Skip to content

Commit 2e16462

Browse files
wb7maxking
wb7
and
maxking
authored
Add TLS options for SMTP (#693)
* added smtp security settings for mta * Update README.md for mailman-core * change default values according to mailman docs * added smtp options to README --------- Co-authored-by: Abhilash Raj <maxking@users.noreply.github.com>
1 parent 301aa1f commit 2e16462

File tree

3 files changed

+26
-0
lines changed

3 files changed

+26
-0
lines changed

README.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -214,6 +214,9 @@ These are the variables that you MUST change in your docker-compose.yaml before
214214
- `SMTP_PORT` : use this port. 25, 587, whatever your host asks for.
215215
- `SMTP_HOST_USER`: authenticate this user
216216
- `SMTP_HOST_PASSWORD`: and use this password
217+
- `SMTP_SECURE_MODE`: security mode for smtp connection - can be `smtp` (no encryption), `smtps` or `starttls`
218+
- `SMTP_VERIFY_HOSTNAME`: defaults to `true` - verify, that certificate hostname is identical to `SMTP_HOST`
219+
- `SMTP_VERIFY_CERT`: defaults to `true` - verify, that certificate is valid
217220

218221
For more details on how to configure this image, please look [Mailman-core's
219222
Readme](core/)

core/README.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,8 @@ standard version of docker-compose.yaml from this repository.
6060

6161
- `SMTP_PORT`: Port used for SMTP. Default is `25`.
6262

63+
- `SMTP_SECURE_MODE`: Security mode (encryption) used for SMTP. Default is `smtp`. Can also be `starttls` or `smtps`.
64+
6365
- `HYPERKITTY_URL`: Default value is `http://mailman-web:8000/hyperkitty`
6466

6567
In case of a need for fine tuning of REST API web-server that uses [Gunicorn](https://docs.gunicorn.org/en/stable/settings.html) (e.g. for raising of timeouts) `/opt/mailman/core/gunicorn-extra.cfg` file could be provided holding necessary configuration options.
@@ -106,6 +108,9 @@ lmtp_host: $MM_HOSTNAME
106108
lmtp_port: 8024
107109
smtp_host: $SMTP_HOST
108110
smtp_port: $SMTP_PORT
111+
smtp_secure_mode: $SMTP_SECURE_MODE
112+
smtp_verify_hostname: $SMTP_VERIFY_HOSTNAME
113+
smtp_verify_cert: $SMTP_VERIFY_CERT
109114
configuration: python:mailman.config.exim4
110115
111116
[runner.retry]

core/docker-entrypoint.sh

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,18 @@ if [[ ! -v SMTP_PORT ]]; then
4343
export SMTP_PORT=25
4444
fi
4545

46+
if [[ ! -v SMTP_SECURE_MODE ]]; then
47+
export SMTP_SECURE_MODE="smtp"
48+
fi
49+
50+
if [[ ! -v SMTP_VERIFY_HOSTNAME ]]; then
51+
export SMTP_VERIFY_HOSTNAME="true"
52+
fi
53+
54+
if [[ ! -v SMTP_VERIFY_CERT ]]; then
55+
export SMTP_VERIFY_CERT="true"
56+
fi
57+
4658
# Check if REST port, username, and password are set, if not, set them
4759
# to default values.
4860
if [[ ! -v MAILMAN_REST_PORT ]]; then
@@ -144,6 +156,9 @@ smtp_host: $SMTP_HOST
144156
smtp_port: $SMTP_PORT
145157
smtp_user: $SMTP_HOST_USER
146158
smtp_pass: $SMTP_HOST_PASSWORD
159+
smtp_secure_mode: $SMTP_SECURE_MODE
160+
smtp_verify_hostname: $SMTP_VERIFY_HOSTNAME
161+
smtp_verify_cert: $SMTP_VERIFY_CERT
147162
configuration: python:mailman.config.exim4
148163
149164
EOF
@@ -167,6 +182,9 @@ smtp_host: $SMTP_HOST
167182
smtp_port: $SMTP_PORT
168183
smtp_user: $SMTP_HOST_USER
169184
smtp_pass: $SMTP_HOST_PASSWORD
185+
smtp_secure_mode: $SMTP_SECURE_MODE
186+
smtp_verify_hostname: $SMTP_VERIFY_HOSTNAME
187+
smtp_verify_cert: $SMTP_VERIFY_CERT
170188
configuration: /etc/postfix-mailman.cfg
171189
172190
EOF

0 commit comments

Comments
 (0)