echo relay:SmTpR3l2Y | chpasswd
-
-RUN apk add --no-cache postfix opendkim opendkim-utils \
-  && gpasswd -a postfix opendkim
+RUN apk add --no-cache postfix cyrus-sasl opendkim opendkim-utils
 
 # Config postfix
-RUN sed -ie 's%#mynetworks = hash:/etc/postfix/network_table%mynetworks = /etc/opendkim/signing/TrustedHosts%' /etc/postfix/main.cf \
-  && echo -n 'bWVzc2FnZV9zaXplX2xpbWl0ID0gMjU2MDAwMDAKcXVldWVfbWluZnJlZSA9IDUxMjAwMDAwCg=='|base64 -d >> /etc/postfix/main.cf
+RUN sed -ie 's%^#mynetworks = hash:/etc/postfix/network_table%mynetworks = /etc/opendkim/signing/TrustedHosts%' /etc/postfix/main.cf \
+  && sed -ie 's%^#relay_domains = %relay_domains = lmdb:/etc/postfix/custom/transport%' /etc/postfix/main.cf \
+  && echo 'transport_maps = lmdb:/etc/postfix/custom/transport' >> /etc/postfix/main.cf \
+  && echo -n 'bWVzc2FnZV9zaXplX2xpbWl0ID0gMjU2MDAwMDAKcXVldWVfbWluZnJlZSA9IDUxMjAwMDAwCg=='|base64 -d >> /etc/postfix/main.cf \
+  && echo -n 'c210cF9zYXNsX2F1dGhfZW5hYmxlID0geWVzCnNtdHBfdGxzX3NlY3VyaXR5X2xldmVsID0gZW5j\
+cnlwdApzbXRwX3Nhc2xfcGFzc3dvcmRfbWFwcyA9IGxtZGI6L2V0Yy9wb3N0Zml4L2N1c3RvbS9z\
+YXNsX3Bhc3N3ZApzbXRwX3Nhc2xfc2VjdXJpdHlfb3B0aW9ucyA9CnNtdHBfdGxzX0NBZmlsZSA9\
+IC9ldGMvc3NsL2NlcnRzL2NhLWNlcnRpZmljYXRlcy5jcnQKc210cF91c2VfdGxzID0geWVzCiNy\
+ZWxheWhvc3QgPSAvZXRjL3Bvc3RmaXgvY3VzdG9tL3JlbGF5X2hvc3QK'|base64 -d >> /etc/postfix/main.cf
+
+COPY smtpd.conf /etc/sasl2/
+RUN apk add shadow && useradd -rc "HUB Mail Relay" -M relay -NG mail -s /sbin/nologin && echo relay:SmTpR3l2Y | chpasswd \
+  && gpasswd -a postfix opendkim
 
 # Enable DKIM
 RUN mkdir /run/opendkim \
@@ -27,12 +35,13 @@ b2wvcG9zdGZpeCBjaHJvb3QuCnNtdHBkX21pbHRlcnMgPSBpbmV0OjEyNy4wLjAuMTo4ODkxCiMg\
 U2VuZCBtYWlsIHRoYXQgZG9lc24ndCBhcnJpdmUgZnJvbSB0aGUgbmV0d29yayB0aHJvdWdoIHRo\
 ZSBzYW1lIG1pbHRlcgojIGFzIG91dGJvdW5kIG1haWwuCm5vbl9zbXRwZF9taWx0ZXJzID0gJHNt\
 dHBkX21pbHRlcnMK' |base64 -d >> /etc/postfix/main.cf
-COPY opendkim.conf /etc/opendkim
-
-VOLUME ["/var/spool/postfix"]
-EXPOSE 25
+COPY opendkim.conf /etc/opendkim/
+COPY signing /etc/opendkim/signing/
 
 COPY init /sbin/
 
+VOLUME ["/var/spool/postfix","/etc/postfix/custom"]
+EXPOSE 25
+
 # Starting
 ENTRYPOINT [ "/sbin/init" ]

init

@@ -17,8 +17,12 @@ if [ -z "$@" ]; then
 		exit 1
 	fi
 
-	#/usr/sbin/saslauthd -m /run/saslauthd -a pam
-	#cd /etc/mail && make && make && exec /usr/sbin/sendmail -q1h -bD &
+	touch /etc/postfix/custom/relay_host
+	touch /etc/postfix/custom/sasl_passwd
+	postmap -o lmdb:/etc/postfix/custom/sasl_passwd
+	touch /etc/postfix/custom/transport
+	postmap -o lmdb:/etc/postfix/custom/transport
+	/usr/sbin/saslauthd -m /run/saslauthd -ca shadow
 	newaliases
 	postfix start
 	/usr/sbin/opendkim -P /run/opendkim.pid -u opendkim -f

smtp_relay_auth.cf

@@ -0,0 +1,7 @@
+smtp_sasl_auth_enable = yes
+smtp_tls_security_level = encrypt
+smtp_sasl_password_maps = lmdb:/etc/postfix/custom/sasl_passwd
+smtp_sasl_security_options =
+smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+smtp_use_tls = yes
+#relayhost = /etc/postfix/custom/relay_host

smtpd.conf

@@ -0,0 +1,3 @@
+/etc/sasl2/smtpd.conf:
+    pwcheck_method: saslauthd
+    mech_list: PLAIN LOGIN