Fix postfix not sending mails from sympa

docker-compose.yml

@@ -31,7 +31,6 @@ services:
       REMOTES:
     networks:
       - postfix
-      - default
 
   postfix:
     build: ./docker/postfix
@@ -45,7 +44,9 @@ services:
       - "./log/postfix:/var/log/postfix"
       - "spool_postfix:/var/spool/postfix"
     networks:
-      - postfix
+      postfix:
+        aliases:
+          - postfix_internal_smtp
     environment:
       POSTFIX_VIRTUAL_DOMAINS:
       MAILNAME:

docker/postfix/etc/postfix/main.cf.append

@@ -25,8 +25,8 @@ sympabouncedomain_destination_recipient_limit = 1
 # DKIM
 milter_default_action = accept
 milter_protocol = 6
-smtpd_milters = inet:localhost:8892
-non_smtpd_milters = inet:localhost:8892
+smtpd_milters = inet:127.0.0.1:8891
+non_smtpd_milters = inet:127.0.0.1:8891
 smtpd_client_restrictions = check_client_access cidr:/etc/postfix/sinokorea.cidr
 
 smtpd_use_tls=yes

docker/postfix/etc/postfix/master.cf.append

@@ -14,12 +14,10 @@ sympabounce	unix	-	n	n	-	-	pipe
 sympabouncedomain	unix	-	n	n	-	-	pipe
   -o soft_bounce=yes
   flags=RF user=mailpipe:mailpipe argv=/usr/bin/ssh -i /etc/sympa/shared/id_rsa -o UserKnownHostsFile=/etc/sympa/shared/known_hosts -T sympa@sympa bouncequeue sympa@${domain}
-spamassassin unix -     n       n       -       -       pipe user=spamassassin argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
-submission inet n       -       -       -       -       smtpd
-  -o smtpd_enforce_tls=yes
-  -o smtpd_sasl_auth_enable=yes
-  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+spamassassin unix -     n       n       -       -       pipe
+  user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
 smtps     inet  n       -       -       -       -       smtpd
   -o smtpd_tls_wrappermode=yes
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+  -o content_filter=spamassassin

docker/postfix/etc/service/opendkim/log/run

+#!/bin/bash -e
+
+if [ "${LOG_TO_STDOUT}" != "1" ]; then
+  mkdir -p /var/log/opendkim
+  chown nobody:nogroup /var/log/opendkim
+
+  exec chpst -u nobody:nogroup svlogd -tt /var/log/opendkim
+else
+  exec chpst -u nobody:nogroup regex2json "^\\s*(?P<time___time__Stamp>\\S+ \\d+ \\d+:\\d+:\\d+) (?P<host>\\S+) (?P<program>\\S+)\\[(?P<pid___int>\\d+)\\]: (?:(?P<severity___optional>info|warning|error|fatal|panic): )?(?:(?P<id___optional>(?:[0-9A-F]{6,}|[0-9a-zA-Z]{12,})): )?(?P<msg>.+?)\\s*$"
+fi

docker/postfix/etc/service/opendkim/run

 #!/bin/bash
 sed -i.bak \
-    -e 's/^\(Socket.*local.*$\)/#\1/' \
-    -e 's/^#\(Socket.*inet\)/\1/' \
+    -e 's/^\(Socket.*$\)/#\1/' \
     /etc/opendkim.conf
 
+sed -i \
+    -e 's/^\(SOCKET=.*\)$/#\1/' \
+    /etc/default/opendkim
+
 cat >> /etc/opendkim.conf <<EOF
+Socket                  inet:8891@127.0.0.1
+BaseDirectory           /var/spool/postfix/opendkim/
 KeyTable                /etc/opendkim/KeyTable
 SigningTable            /etc/opendkim/SigningTable
 ExternalIgnoreList      /etc/opendkim/TrustedHosts
 InternalHosts           /etc/opendkim/TrustedHosts
 SenderHeaders             Sender,From,Return-Path
-Syslog yes
-SyslogSuccess Yes
 LogWhy Yes
+Syslog                  no
+SyslogSuccess           no
 EOF
 mkdir -p /etc/opendkim
+#mkdir -p /var/spool/postfix/opendkim
+#chmod 755 /var/spool/postfix/opendkim
+#chown -R opendkim:opendkim /var/spool/postfix/opendkim
 
 # Add docker trusted hosts
 echo "localhost" >> /etc/opendkim/TrustedHosts
@@ -23,8 +31,11 @@ echo "127.0.0.1" >> /etc/opendkim/TrustedHosts
 sleep 10
 for domain in $TRUSTED_HOSTS; do
     echo $domain >> /etc/opendkim/TrustedHosts
-    dig +short $domain >> /etc/opendkim/TrustedHosts
 done
+for net in $MY_NETWORKS; do
+    echo $net >>  /etc/opendkim/TrustedHosts
+done
+
 
 for domain in $MAILNAME $POSTFIX_VIRTUAL_DOMAINS; do
 	keydir="/etc/dkimkeys/$domain"
@@ -38,4 +49,5 @@ for domain in $MAILNAME $POSTFIX_VIRTUAL_DOMAINS; do
 	echo "$domain mail._domainkey.$domain" >> /etc/opendkim/SigningTable
 	echo "$domain" >> /etc/opendkim/TrustedHosts
 done
-exec /usr/sbin/opendkim -f -x /etc/opendkim.conf
+chown -R opendkim:opendkim /etc/dkimkeys/
+exec /usr/sbin/opendkim -v -f -x /etc/opendkim.conf

docker/postfix/etc/service/postfix/run.config

-cp /etc/postfix/main.cf.orig /etc/postfix/main.cf
-cp /etc/postfix/master.cf.orig /etc/postfix/master.cf
 sed "s/POSTFIX_VIRTUAL_DOMAINS/$POSTFIX_VIRTUAL_DOMAINS/g" /etc/postfix/main.cf.append >> /etc/postfix/main.cf
-cat /etc/postfix/master.cf.orig /etc/postfix/master.cf.append >> /etc/postfix/master.cf
+cat /etc/postfix/master.cf.append >> /etc/postfix/master.cf
 sed -i -e "s@LDAP_HOST@$LDAP_HOST@" \
     -e "s/LDAP_SEARCH_BASE/$LDAP_SEARCH_BASE/" \
     -e "s/LDAP_FILTER/$LDAP_FILTER/" \
     -e "s/LDAP_BIND_DN/$LDAP_BIND_DN/" \
     -e "s/LDAP_BIND_PASSWORD/$LDAP_BIND_PASSWORD/" \
     /etc/saslauthd.conf
-mkdir -p /var/spool/postfix/var/run/saslauthd
+usermod -a -G opendkim postfix
 set +e
 postfix set-permissions
 set -e

docker/postfix/etc/service/postfix/run.initialization

 if [ -e /etc/sympa/shared/id_rsa ]; then
   chown mailpipe /etc/sympa/shared/id_rsa*
 fi
-saslauthd -c -m /var/spool/postfix/var/run/saslauthd -a ldap -d &

docker/postfix/etc/service/saslauthd/run

+#!/bin/bash -e
+mkdir -p /var/spool/postfix/var/run/saslauthd
+exec saslauthd -c -m /var/spool/postfix/var/run/saslauthd -a ldap -d > /var/log/postfix/saslauthd.log 2>&1