Updates README.md and adds example configuration files

.gitignore

@@ -0,0 +1,5 @@
+docker-compose.yml
+./config/mailname
+./config/main.cf
+./config/relay_recipients
+./config/dh_2048.pem

README.md

@@ -7,11 +7,19 @@ Prebuild images can be found at this [Dockerhub repository](https://hub.docker.c
 
 
 ## Quickstart
-After installing [Docker](https://docs.docker.com/get-docker/), just run the following command to start your Postfix instance:
+After installing [Docker](https://docs.docker.com/get-docker/), just run the following steps:
+
+* Copy `docker-compose.yml.example` to `docker-compose.yml`.
+* Create your config files: `./config/main.cf`, `./config/relay_recipients`, `./config/dh_2048.pem`, `./config/mailname`, and `$ touch ./data/postfix.log`
+    * You can use the provided example files to get started.
+* Update the file `docker-compose.yml` and set your values.
+* Run the following command to start your Postfix instance:
 ```
 $ docker-compose up -d
 ```
 
+The compose file also starts a container for publishing metrics using [this Docker image](https://github.com/maxkratz/postfix_exporter).
+
 
 ## Dockerfile
 The Dockerfile can be found at the [Github repository](https://github.com/maxkratz/docker_postfix).

config/mailname.example

@@ -0,0 +1 @@
+mx2.example.com

config/main.cf.example

@@ -0,0 +1,108 @@
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+
+
+# Debian specific:  Specifying a file name will cause the first
+# line of that file to be used as the name.  The Debian default
+# is /etc/mailname.
+#myorigin = /etc/mailname
+
+smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
+# fresh installs.
+compatibility_level = 2
+
+
+#
+# TLS parameters
+#
+# New new certificates
+smtpd_tls_cert_file=/certs/fullchain.pem
+smtpd_tls_key_file=/certs/key.pem
+smtpd_use_tls=yes
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+#
+# TLS new stuff
+#
+# Activates encrypted sending if reciever allows encryption
+#smtpd_tls_security_level = may
+#smtpd_tls_protocols = !SSLv2, !SSLv3 !TLSv1
+#smtpd_tls_loglevel = 1
+
+# TLS supported cipherlist
+tls_high_cipherlist = !aNULL:!eNULL:!CAMELLIA:HIGH:@STRENGTH
+# Prefer the servers order of ciphers over clients
+tls_preempt_cipherlist = yes
+# EDH-Parameter 
+smtpd_tls_dh1024_param_file = /etc/postfix/dh_2048.pem
+# No SSL compression
+tls_ssl_options = NO_COMPRESSION
+
+# Sending stuff
+# TLS protocols accepted by Postfix (Outgoing)
+smtp_tls_protocols = !SSLv2, !SSLv3
+smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
+# TLS supported ciphers (Outgoing)
+smtp_tls_ciphers = high
+smtp_tls_mandatory_ciphers = high
+# Uses TLS if this is supported by the receiving SMTP server
+smtp_tls_security_level = may
+# Enable additional Postfix SMTP server logging of TLS activity
+smtp_tls_loglevel = 1
+
+# Receiving stuff
+# TLS protocols accepted by Postfix (Incoming)
+smtpd_tls_protocols = !SSLv2, !SSLv3
+smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
+# TLS supported ciphers (Incoming)
+smtpd_tls_ciphers = high
+smtpd_tls_mandatory_ciphers = high
+# Uses TLS if this is supported by the sending SMTP server, otherwise use plaintext
+smtpd_tls_security_level = may
+# Enable additional Postfix SMTP server logging of TLS activity
+smtpd_tls_loglevel = 1
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
+smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
+# Hostname of this server
+myhostname = mx2.example.com
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = /etc/mailname
+# Destinations
+mydestination = $myhostname, localhost, ,
+# No relay host
+relayhost =
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = all
+inet_protocols = all
+
+#
+# Mail relaying and stuff
+#
+# Relay for which domains?
+relay_domains = example.com,
+
+# Queue lifetime: How long to wait before bounce a mail?
+maximal_queue_lifetime = 14d
+
+# Recipient map: Whitelist domains and mail addresses
+relay_recipient_maps = hash:/etc/postfix/relay_recipients
+
+# Container log file
+maillog_file = /var/log/postfix.log

config/relay_recipients.example

@@ -0,0 +1 @@
+@example.com    OK

docker-compose.yml.example

@@ -0,0 +1,36 @@
+version: "2.3"
+services:
+
+  postfix:
+    image: maxkratz/postfix:latest
+    volumes:
+      # Main configuration file
+      - ./config/main.cf:/etc/postfix/main.cf:ro
+      # Relay recipient list
+      - ./config/relay_recipients:/etc/postfix/relay_recipients:ro
+      # DH parameters
+      - ./config/dh_2048.pem:/etc/postfix/dh_2048.pem:ro
+      # Mailname, e.g., mx2.example.com
+      - ./config/mailname:/etc/mailname:ro
+      # Log file for persistent logs
+      - ./data/postfix.log:/var/log/postfix.log
+      # Certificate(s) for TLS/SSL
+      - /<your-certificate-path>:/certs:ro
+      # Shared spool volume
+      - spool:/var/spool/postfix
+    network_mode: host
+    restart: unless-stopped
+
+  postfix-exporter:
+    image: maxkratz/postfix_exporter:latest
+    # Mount spool and logfiles as read only to container
+    volumes:
+      - spool:/var/spool/postfix:ro
+      - ./data/postfix.log:/var/log/mail.log:ro
+    # Map ports to host 
+    ports:
+      - 9154:9154
+    restart: unless-stopped
+
+volumes:
+  spool: