Version upgrade and other changes

.dockerignore

@@ -1,6 +1,2 @@
 .git
-.gitignore
-.gitattributes
 README.md
-emailrelay*.tar.gz
-emailrelay-*/

Dockerfile

@@ -1,31 +1,40 @@
-FROM alpine:latest
-LABEL maintainer="Aleksei Zhukov <[email protected]>"
-
-RUN echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \
- && apk add --no-cache libstdc++ openssl ca-certificates dumb-init swaks@testing perl-net-ssleay \
- && update-ca-certificates
-
-ARG DOWNLOAD_URL=https://downloads.sourceforge.net/project/emailrelay/emailrelay/1.9/emailrelay-1.9-src.tar.gz
-
-RUN apk add --no-cache --virtual .deps curl g++ make autoconf automake openssl-dev \
- && mkdir -p /tmp/build && cd /tmp/build \
- && curl -o emailrelay.tar.gz -L "${DOWNLOAD_URL}" \
- && tar xzf emailrelay.tar.gz \
- && cd emailrelay-1.9 \
- && ./configure --prefix=/usr --with-openssl \
- && make \
- && make install \
- && apk --no-cache del .deps \
- && cd / \
- && rm -rf /tmp/build /var/tmp/* /var/cache/apk/* /var/cache/distfiles/* \
- && mkdir -p /var/spool/emailrelay
-
-ENV PORT=587
+FROM alpine:3.10 as builder
+
+ARG DOWNLOAD_URL=https://downloads.sourceforge.net/project/emailrelay/emailrelay/2.1/emailrelay-2.1a-src.tar.gz
+
+RUN apk add --no-cache curl g++ make autoconf automake openssl-dev \
+    && mkdir -p /tmp/build && cd /tmp/build \
+    && curl -o emailrelay.tar.gz -L "${DOWNLOAD_URL}" \
+    && tar xzf emailrelay.tar.gz \
+    && cd emailrelay-* \
+    && ./configure --prefix=/app --with-openssl \
+    && make -j $(nproc --all) \
+    && make install
+
+FROM alpine:3.10
+MAINTAINER "Dogukan Cagatay <[email protected]>"
+
+ENV PORT="25" \
+    SWAKS_OPTS="" \
+    DEFAULT_OPTS="--no-daemon --no-syslog --log --log-time --remote-clients" \
+    SPOOL_DIR="/var/spool/emailrelay"
+
+RUN apk add --update --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing \
+    libstdc++ \
+    openssl \
+    ca-certificates \
+    dumb-init \
+    swaks \
+    bash \
+    perl-net-ssleay \
+    && rm -rf /var/tmp/* /var/cache/apk/* /var/cache/distfiles/* \
+    && mkdir -p "${SPOOL_DIR}"
+
 COPY run.sh /run.sh
+COPY --from=builder /app /app
 
 ENTRYPOINT ["/usr/bin/dumb-init", "--", "/run.sh"]
 CMD []
 
-ENV SWAKS_OPTS="-tls"
 HEALTHCHECK --interval=2m --timeout=5s \
-  CMD swaks -S -h localhost -s localhost:${PORT:-587} -q HELO ${SWAKS_OPTS} || exit 1
+    CMD swaks -S -h localhost -s localhost:${PORT} -q HELO ${SWAKS_OPTS} || exit 1

README.md

@@ -1,22 +1,75 @@
-Docker image for E-MailRelay
-============================
+# Docker image for E-MailRelay
+![MicroBadger Size](https://img.shields.io/microbadger/image-size/dcagatay/emailrelay)
+![MicroBadger Layers](https://img.shields.io/microbadger/layers/dcagatay/emailrelay)
+![Docker Pulls](https://img.shields.io/docker/pulls/dcagatay/emailrelay)
+![Docker Stars](https://img.shields.io/docker/stars/dcagatay/emailrelay)
 
-Usage example:
+Available Tags:
+- [2.1](https://github.com/dogukancagatay/docker-emailrelay/blob/2.1/Dockerfile), [latest](https://github.com/dogukancagatay/docker-emailrelay/blob/master/Dockerfile)
 
-    docker run --name emailrelay \
-      -v /etc/ssl/private/key_and_cert.pem:/etc/ssl/server.pem:ro \
-      drdaeman/emailrelay \
-      -D msa.example.com --immediate --forward-to mail.example.org:smtp \
-      --server-tls /etc/ssl/server.pem --client-tls
+Alpine based Docker image for E-MailRelay. You can read capabilities, configuration etc. of E-MailRelay on its [website](http://emailrelay.sourceforge.net).
 
