Z
zoomba

Zzoomba · Jun 16, 2024

heavygale Any ideas where that hostname variable is being read from? Could I set it somewhere in the config, and then create a script that would update the quarantine.tpl after every update?

heavygale ~~Any ideas where that hostname variable is being read from? Could I set it somewhere in the config, and then create a script that would update the quarantine.tpl after every update?~~

I’ll just do this after every update: sed -i "s|https://{{ hostname }}|https://mailcow.dmz.arpa|" data/assets/templates/quarantine.tpl

I suppose all I need to do then is recreate the dovecot, php-fpm and nginx containers.

Zzoomba · Jun 16, 2024

heavygale Grave digging here, but is there a way to change the domain that is in the Quarantine mails?

I do not expose the UI externally as I want to use a separate domain for it, and well, the main domain points directly to the mailcow instance IP, while the secondary domain I want to use (and the one I want in the emails) points to a reverse proxy IP in front of mailcow.

Would be ideal if I could set that second domain in ADDITIONAL_SAN, but I just need a way of changing what gets sent out in the quarantine emails.

Zzoomba · Nov 18, 2021

This seems to already be enabled, my bad

Zzoomba · Nov 18, 2021

Hi,

Does anyone know how to enable unauthenticated mail from local IP addresses? I feel it is too complicated to create an account for every service that might use mail on the local network… eg. nextcloud@domain.tld, bitwarden@domain.tld etc…

Zzoomba · Nov 18, 2021

Reading/Sending mail from the CLI?

mailcow communityDiscussion

Reading/Sending mail from the CLI?

Z zoomba

Hello, I’m trying to make an email availability script which made me wonder is CLI reading/sending available without extensive modification of the containers? Open to any CLI mail recommendations, even accessing the mailcow container stack from the docker host.

3 1 Oct 17, 2021

Zzoomba · Oct 22, 2021

If your mail server is resolvable by your dns, which it probably will be, this will only send the mail internally, but my reasoning is that if I can receive mail internally, I should be able to receive it from external sources, unless my internet is down, which I’m pretty sure I’d notice.

Zzoomba · Oct 22, 2021

This is the solution i made:

mail-test.sh resides in the dovecot container via a bind mount, and awaits to be called by mail-deliverability.sh

Add the following line to your docker-compose.yml :

...snip...
volumes:
   - ./helper-scripts/mail-test.sh:/root/mail-test.sh:ro
...snip...

Add the following line to your crontab file (Runs every 3 hours):
0 */3 * * * <MAILCOW DIR>/helper-scripts/mail-deliverability.sh

Save the scripts to your helper-scripts dir in the mailcow folder.

mail-deliverability.sh >

#!/usr/bin/env bash

mailcow_dir="<MAILCOW DIR>/helper-scripts"
verify_uuid="/tmp/verify_uuid"
mail_format="+%y/%m/%d_%H:%M:%S::"
dovecot_c="<DOVECOT CONTAINER NAME>" # eg. mailcow_dovecot
domain="<YOUR DOMAIN>"
password="<TEST USER PASSWORD>"

echo "[*] Generating verification uuid in $verify_uuid..."
if cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20 > $verify_uuid; then

    uuid=$(cat $verify_uuid)
    echo "[+] Verify uuid [1/2] - $uuid"
    if docker cp $verify_uuid $dovecot_c:/root/; then

        echo "[*] Sending test mail..."
        if curl -s --ssl-reqd --mail-from "test@$domain" \
            --mail-rcpt "test@$domain" -T - \
            --url "smtps://mail.$domain:465" \
            --user "test@$domain:$password" \
            <<< "$(date $mail_format) :: $uuid"; then

            echo "[*] Sleeping 15 seconds..."
            sleep 15

            echo "[*] Checking if mail has been delivered..."
            echo
            if ! docker exec $dovecot_c /root/mail-test.sh; then
                echo "[-] Unable to check if mail was delivered!"
            fi
        else
            echo "[-] Test mail was not sent!"
            exit 1
        fi

