search

youtous / docker-mailserver-traefik

🐳 ⚙️ Automatically renew docker-mailserver/docker-mailserver certificates using traefik.
MIT License
29 stars 11 forks source link

Dovecot not using proper certificate, but Postfix does #4

Closed logoff closed 3 years ago

logoff commented 3 years ago

Hello, I have a pretty standard configuration, with latests images from tvial/docker-mailserver and your Docker image, using Docker compose. Postfix certificate is OK, but Dovecot is the generic Let's Encrypt and never gets updated.

My boot logs:

Attaching to roundcube, mail, mailserver-traefik
mail                    | 2021-01-05 12:07:53,559 CRIT Supervisor running as root (no user in config file)
mail                    | 2021-01-05 12:07:53,561 INFO Included extra file "/etc/supervisor/conf.d/saslauth.conf" during parsing
mail                    | 2021-01-05 12:07:53,562 INFO Included extra file "/etc/supervisor/conf.d/supervisor-app.conf" during parsing
mail                    | 2021-01-05 12:07:53,612 INFO RPC interface 'supervisor' initialized
mail                    | 2021-01-05 12:07:53,613 CRIT Server 'unix_http_server' running without any HTTP authentication checking
mail                    | 2021-01-05 12:07:53,614 INFO supervisord started with pid 1
mail                    | 2021-01-05 12:07:54,625 INFO spawned: 'mailserver' with pid 25
mail                    | 
mail                    | 2021-01-05 12:07:54,728 INFO success: mailserver entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
mail                    | #
mail                    | #
mail                    | # ENV
mail                    | #
mail                    | #
mail                    | 
mail                    | DEFAULT_RELAY_HOST=
mail                    | RELAY_PORT=25
mail                    | SASLAUTHD_LDAP_FILTER=
mail                    | FETCHMAIL_POLL=300
mail                    | POSTGREY_DELAY=300
mail                    | RELAY_HOST=
mail                    | RELAY_USER=
mail                    | SASLAUTHD_LDAP_SEARCH_BASE=
mail                    | SASLAUTHD_MECHANISMS=
mail                    | SA_SPAM_SUBJECT=***SPAM*****
mail                    | SPOOF_PROTECTION=1
mail                    | LDAP_BIND_PW=
mail                    | HOSTNAME=<my-domain>
mail                    | ENABLE_LDAP=0
mail                    | OVERRIDE_HOSTNAME=
mail                    | SASLAUTHD_LDAP_PASSWORD=
mail                    | REPORT_RECIPIENT=1
mail                    | LDAP_SERVER_HOST=
mail                    | SASLAUTHD_LDAP_START_TLS=
mail                    | POSTMASTER_ADDRESS=<my-user>@<my-domain>
mail                    | REPORT_SENDER=
mail                    | LDAP_SEARCH_BASE=
mail                    | DOMAINNAME=<my-domain>
mail                    | LDAP_BIND_DN=
mail                    | ENABLE_POSTFIX_VIRTUAL_TRANSPORT=
mail                    | TLS_LEVEL=modern
mail                    | SA_TAG=2.0
mail                    | REPORT_INTERVAL=daily
mail                    | ENABLE_MANAGESIEVE=0
mail                    | SMTP_ONLY=0
mail                    | PERMIT_DOCKER=
mail                    | SA_TAG2=6.31
mail                    | POSTFIX_MESSAGE_SIZE_LIMIT=10240000
mail                    | POSTFIX_MAILBOX_SIZE_LIMIT=0
mail                    | PWD=/
mail                    | POSTFIX_DAGENT=
mail                    | LDAP_QUERY_FILTER_USER=
mail                    | DOVECOT_TLS=1
mail                    | HOME=/root
mail                    | SA_KILL=6.31
mail                    | DMS_DEBUG=1
mail                    | ENABLE_FAIL2BAN=0
mail                    | SSL_TYPE=manual
mail                    | SUPERVISOR_PROCESS_NAME=mailserver
mail                    | SSL_KEY_PATH=/var/mail-state/manual-ssl/key
mail                    | POSTSCREEN_ACTION=enforce
mail                    | SUPERVISOR_ENABLED=1
mail                    | LDAP_QUERY_FILTER_ALIAS=
mail                    | SASLAUTHD_LDAP_SERVER=
mail                    | SASL_PASSWD=
mail                    | SASLAUTHD_LDAP_BIND_DN=
mail                    | ENABLE_SPAMASSASSIN=1
mail                    | CONTAINER_NAME=mail
mail                    | ENABLE_POSTGREY=0
mail                    | RELAY_PASSWORD=
mail                    | ENABLE_FETCHMAIL=0
mail                    | SRS_SECRET=
mail                    | VIRUSMAILS_DELETE_DELAY=7
mail                    | SSL_CERT_PATH=/var/mail-state/manual-ssl/cert
mail                    | SASLAUTHD_MECH_OPTIONS=
mail                    | SASLAUTHD_LDAP_TLS_CHECK_PEER=
mail                    | SHLVL=1
mail                    | ENABLE_SRS=0
mail                    | ENABLE_SASLAUTHD=0
mail                    | SUPERVISOR_GROUP_NAME=mailserver
mail                    | LDAP_QUERY_FILTER_DOMAIN=
mail                    | DOVECOT_USER_FILTER=
mail                    | ENABLE_CLAMAV=0
mail                    | POSTGREY_AUTO_WHITELIST_CLIENTS=5
mail                    | SASLAUTHD_LDAP_SSL=