-To get help, check emailrelay documentation or use:
+Container configuration is done via *environment variables* and *command line arguments*. Command line arguments are given directly to ``emailrelay`` executable.
 
-    docker run --rm drdaeman/emailrelay --help
+To see all command line options of ``emailrelay`` command:
 
-Note, the `--remote-clients --port $PORT` (and some more) options are
-passed automatically, so to change client port just redefine the `PORT`
-environment variable. The default port number is 587.
+```bash
+docker run --rm dcagatay/emailrelay --help --verbose
+```
 
-For a full control, run a full command starting with `emailrelay`, i.e.:
+## Usage
+Some usage examples are given in ``docker-compose.yml``.
 
-    docker run drdaeman/emailrelay emailrelay --help
+#### Example Usage with for Gmail SMTP Service
+Sample configuration for sending emails from your Gmail account.
+
+Add your credentials to ``client-auth.txt``.
+
+```
+client plain [email protected] gmail-or-app-password
+```
+
+Run the docker container
+```bash
+docker run --rm \
+-p "25:25" \
+-v "$PWD/client-auth.txt:/client-auth.txt" \
+dcagatay/emailrelay --forward-on-disconnect --forward-to smtp.gmail.com:587 --client-tls --client-auth=/client-auth.txt
+```
+
+## Environment Variables
+
+#### ``DEFAULT_OPTS``
+By default the following arguments are given on runtime. You can overwrite ``DEFAULT_OPTS`` environment variable to change or disable this behaviour.
+```
+--no-daemon --no-syslog --log --log-time --remote-clients
+```
+
+#### ``PORT``
+The port that E-MailRelay runs on. Default value is ``25``. If you did TLS configuration you need to set this variable to ``587`` or something else.
+
+#### ``SPOOL_DIR``
+Spool directory for E-MailRelay. No need to change. Default value: ``/var/spool/emailrelay``
+
+#### ``SWAKS_OPTS``
+This variable is used to give options to _swaks_, it is used on built-in health-check functionality. If you serve with TLS configuration you need to set this variable to ``-tls``. Default value: _empty-string_
+
+## Filter Scripts, Client/Server Authentication, and Others
+Inside ``config`` directory you will find sample files for usage with filter functionality, SMTP client authentication and relay server authentication.
+
+For any further configuration or details, refer to the [E-MailRelay documentation](http://emailrelay.sourceforge.net).
+
+## Testing
+You can test your configuration with _swaks_.
+```bash
+docker run --rm \
+  flowman/swaks \
+  echo "This is a test message." | swaks --to [email protected] --from [email protected] --server localhost --port 25
+```
+
+## Additions to ``drdaeman/docker-emailrelay``
+- E-MailRelay version upgrade.
+- Multi stage build for quicker builds.
+- ``bash`` shell in included for further scripting.
+- Default TLS configuration is changed to insecure configuration.
+- Sample files for advanced configuration.

config/client-auth.txt

@@ -0,0 +1,9 @@
+#
+# emailrelay secrets file
+#
+# Format: client plain user password
+#
+# Plain password should be in xtext encoded format (defined in RFC-1891) (space should be as +20, + as +2B, ## as +23, = as +3D)
+# http://emailrelay.sourceforge.net/index.html#reference_md_Authentication
+#
+#client plain user password

config/filter.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+#############################################################################
+CONTENT_FILE="${1}"
+ENVELOPE_FILE="${2}"
+
+FROM="`awk '/X-MailRelay-From:/ {print $2;exit}' \"${ENVELOPE_FILE}\"`"
+TO="`awk '/X-MailRelay-To-Remote:/ {print $2;exit}' \"${ENVELOPE_FILE}\"`"
+CLIENT_IP="`awk '/MailRelay-Client:/ {print $2;exit}' \"${ENVELOPE_FILE}\"`"
+#############################################################################
+
+
+BLOCKED_FROM_EMAIL="[email protected] [email protected] [email protected]"
+
+for BLOCKED_EMAIL in $BLOCKED_FROM_EMAIL
+do
+  if [[ $FROM =~ $BLOCKED_EMAIL ]]; then
+    echo "<<You cannot send e-mail from address: $BLOCKED_EMAIL >>"
+    exit 1  # <= cancel further processing by emailrelay (send error code)
+    # exit 100  # <= cancel further processing by emailrelay (forget email, silent rejection)
+  fi
+done
+
+exit 0 # <= continue processing