        rm $verify_uuid
    else
        echo "[-] Unable to copy verification uuid to $dovecot_c!"
        exit 1
    fi

else
    echo "[-] Couldn't generate verification string at $verify_uuid!"
    exit 1
fi

mail-test.sh >

#!/usr/bin/env bash

domain=<YOUR DOMAIN>
maildir="/var/vmail/$domain/test/Maildir/new"
latestMail=$(ls -Art $maildir | tail -n 1)
testfile="/root/test"
verify_uuid="/root/verify_uuid"
delete_older_than="8w"

if [ -s "$maildir"/"$latestMail" ]; then
    cp "$maildir"/"$latestMail" $testfile

    if [[ $(head -c7 "$testfile") == "CRYPTED" ]]; then
        echo "[+] Expunging mail older than $delete_older_than..."
        echo
        if ! doveadm expunge -u test@$domain mailbox '*' before $delete_older_than; then
            echo "[-] Unable to expunge old mail!"
        fi

        echo "[+] Found latest message, decrypting..."
        echo
        if doveadm fs get compress lz4:1:crypt:private_key_path=/mail_crypt/ecprivkey.pem:public_key_path=/mail_crypt/ecpubkey.pem:posix:prefix=/ "$testfile" > "$testfile".dec; then
            echo "========== BEGIN MESSAGE =========="
            cat "$testfile.dec"
            echo "========== END MESSAGE =========="
            echo
        else
            echo "[-] Unable to decrypt latest message!"
            exit 1
        fi
    fi

    uuid=$(cat $verify_uuid)
    echo "[+] Verify uuid [2/2] - $uuid"
    echo
    if grep -q "$uuid" "$testfile".dec; then
        echo "[+] E-mail is up and running."
        ret=0
    else
        echo "[-] Message uuid verification failed!"
        ret=1
    fi

    rm "$verify_uuid"
    rm "$testfile"
    rm "$testfile".dec
    exit $ret

else
    echo "[-] Latest mail not found!"
    exit 1
fi

Zzoomba · Oct 17, 2021

Hello,

I’m trying to make an email availability script which made me wonder is CLI reading/sending available without extensive modification of the containers?

Open to any CLI mail recommendations, even accessing the mailcow container stack from the docker host.

Zzoomba · Oct 17, 2021

MAGIC Gotcha, thanks!

Zzoomba · Oct 4, 2021

Hi,

So I’ve got the mailcow server up and was wondering, does my certificate need to have domain.tld in it’s dns entries? Meaning will the mailserver suffice with a mail.domain.tld cert if I don’t use webmail, or do I need to keep both entries in the certificate?

Zzoomba · Sep 30, 2021

Hi,

I’m setting up health checks for all my containers, and I figured it would be a good idea to have a mail deliverability checks. An idea was to have a script send an email from the cli, over the internet, and wait for it to be delivered, confirming that email is working.

Do we have any made solutions for this? I tried the mail command from the docker container but it’s not installed. Just wanted to check with the community before I start blasting my container with additional software.

Zzoomba · Apr 26, 2021

Heyo,

I’m self hosting mailcow-dockerized on a home server.

I just realized that my cert expired today because there was no way for it to renew itself, since I’m running inside docker and the only ports that are open on my router are the mail ports, meaning there was no way for LE to work.

I’m guessing I should open port 80 on my router and forward it to the home server, but that doesn’t fully bridge the gap into the docker network.

Perhaps I could add a proxy host inside Nginx Proxy Manager, but I don’t know what port to point it to, does the acme container automatically bind to port 80 when requesting a cert or do I need to connect it to the “outside world” manually?

What else am I missing here?

Should I be looking into manually renewing outside docker and copying the certs into /opt/mailcow-dockerized/data/assets/ssl? Seems like an easier option as far as my knowledge level goes.

Here are the acme container logs: Mon Apr 26 20:58:48 CEST 2021 - Waiting for Docker API...Mon Apr 26 - Pastebin.com

Pastebin

Mon Apr 26 20:58:48 CEST 2021 - Waiting for Docker API...Mon Apr 26 - Pastebin.com

Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.