mail                    | PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
mail                    | DOVECOT_PASS_FILTER=
mail                    | POSTGREY_TEXT=Delayed by postgrey
mail                    | ONE_DIR=0
mail                    | SUPERVISOR_SERVER_URL=unix:///dev/shm/supervisor.sock
mail                    | POSTGREY_MAX_AGE=35
mail                    | ENABLE_POP3=0
mail                    | LDAP_QUERY_FILTER_GROUP=
mail                    | LDAP_START_TLS=no
mail                    | SRS_EXCLUDE_DOMAINS=
mail                    | _=/usr/bin/printenv
mail                    | 
mail                    | #
mail                    | #
mail                    | # docker-mailserver
mail                    | #
mail                    | #
mail                    | 
mail                    | Initializing setup
mail                    |   Registering check,setup,fix,misc and start-daemons functions
mail                    |   * _check_environment_variables() registered
mail                    |   * _check_hostname() registered
mail                    |   * _setup_default_vars() registered
mail                    |   * _setup_dovecot() registered
mail                    |   * _setup_dovecot_dhparam() registered
mail                    |   * _setup_dovecot_local_user() registered
mail                    |   * _setup_dkim() registered
mail                    |   * _setup_ssl() registered
mail                    |   * _setup_docker_permit() registered
mail                    |   * _setup_mailname() registered
mail                    |   * _setup_amavis() registered
mail                    |   * _setup_dmarc_hostname() registered
mail                    |   * _setup_postfix_hostname() registered
mail                    |   * _setup_dovecot_hostname() registered
mail                    |   * _setup_postfix_smtputf8() registered
mail                    |   * _setup_postfix_sasl() registered
mail                    |   * _setup_postfix_sasl_password() registered
mail                    |   * _setup_security_stack() registered
mail                    |   * _setup_postfix_aliases() registered
mail                    |   * _setup_postfix_vhost() registered
mail                    |   * _setup_postfix_dhparam() registered
mail                    |   * _setup_postfix_postscreen() registered
mail                    |   * _setup_postfix_sizelimits() registered
mail                    |   * _setup_spoof_protection() registered
mail                    |   * _setup_postfix_access_control() registered
mail                    |   * _setup_postfix_override_configuration() registered
mail                    |   * _setup_environment() registered
mail                    |   * _setup_logrotate() registered
mail                    |   * _setup_mail_summary() registered
mail                    |   * _setup_logwatch() registered
mail                    |   * _setup_chksum_file() registered
mail                    |   * _fix_var_mail_permissions() registered
mail                    |   * _fix_var_amavis_permissions() registered
mail                    |   * _fix_cleanup_clamav() registered
mail                    |   * _misc_save_states() registered
mail                    |   * _start_daemons_cron() registered
mail                    |   * _start_daemons_rsyslog() registered
mail                    |   * _start_daemons_dovecot() registered
mail                    |   * _start_daemons_opendkim() registered
mail                    |   * _start_daemons_opendmarc() registered
mail                    |   * _start_daemons_postfix() registered
mail                    |   * _start_changedetector() registered
mail                    |   * _start_daemons_amavis() registered
mail                    | Checking configuration
mail                    |   Check that there are no conflicts with env variables [_check_environment_variables]
mail                    |   Check that hostname/domainname is provided or overidden (no default docker hostname/kubernetes) [_check_hostname]
mail                    |   * Domain has been set to <my-domain>
mail                    |   * Hostname has been set to <my-domain>
mail                    | Configuring mail server
mail                    |   Setting up default variables [_setup_default_vars]
mail                    |   * Set POSTFIX_MESSAGE_SIZE_LIMIT=10240000
mail                    |   * Set ENABLE_LDAP=0
mail                    |   * Set PFLOGSUMM_TRIGGER=logrotate
mail                    |   * Set OVERRIDE_HOSTNAME=
mail                    |   * Set DMS_DEBUG=1
mail                    |   * Set LOGWATCH_RECIPIENT=<my-user>@<my-domain>
mail                    |   * Set POSTFIX_MAILBOX_SIZE_LIMIT=0
mail                    |   * Set ENABLE_CLAMAV=0
mail                    |   * Set POSTGREY_AUTO_WHITELIST_CLIENTS=5
mail                    |   * Set LOGWATCH_INTERVAL=none
mail                    |   * Set ENABLE_FAIL2BAN=0
mail                    |   * Set FETCHMAIL_POLL=300
mailserver-traefik      | [INFO] Running on a regular host.