config/server-auth.txt

@@ -0,0 +1,13 @@
+#
+# emailrelay secrets file
+#
+# Format: server plain user password
+#         server none 192.168.1.* localipv4
+#         server none 192.168.1.0/24 localipv4
+#
+# Plain password should be in xtext encoded format (defined in RFC-1891) (space should be as +20, + as +2B, ## as +23, = as +3D)
+# http://emailrelay.sourceforge.net/index.html#reference_md_Authentication
+#
+#server none 127.0.0.1 localipv4
+#server none 192.168.1.* localipv4
+#server plain user password

docker-compose.yml

@@ -0,0 +1,43 @@
+version: "3"
+services:
+
+  # emailrelay:
+  #   build: ./
+  #   image: dcagatay/emailrelay:latest
+  #   command: --domain msa.example.com --forward-on-disconnect --forward-to mail.example.org:25
+  #   ports:
+  #     - "25:25"
+  #   restart: unless-stopped
+
+  emailrelay-gmail:
+    build: ./
+    image: dcagatay/emailrelay:latest
+    command: --forward-on-disconnect --forward-to smtp.gmail.com:587 --client-tls --client-auth=/config/client-auth.txt
+    volumes:
+      - ./config:/config:ro
+    ports:
+      - "25:25"
+    restart: unless-stopped
+
+  # emailrelay-tls:
+  #   build: ./
+  #   image: dcagatay/emailrelay:latest
+  #   command: --domain msa.example.com --forward-on-disconnect --forward-to mail.example.org:587 --client-tls --server-tls /etc/ssl/server.pem
+  #   volumes:
+  #     - ./config/key_and_cert.pem:/etc/ssl/server.pem:ro
+  #   environment:
+  #     PORT: "587"
+  #     SWAKS_OPTS: "-tls"
+  #   ports:
+  #     - "587:587"
+  #   restart: unless-stopped
+
+  # emailrelay-server-client-auth:
+  #   build: ./
+  #   image: dcagatay/emailrelay:latest
+  #   command: --domain msa.example.com --filter /config/filter.sh --forward-on-disconnect --forward-to mail.example.org:587 --client-tls --client-auth=/config/client-auth.txt --server-auth=/config/server-auth.txt
+  #   volumes:
+  #     - ./config:/config:ro
+  #   ports:
+  #     - "25:25"
+  #   restart: unless-stopped

run.sh

@@ -1,27 +1,29 @@
 #!/bin/sh
 set -e
 
-# Some (hopefully) sensible defaults. Users don't have to specify those.
-DEFAULT_OPTS=${DEFAULT_OPTS:---no-daemon --no-syslog --log --remote-clients --port "${PORT:-587}"}
+export PATH="/app/sbin:${PATH}"
+
+# Update default options with specified port and spool dir
+DEFAULT_OPTS="$DEFAULT_OPTS --port ${PORT} --spool-dir ${SPOOL_DIR}"
 
 # Running this image without any command-line argument doesn't make sense
 if [ -z "$*" ]; then
     echo "FATAL: Please provide some command-line arguments to emailrelay"
-    echo "E.g., -D msa.example.com --immediate --forward-to mail.example.org:smtp"
+    echo "E.g., --domain msa.example.com --forward-on-disconnect --forward-to mail.example.org:smtp"
     echo "Note, we already pass ${DEFAULT_OPTS}"
     exit 2
 fi
 
 case "$*" in
     -h\ *|--help\ *|-V|--version)
       # A request for help or version are special cases.
-      exec /usr/sbin/emailrelay $@ ;;
+      exec /app/sbin/emailrelay $@ ;;
     -*)
       # If the arguments (CMD, assuming we're an ENTRYPOINT) starts
       # with a minus-dash, it's the options to emailrelay.
       # Prefill some defaults (so we don't have to specify them),
       # then run.
-      exec /usr/sbin/emailrelay $DEFAULT_OPTS $@ ;;
+      exec /app/sbin/emailrelay $DEFAULT_OPTS $@ ;;
     *)
       # If arguments don't start with a minus-dash, let's assume
       # it's a proper shell command to execute and do so.