Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated A mail server's 101 (markdown)

This commit is contained in:
Jean-Denis Vauguet 2020-06-10 01:07:10 +02:00
parent 6bfeca219f
commit 8bdaef6890
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/content/a-mail-server's-101.md
View File

@ -76,8 +76,8 @@ When talking about emails, the following applies:
## How does docker-mailserver help with setting everything up?
As a _batteries included_ Docker image, docker-mailserver provides you with all the required components and a default configuration to run a mail server. On top of that, the [env-mailserver](https://github.com/tomav/docker-mailserver/blob/master/env-mailserver.dist) configuration file (and some other optional, advanced files!) allow you to tweak your setup extensively. You may even derive your own image from docker-mailserver for a complete control.
As a _batteries included_ Docker image, docker-mailserver provides you with all the required components and a default configuration to run a mail server. On top of that, the [env-mailserver](https://github.com/tomav/docker-mailserver/blob/master/env-mailserver.dist) configuration file (and some other optional, advanced files!) allow you to tweak your setup extensively. You may even derive your own image from docker-mailserver for a complete control!
The default configuration may _not_ be considered 100% secure as it enforces opportunistic connections using STARTTLS. The reason is because the project aims at supporting, by default, all kinds of clients including older ones not able to use enforced TLS-encrypted connections. It is up to you deciding which kind of transportation encryption to use / enforce, and set up your instance accordingly.
When it comes to security, one may consider docker-mailserver's default configuration to _not_ be 100% secure, as it uses _opportunistic_ connections using STARTTLS instead of _enforcing_ TLS-encrypted connection (SMTPS, IMAPS). That choice has been consciously made for the project aims at supporting, _by default and without custom configuration required_, all kinds of clients, including ones not able (== not configured) to use enforced/implicit TLS-encrypted connections. Please note though that _no plain text exchange will occur_ in case a client denies a STARTTLS offer, for docker-mailserver is using a [strict offer](http://www.postfix.org/postconf.5.html#smtpd_tls_security_level) by default :relieved: It is up to you deciding which kind of transportation encryption to use / enforce, and set up your instance accordingly.
The [README](https://github.com/tomav/docker-mailserver) is the best starting point in configuring and running your mail server. You may then explore this wiki to cover additional topics, including but not limited to, security.