mailserver-traefik      | [INFO] 1 domain(s) to watch: <my-domain>
mailserver-traefik      | [INFO] Configured to automatically push existing certificates in containers every 15m (PUSH_PERIOD=15m).
mailserver-traefik      | [INFO] file selected as certificates source
mailserver-traefik      | [INFO] Traefik v2 selected as target
mailserver-traefik      | 
mailserver-traefik      | [INFO] Pushing <my-domain> to 1 subscribed containers
mailserver-traefik      | [INFO] Pushing <my-domain> certificate in container bd6075d673b3
mailserver-traefik      | [INFO] <my-domain> - new certificate '/tmp/ssl/fullchain.pem' received on mailserver container
mailserver-traefik      | [INFO] <my-domain> - Cert update: new certificate copied into container
mailserver-traefik      | [INFO] <my-domain> - Cert update: restarting daemons Postfix and Dovecot
mailserver-traefik      | postfix: ERROR (not running)
mailserver-traefik      | postfix: started
mailserver-traefik      | dovecot: ERROR (not running)
mailserver-traefik      | dovecot: started
mailserver-traefik      | [INFO] <my-domain> - ONE_DIR detected, generating copy in /var/mail/manual-ssl/{cert,key}
mailserver-traefik      | 
mail                    |   * Set TLS_LEVEL=modern
mail                    |   * Set ENABLE_SPAMASSASSIN=1
mail                    |   * Set DOVECOT_TLS=1
mail                    |   * Set REPORT_RECIPIENT=<my-user>@<my-domain>
mail                    |   * Set POSTGREY_DELAY=300
mail                    |   * Set POSTGREY_TEXT=Delayed by postgrey
mail                    |   * Set PFLOGSUMM_RECIPIENT=<my-user>@<my-domain>
mail                    |   * Set ENABLE_POSTGREY=0
mail                    |   * Set POSTGREY_MAX_AGE=35
mail                    |   * Set POSTMASTER_ADDRESS=<my-user>@<my-domain>
mail                    |   * Set ENABLE_FETCHMAIL=0
mail                    |   * Set REPORT_SENDER=mailserver-report@<my-domain>
mail                    |   * Set ENABLE_MANAGESIEVE=0
mail                    |   * Set VIRUSMAILS_DELETE_DELAY=7
mail                    |   * Set ENABLE_SRS=0
mail                    |   * Set POSTSCREEN_ACTION=enforce
mail                    |   * Set ENABLE_POP3=0
mail                    |   * Set ENABLE_SASLAUTHD=0
mail                    |   * Set PFLOGSUMM_SENDER=mailserver-report@<my-domain>
mail                    |   * Set SMTP_ONLY=0
mail                    |   * Set LDAP_START_TLS=no
mail                    |   * Set LOGROTATE_INTERVAL=daily
mail                    |   * Set SPOOF_PROTECTION=1
mail                    |   Setting up Dovecot
mail                    |   Setting up Dovecot dhparam
mail                    |   * Generate new dhparams for dovecot
mail                    | Generating DH parameters, 2048 bit long safe prime, generator 2
mail                    | This is going to take a long time
mail                    | 2021-01-05 12:07:55,350 INFO spawned: 'postfix' with pid 47
mail                    | 2021-01-05 12:07:55,360 INFO success: postfix entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
mail                    | 2021-01-05 12:07:56,217 INFO spawned: 'dovecot' with pid 100
mail                    | 2021-01-05 12:07:56,220 INFO success: dovecot entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
mail                    | .+........................................................................................................................................+.....................................................................................................................................................................................................+.............................................................................................................................+...............................................................................+........................................................................................+...+..........+..................................................................................+......................................................................................+...............+......+........................+.................................................................................+........................................+..............................................................+.........................................+.............................................................................................................+..................................+..................+......................................................................................................+.............................................+.......+.+..............+......................+..............................+............................................+...................................................................+............................................+..................................................................................................................................................................++*++*++*++*
mail                    |   Setting up Dovecot Local User
mail                    |   * Checking file line endings
mail                    |   * Regenerating postfix user list
mail                    |   * user '<my-user>' for domain '<my-domain>' with password '********'
mail                    |   Setting up DKIM
mail                    |   * DKIM keys added for: <my-domain>
mail                    |   * Changing permissions on /etc/opendkim
mail                    |   * Nameservers added to /etc/opendkim.conf
mail                    |   Setting up SSL
mail                    |   * TLS configured with 'modern' ciphers
mail                    |   * Configuring certificates using cert /var/mail-state/manual-ssl/cert and key /var/mail-state/manual-ssl/key
mail                    |   * SSL configured with 'Manual' certificates
mail                    |   Setting up PERMIT_DOCKER Option
mail                    |   * Adding container ip in my networks
mail                    |   Setting up Mailname
mail                    |   * Creating /etc/mailname
mail                    |   Setting up Amavis
mail                    |   * Applying hostname to /etc/amavis/conf.d/05-node_id
mail                    |   Setting up dmarc
mail                    |   * Applying hostname to /etc/opendmarc.conf
mail                    |   Applying hostname and domainname to Postfix
mail                    |   * Applying hostname to /etc/postfix/main.cf
mail                    |   Applying hostname to Dovecot
mail                    |   * Applying hostname to /etc/dovecot/conf.d/15-lda.conf
mail                    |   * Configuring postfix smtputf8 support (disable)
mail                    |   Setting up Postfix SASL Password
mail                    |   * Warning: 'SASL_PASSWD' is not provided. /etc/postfix/sasl_passwd not created.
mail                    |   Setting up Security Stack
mail                    |   * Enabling and configuring spamassassin
mail                    |   * Clamav is disabled. You can enable it with 'ENABLE_CLAMAV=1'
mail                    |   Setting up Postfix Aliases
mail                    |   * Warning 'config/postfix-virtual.cf' is not provided. No mail alias/forward created.
mail                    |   * Configuring root alias
mail                    |   Setting up Postfix vhost
mail                    |   Setting up Postfix dhparam
mail                    |   * Copy dovecot dhparams to postfix
mail                    |   * Configuring postscreen
mail                    |   * Configuring postfix message size limit
mail                    |   * Configuring postfix mailbox size limit
mail                    |   * Configuring Spoof Protection
mail                    |   * Configuring user access
mail                    |   Setting up Postfix Override configuration
mail                    |   * No extra postfix settings loaded because optional '/tmp/docker-mailserver/postfix-main.cf' not provided.
mail                    |   * No extra postfix settings loaded because optional '/tmp/docker-mailserver/postfix-master.cf' not provided.
mail                    |   * set the compatibility level to 2
mail                    |   Setting up /etc/environment
mail                    |   * Setting up logrotate
mail                    |   * Setting postfix logrotate interval to daily
mail                    |   * Enable postfix summary with recipient <my-user>@<my-domain>
mail                    |   * Add postrotate action for pflogsumm report
mail                    |   * Enable logwatch reports with recipient <my-user>@<my-domain>
mail                    |   Setting up configuration checksum file
mail                    | /tmp/docker-mailserver /
mail                    |   * Creating /tmp/docker-mailserver-config-chksum
mail                    | /
mail                    |   Checking /var/mail permissions
mail                    |   * Fixing /var/mail permissions
mail                    |   Checking $amavis_state_dir permissions
mail                    |   * Permissions in /var/lib/amavis look OK
mail                    |   Cleaning up disabled Clamav
mail                    | Starting Misc
mail                    | Starting mail server
mail                    |   Starting cron2021-01-05 12:08:17,979 INFO spawned: 'cron' with pid 948
mail                    | 2021-01-05 12:08:17,980 INFO success: cron entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
mail                    | cron: started
roundcube               | roundcubemail not found in /var/www/html - copying now...
roundcube               | Complete! ROUNDCUBEMAIL has been successfully copied to /var/www/html
roundcube               | /docker-entrypoint.sh: line 17: [: missing `]'
roundcube               | /docker-entrypoint.sh: line 20: [: missing `]'
roundcube               | Write config to /var/www/html/config/config.inc.php
