Docker Mailserver (Email) - SASL

by
Jeremy Canfield |
Updated: November 20 2022
| Docker Mailserver (Email) articles
This assumes you have installed Docker mailserver.
Issue the following command to create email accounts, replacing the /usr/local/docker/mailserver/config volume on the Docker system with whatever directory you are using on your Docker system for the /tmp/docker-mailserver mount.
sudo docker run --rm --volume "/usr/local/docker/mailserver/config/:/tmp/docker-mailserver/" mailserver/docker-mailserver setup add-auth <domain> <username> <password>
For example, something like this.
sudo docker run --rm --volume "/usr/local/docker/mailserver/config/:/tmp/docker-mailserver/" mailserver/docker-mailserver setup add-auth example.com john.doe itsasecret
This will append a line like this into the /tmp/docker-mailserver/postfix-sasl-password.cf file in the container.
~]$ sudo docker exec mailserver cat /tmp/docker-mailserver/postfix-accounts.cf
john.doe@example.com|{SHA512-CRYPT}$6$ONwCfCL3nHyuxJha$Qsmfmfd1ixgVAJg4GwoV5IlapLMQ5AhT49fk8dn08Yh63wze3W0Mp3Fq0qlwBB8nERnw.NZu5Bvu/VUfkFMs.
The postconf command with the -n (non-default parameters) flag can be used to display the SASL settings.
~]$ sudo docker exec mailserver postconf -n | grep -i sasl
broken_sasl_auth_clients = yes
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policyd-spf, reject_unauth_pipelining, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_recipient_domain, check_policy_service inet:localhost:65265, check_policy_service inet:127.0.0.1:10023
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain, reject_unknown_client_hostname
Did you find this article helpful?
If so, consider buying me a coffee over at