Dovecot lmtp local delivery agent now listening on tcp via its container eth0 interface

267d60fe · Roma · Rémy Huet · 680e107b · 267d60fe · 267d60fe
Unverified Commit 267d60fe authored 6 years ago by Roma Committed by Rémy Huet 6 years ago
--- a/pica-mail-mda/Dockerfile
+++ b/pica-mail-mda/Dockerfile
@@ -13,10 +13,9 @@ RUN apt-get update -y \


 #configuration de dovecot
-#nom de domaine des courriers dont on est à l'origine (pour s'en réserver l'exclusivité)
-#ENV MY_DOMAIN picasoft.net
-
+#adresse ip locale du lda (serveur qui réceptionne les courriers de fin de chaîne de postfix)

+COPY ./dovecot-conf/10-master.conf /etc/dovecot/conf.d/10-master.conf
 COPY entrypoint.sh /

 ENTRYPOINT ["/entrypoint.sh"]
--- a/pica-mail-mda/dovecot-conf/10-master.conf
+++ b/pica-mail-mda/dovecot-conf/10-master.conf
+#dovecot 10-master.conf default file modified in order to allow lmtp connections via tcp/ip
+#all Pica alterations are commented with a #pica label
+
+#default_process_limit = 100
+#default_client_limit = 1000
+
+# Default VSZ (virtual memory size) limit for service processes. This is mainly
+# intended to catch and kill processes that leak memory before they eat up
+# everything.
+#default_vsz_limit = 256M
+
+# Login user is internally used by login processes. This is the most untrusted
+# user in Dovecot system. It shouldn't have access to anything at all.
+#default_login_user = dovenull
+
+# Internal user is used by unprivileged processes. It should be separate from
+# login user, so that login processes can't disturb other processes.
+#default_internal_user = dovecot
+
+service imap-login {
+  inet_listener imap {
+    #port = 143
+  }
+  inet_listener imaps {
+    #port = 993
+    #ssl = yes
+  }
+
+  # Number of connections to handle before starting a new process. Typically
+  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
+  # is faster. <doc/wiki/LoginProcess.txt>
+  #service_count = 1
+
+  # Number of processes to always keep waiting for more connections.
+  #process_min_avail = 0
+
+  # If you set service_count=0, you probably need to grow this.
+  #vsz_limit = $default_vsz_limit
+}
+
+service pop3-login {
+  inet_listener pop3 {
+    #port = 110
+  }
+  inet_listener pop3s {
+    #port = 995
+    #ssl = yes
+  }
+}
+
+#pica
+#service lmtp {
+#  unix_listener lmtp {
+#    #mode = 0666
+#  }
+#
+#  # Create inet listener only if you can't use the above UNIX socket
+#  #inet_listener lmtp {
+#    # Avoid making LMTP visible for the entire internet
+#    #address =
+#    #port =
+#  #}
+#}
+
+#pica: lmtp (local delivery agent) via tcp, in order to allow connections from hosts on local network (i.e. VMs on Alice & Bob)
+#a config block like this will be added at compilation:
+#service lmtp {
+#  inet_listener lmtp {
+#    address = 192.168.0.24 127.0.0.1 ::1
+#    port = 24
+#  }
+#}
+
+service imap {
+  # Most of the memory goes to mmap()ing files. You may need to increase this
+  # limit if you have huge mailboxes.
+  #vsz_limit = $default_vsz_limit
+
+  # Max. number of IMAP processes (connections)
+  #process_limit = 1024
+}
+
+#pica : no pop
+#service pop3 {
+#  # Max. number of POP3 processes (connections)
+#  #process_limit = 1024
+#}
+
+service auth {
+  # auth_socket_path points to this userdb socket by default. It's typically
+  # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
+  # full permissions to this socket are able to get a list of all usernames and
+  # get the results of everyone's userdb lookups.
+  #
+  # The default 0666 mode allows anyone to connect to the socket, but the
+  # userdb lookups will succeed only if the userdb returns an "uid" field that
+  # matches the caller process's UID. Also if caller's uid or gid matches the
+  # socket's uid or gid the lookup succeeds. Anything else causes a failure.
+  #
+  # To give the caller full permissions to lookup all users, set the mode to
+  # something else than 0666 and Dovecot lets the kernel enforce the
+  # permissions (e.g. 0777 allows everyone full permissions).
+  unix_listener auth-userdb {
+    #mode = 0666
+    #user =
+    #group =
+  }
+
+  # Postfix smtp-auth
+  #unix_listener /var/spool/postfix/private/auth {
+  #  mode = 0666
+  #}
+
+  # Auth process is run as this user.
+  #user = $default_internal_user
+}
+
+service auth-worker {
+  # Auth worker process is run as root by default, so that it can access
+  # /etc/shadow. If this isn't necessary, the user should be changed to
+  # $default_internal_user.
+  #user = root
+}
+
+service dict {
+  # If dict proxy is used, mail processes should have access to its socket.
+  # For example: mode=0660, group=vmail and global mail_access_groups=vmail
+  unix_listener dict {
+    #mode = 0600
+    #user =
+    #group =
+  }
+}
--- a/pica-mail-mda/entrypoint.sh
+++ b/pica-mail-mda/entrypoint.sh
 #!/bin/bash
+
+#protocoles supportés par le mda
+#lmtp est le protocole permettant de faire du lda
+cat <<EOF > /etc/dovecot/dovecot.conf
+protocols = imap lmtp
+EOF
+
+#on enlève la communication lmtp en socket unix...
+#il faut récupérer l'adresse IP par laquelle le conteneur communique avec son hôte
+ip address show eth0 | grep inet | cut -b 10-19
+ETH0_ADRESS=$(ip address show eth0 | grep inet | cut -b 10-19)
+
+CAT <<EOF > /etc/dovecot/conf.d/10-master.conf
+pica: lmtp (local delivery agent) via tcp, in order to allow connections from hosts on local network (i.e. VMs on Alice & Bob)
+a config block like this will be added at compilation:
+service lmtp {
+ inet_listener lmtp {
+   address = ${ETH0_ADRESS} 127.0.0.1 ::1
+   port = 24
+ }
+}
+EOF