roundcube               | AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.19.0.14. Set the 'ServerName' directive globally to suppress this message
roundcube               | AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.19.0.14. Set the 'ServerName' directive globally to suppress this message
roundcube               | [Tue Jan 05 12:07:54.643528 2021] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.2.21 configured -- resuming normal operations
roundcube               | [Tue Jan 05 12:07:54.660594 2021] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
mail                    |   Starting rsyslog 2021-01-05 12:08:18,213 INFO spawned: 'rsyslog' with pid 950
mail                    | 2021-01-05 12:08:18,214 INFO success: rsyslog entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
mail                    | rsyslog: started
mail                    |   Starting dovecot servicesdovecot: ERROR (already started)
mail                    |   Starting opendkim 2021-01-05 12:08:18,783 INFO spawned: 'opendkim' with pid 955
mail                    | 2021-01-05 12:08:18,785 INFO success: opendkim entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
mail                    | opendkim: started
mail                    |   Starting opendmarc 2021-01-05 12:08:19,049 INFO spawned: 'opendmarc' with pid 963
mail                    | 2021-01-05 12:08:19,050 INFO success: opendmarc entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
mail                    | opendmarc: started
mail                    |   Starting postfixpostfix: ERROR (already started)
mail                    |   Starting changedetector2021-01-05 12:08:19,532 INFO spawned: 'changedetector' with pid 971
mail                    | 2021-01-05 12:08:19,534 INFO success: changedetector entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
mail                    | changedetector: started
mail                    |   Starting amavis2021-01-05 12:08:19,821 INFO spawned: 'amavis' with pid 976
mail                    | 2021-01-05 12:08:19,823 INFO success: amavis entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
mail                    | amavis: started
mail                    | 
mail                    | #
mail                    | # <my-domain> is up and running
mail                    | #
mail                    | 
mail                    | Jan  5 12:08:20 mail amavis[976]: starting. /usr/sbin/amavisd-new at <my-domain> amavisd-new-2.10.1 (20141025), Unicode aware
mail                    | Jan  5 12:08:21 mail amavis[976]: Net::Server: Group Not Defined.  Defaulting to EGID '111 111'
mail                    | Jan  5 12:08:21 mail amavis[976]: Net::Server: User Not Defined.  Defaulting to EUID '109'
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Amavis::Conf        2.404
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Archive::Zip        1.59
mail                    | Jan  5 12:08:21 mail amavis[976]: Module BerkeleyDB          0.55
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Compress::Raw::Zlib 2.069
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Compress::Zlib      2.069001
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Crypt::OpenSSL::RSA 0.28
mail                    | Jan  5 12:08:21 mail amavis[976]: Module DB_File             1.835
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Digest::MD5         2.54
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Digest::SHA         5.95_01
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Encode              2.80_01
mail                    | Jan  5 12:08:21 mail amavis[976]: Module File::Temp          0.2304
mail                    | Jan  5 12:08:21 mail amavis[976]: Module IO::Socket::INET6   2.72
mail                    | Jan  5 12:08:21 mail amavis[976]: Module IO::Socket::IP      0.37
mail                    | Jan  5 12:08:21 mail amavis[976]: Module MIME::Entity        5.508
mail                    | Jan  5 12:08:21 mail amavis[976]: Module MIME::Parser        5.508
mail                    | Jan  5 12:08:21 mail amavis[976]: Module MIME::Tools         5.508
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Mail::DKIM::Verifier 0.4
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Mail::Header        2.18
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Mail::Internet      2.18
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Mail::SPF           v2.009
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Mail::SpamAssassin  3.004002
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Net::DNS            1.07
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Net::LibIDN         0.12
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Net::Server         2.008
mail                    | Jan  5 12:08:21 mail amavis[976]: Module NetAddr::IP         4.079
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Razor2::Client::Version 2.84
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Scalar::Util        1.4202
