From 70dd4d1519103869a96fb06af0c2079aae41c429 Mon Sep 17 00:00:00 2001
From: Thorsten von Eicken <tve@rightscale.com>
Date: Sun, 22 May 2016 21:45:00 -0700
Subject: [PATCH] support sending via AWS SES

---
 Dockerfile                 |  2 +-
 target/start-mailserver.sh | 22 +++++++++++++++++++++-
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 7b0f1a15..e5d6cac5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,7 +5,7 @@ MAINTAINER Thomas VIAL
 RUN DEBIAN_FRONTEND=noninteractive apt-get update -q --fix-missing && \
 	apt-get -y upgrade && \
 	apt-get -y install --no-install-recommends \
-	postfix dovecot-core dovecot-imapd dovecot-pop3d dovecot-sieve dovecot-managesieved gamin amavisd-new spamassassin razor pyzor \
+	postfix dovecot-core dovecot-imapd dovecot-pop3d dovecot-sieve dovecot-managesieved gamin amavisd-new spamassassin razor pyzor libsasl2-modules \
 	clamav clamav-daemon libnet-dns-perl libmail-spf-perl bzip2 file gzip p7zip unzip arj rsyslog \
     opendkim opendkim-tools opendmarc curl fail2ban ed iptables && \
 	curl -sk http://neuro.debian.net/lists/trusty.de-m.libre > /etc/apt/sources.list.d/neurodebian.sources.list && \
diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh
index 9f0d6e1f..a364042d 100644
--- a/target/start-mailserver.sh
+++ b/target/start-mailserver.sh
@@ -211,8 +211,28 @@ else
   echo "No extra postfix settings loaded because optional '/tmp/docker-mailserver/postfix-main.cf' not provided."
 fi
 
+# Support general SASL password
+rm -f /etc/postfix/sasl_passwd
 if [ ! -z "$SASL_PASSWD" ]; then
-  echo "$SASL_PASSWD" > /etc/postfix/sasl_passwd
+  echo "$SASL_PASSWD" >> /etc/postfix/sasl_passwd
+fi
+
+# Support outgoing email relay via Amazon SES
+if [ ! -z "$AWS_SES_HOST" -a ! -z "$AWS_SES_USERPASS" ]; then
+  echo "Setting up outgoing email via AWS SES host $AWS_SES_HOST"
+  echo "[$AWS_SES_HOST]:25 $AWS_SES_USERPASS" >>/etc/postfix/sasl_passwd
+  postconf -e \
+    "relayhost = [$AWS_SES_HOST]:25" \
+    "smtp_sasl_auth_enable = yes" \
+    "smtp_sasl_security_options = noanonymous" \
+    "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd" \
+    "smtp_use_tls = yes" \
+    "smtp_tls_security_level = encrypt" \
+    "smtp_tls_note_starttls_offer = yes"
+fi
+
+# Install SASL passwords
+if [ -f /etc/postfix/sasl_passwd ]; then
   postmap hash:/etc/postfix/sasl_passwd
   rm /etc/postfix/sasl_passwd
   chown root:root /etc/postfix/sasl_passwd.db