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Socket              2.020_03
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Socket6             0.27
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Time::HiRes         1.9733
mail                    | Jan  5 12:08:21 mail amavis[976]: Module URI                 1.71
mail                    | Jan  5 12:08:21 mail amavis[976]: Module Unix::Syslog        1.1
mail                    | Jan  5 12:08:21 mail amavis[976]: Amavis::ZMQ code     NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: Amavis::DB code      loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: SQL base code        NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: SQL::Log code        NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: SQL::Quarantine      NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: Lookup::SQL code     NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: Lookup::LDAP code    NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: AM.PDP-in proto code loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: SMTP-in proto code   loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: Courier proto code   NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: SMTP-out proto code  loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: Pipe-out proto code  NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: BSMTP-out proto code NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: Local-out proto code loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: OS_Fingerprint code  NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: ANTI-VIRUS code      NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: ANTI-SPAM code       loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: ANTI-SPAM-EXT code   NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: ANTI-SPAM-C code     NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: ANTI-SPAM-SA code    loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: Unpackers code       loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: DKIM code            NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: Tools code           NOT loaded
mail                    | Jan  5 12:08:21 mail amavis[976]: Found $file            at /usr/bin/file
mail                    | Jan  5 12:08:21 mail amavis[976]: No $altermime,         not using it
mail                    | Jan  5 12:08:21 mail amavis[976]: Internal decoder for .mail
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .Z    at /bin/uncompress
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .gz   at /bin/gzip -d
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .bz2  at /bin/bzip2 -d
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .xz   at /usr/bin/xz -dc
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .lzma at /usr/bin/xz -dc --format=lzma
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .lrz  at /usr/bin/lrzip -q -k -d -o -
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .lzo  at /usr/bin/lzop -d
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .lz4  at /usr/bin/lz4c -d
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .rpm  at /usr/bin/rpm2cpio
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .cpio at /bin/pax
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .tar  at /bin/pax
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .deb  at /usr/bin/ar
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .rar  at /usr/bin/unrar-free
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .arj  at /usr/bin/arj
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .arc  at /usr/bin/nomarch
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .zoo  at /usr/bin/zoo
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .doc  at /usr/bin/ripole
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .cab  at /usr/bin/cabextract
mail                    | Jan  5 12:08:21 mail amavis[976]: Internal decoder for .tnef
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .zip  at /usr/bin/7za
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .kmz  at /usr/bin/7za
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .7z   at /usr/bin/7zr
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .jar  at /usr/bin/7z
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .swf  at /usr/bin/7z
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .lha  at /usr/bin/7z
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .iso  at /usr/bin/7z
mail                    | Jan  5 12:08:21 mail amavis[976]: Found decoder for    .exe  at /usr/bin/unrar-free; /usr/bin/arj
mail                    | Jan  5 12:08:21 mail amavis[976]: No decoder for       .F   
mail                    | Jan  5 12:08:21 mail amavis[976]: Deleting db files  in /var/lib/amavis/db
mail                    | Jan  5 12:08:21 mail amavis[976]: Creating db in /var/lib/amavis/db/; BerkeleyDB 0.55, libdb 5.3
youtous commented 3 years ago

Hello, I tried to reproduce using the test suite but I was not able to achieve the described situation. Could you share your docker-compose.yml?

Thanks

logoff commented 3 years ago

This is my docker-compose.yml file:

version: '3'

services:

  cert-renewer-traefik:
    image: youtous/mailserver-traefik:latest
    container_name: "mailserver-traefik"
    networks:
      - web
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - <my-services-folder>/traefik/acme.json:/tmp/traefik/acme.json:ro # link traefik acme.json file (read-only)
    environment:
      - TRAEFIK_VERSION=2
      - CERTS_SOURCE=file
      - DOMAINS=${HOSTNAME}.${DOMAINNAME}

  mail:
    image: tvial/docker-mailserver:latest
    hostname: ${HOSTNAME}
    domainname: ${DOMAINNAME}
    container_name: ${CONTAINER_NAME}
    ports:
      - "25:25"
      - "143:143"
      - 465:465
      - "587:587"
      - "993:993"
    volumes:
      - maildata:/var/mail
      - mailstate:/var/mail-state
      - maillogs:/var/log/mail
      - ./config/:/tmp/docker-mailserver/
    env_file:
      - .env
      - env-mailserver
    labels:
      - "mailserver-traefik.renew.domain=${HOSTNAME}.${DOMAINNAME}" # tag the service 
      - "traefik.enable=true" # use traefik v2 for certificate generation
      - "traefik.port=443" # dummy port, required generating certs with traefik
      - "traefik.http.routers.mail.rule=Host(`${HOSTNAME}.${DOMAINNAME}`)"
      - "traefik.http.routers.mail.entrypoints=https"
      - "traefik.http.routers.mail.tls=true"
      - "traefik.http.routers.mail.tls.certresolver=le"
      - "traefik.http.routers.mail.middlewares=redirect-webmail@docker" # /!\ the router must redirect every requests.
      - "traefik.http.middlewares.redirect-webmail.redirectregex.regex=.*"
      - "traefik.http.middlewares.redirect-webmail.redirectregex.replacement=https://${HOSTNAME}.${DOMAINNAME}/"

    environment:
      - SSL_TYPE=manual # enable SSL on the *mailserver* and store certificates in pre-defined paths
      - SSL_CERT_PATH=/var/mail-state/manual-ssl/cert # don't change theses paths!
      - SSL_KEY_PATH=/var/mail-state/manual-ssl/key
    cap_add:
      - NET_ADMIN
      - SYS_PTRACE
    restart: always
    networks:
      - web

  roundcube:
      image: "roundcube/roundcubemail"
      container_name: "roundcube"
      restart: always
      networks:
        - web
      environment:
        - ROUNDCUBEMAIL_DEFAULT_HOST=tls://${HOSTNAME}.${DOMAINNAME}:993/
        - ROUNDCUBEMAIL_SMTP_SERVER=tls://${HOSTNAME}.${DOMAINNAME}:465/
      labels:
        - traefik.http.routers.roundcube.rule=Host(`${HOSTNAME}.${DOMAINNAME}`)
        - traefik.http.routers.roundcube.tls=true
        - traefik.http.routers.roundcube.tls.certresolver=le
        - traefik.http.middlewares.roundcube.compress=true
        - traefik.http.routers.roundcube.middlewares=roundcube@docker

volumes:
  maildata:
    driver: local
  mailstate:
    driver: local
  maillogs:
    driver: local

networks:
  web:
    external: true

web is the network where Traefik lives.