Hi,

my container die in a few seconds [Exited (1)] with that error. Can you help me? Thanks.

docker-compose.yml:

[...]
smtpd:
  container_name: mail
  image: ixdotai/smtp:latest

docker logs:

+ sed -ri '
s/^#?(dc_local_interfaces)=.*/\1='\''[0.0.0.0]:25 ; [::0]:25'\''/;
s/^#?(dc_other_hostnames)=.*/\1='\'''\''/;
s/^#?(dc_relay_nets)=.*/\1='\''172.22.0.6\/16'\''/;
s/^#?(dc_eximconfig_configtype)=.*/\1='\''smarthost'\''/;
s/^#?(dc_smarthost)=.*/\1='\''sistemas.ufrj.br::587'\''/;
s/^#?(dc_relay_domains)=.*/\1='\'''\''/;
' /etc/exim4/update-exim4.conf.conf
+ update-exim4.conf -v
using non-split configuration scheme from /etc/exim4/exim4.conf.template
LOG: MAIN
Warning: No server certificate defined; will use a selfsigned one.
Suggested action: either install a certificate or change tls_advertise_hosts option
LOG: PANIC DIE
Cannot open main log file "/var/log/exim4/mainlog": Permission denied: euid=0 egid=101
2021-10-20 14:51:15 Warning: No server certificate defined; will use a selfsigned one.
Suggested action: either install a certificate or change tls_advertise_hosts option
2021-10-20 14:51:15 Cannot open main log file "/var/log/exim4/mainlog": Permission denied: euid=0 egid=101
exim: could not open panic log - aborting: see message(s) above

Hello, I'm trying to use your image in Kubernetes as a Gmail relay. I'm not being able to connect to the container from outside, from another container.
Form inside the container it is working. I can use python to run a simple script to connect and send a mail the way I intent to.
But from outside I can't connect to the relay.
I think I'm not configuring my environment variables correctly for this case. Can you advise on what variables and values I should use? I'm trying with RELAY_NETWORKS and/or RELAY_DOMAINS but with no success.
I can allow all connections because the container is only exposed inside the Kubernetes cluster.
To illustrate:
From inside

smtp.connect("email-relay", 587)
(220, 'email-relay ESMTP Exim 4.92 Wed, 03 Mar 2021 13:07:36 +0000')

From outside

smtp.connect("email-relay", 587)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/smtplib.py", line 317, in connect
    (code, msg) = self.getreply()
  File "/usr/lib/python2.7/smtplib.py", line 365, in getreply
    + str(e))
smtplib.SMTPServerDisconnected: Connection unexpectedly closed: timed out

I am trying to use your relay to relay mails to my Office 365 send connector.
When sending a email, I get the following error in the log, which I can't seem to solve:

292 delivering 1mqjmk-00004h-Q0
292 R: smarthost for [email protected]
293 T: remote_smtp_smarthost for [email protected]
292 LOG: retry_defer MAIN
292 == [email protected] R=smarthost T=remote_smtp_smarthost defer (-53): retry time not reached for any host for 'mydomain.com'

This is my Docker compose file: https://pastebin.com/aKDJxNcQ

I am using your relay to send mails through my Office 365 connector which works just fine when tested on it's own.

I hope you have an idea for a solution.

Regards :-)

At least the latest version isn't available as documented (unless I misunderstood the documentation, of course!) :-)

Failed to pull image "ghcr.io/ix-ai/smtp:v0.4.0": rpc error: code = Unknown desc = Error response from daemon: Head "https://ghcr.io/v2/ix-ai/smtp/manifests/v0.4.0": unauthorized

I pulled the image for use as an SMTP server for a Mastodon instance.

it looks like the request hits the SMTP server just fine, but then the SMTP server fails its DNS lookup:

  276   <= colonelpanic@******.******.com H=******_sidekiq_1.******_internal_network (******.******.com) [192.168.48.5] P=esmtps X=TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256 CV=no S=24989 id=636749a339838_71d0b088025@******.******.com
  276 LOG: smtp_connection MAIN
  276   SMTP connection from ******_sidekiq_1.******_internal_network (******.******.com) [192.168.48.5] closed by QUIT
  277 Exim version 4.94.2 uid=101 gid=101 pid=277 D=80001
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DANE DKIM DNSSEC Event I18N OCSP PIPE_CONNECT PRDR SOCKS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
  277 delivering 1orYRv-00004S-Ny
  277 R: dnslookup for ************@gmail.com
  277 LOG: MAIN
  277   == ************@gmail.com R=dnslookup defer (-1): host lookup did not complete

I'm using the image here in my docker-compose with no environment variables provided, basically just running a vanilla image.

I assume I just have something mis-configured and it's failing to get the dns info because of it?

Hi,

I'm looking for an Exim implementation with a smarthost and the option to authenticatie the sending user.

When I'm reading the docs correct I can setup a smarthost with authentication using:

SMARTHOST_ADDRESS=mail.mysmtp.com
SMARTHOST_PORT=587
SMARTHOST_USER=myuser
SMARTHOST_PASSWORD=secret
SMARTHOST_ALIASES=*.mysmtp.com

But... Is it also possible to add a username/password for the internal applications? Looking at the docs I don't think it is possible, but... just to be 100% sure I'm asking the question :)

I'm looking for a user login for sending from my internal networking because:

• some (Docker) application only send mails when a user/password has been provided, like WUD (What's Up Docker)
• I want a central point of change when switching my hosting provider (the smarthost part)
• it is more secure (only internal applications with a login can send mail using port 25 using my smarthost)

I did found an article of how it should work, but implementing this is a different story:
https://bobcares.com/blog/exim4-smtp-authentication/

Maybe you can add "Exim" to your project documentation/description. Initially I didn't foun this project due to the fact that that Exim isn't mentioned. I can imagine that more people are missing this, good looking, project.

I can't find example as to which directories should be volumes to mount to server to keep message queue in case of restart.

Could this be added to documentation?

What did i do?

I have added the SES_USER and SES_PASSWORD environment variables to the docker image.

When it receives an email request, i can see that it authenticates successfully.

What did I expect to happen?

I expect that the request made to the SMTP container to be sent to the SES service successfully, and then the receipient (my test email address) should receive the email

What problems did I face?

However, when applying the details from the request, it leaves the "MAIL FROM" empty. This is an example of the log that I received:

mail_1          |   290   SMTP<< 220 email-smtp.amazonaws.com ESMTP SimpleEmailService-d-smtp.ap-southeast-1.amazonaws.com
mail_1          |   290   SMTP>> EHLO f7b2e5901055
mail_1          |   290   SMTP<< 250-email-smtp.amazonaws.com
mail_1          |   290          250-8BITMIME
mail_1          |   290          250-STARTTLS
mail_1          |   290          250-AUTH PLAIN LOGIN
mail_1          |   290          250 Ok
mail_1          |   290   SMTP>> STARTTLS
mail_1          |   290   SMTP<< 220 Ready to start TLS
mail_1          |   290   SMTP>> EHLO f7b2e5901055
mail_1          |   290   SMTP<< 250-email-smtp.amazonaws.com
mail_1          |   290          250-8BITMIME
mail_1          |   290          250-STARTTLS
mail_1          |   290          250-AUTH PLAIN LOGIN
mail_1          |   290          250 Ok
mail_1          |   290   SMTP>> AUTH PLAIN ${REDACTED}
mail_1          |   290   SMTP<< 235 Authentication successful.
mail_1          |   290   SMTP>> MAIL FROM:<>
mail_1          |   290   SMTP<< 501 Invalid MAIL FROM address provided
mail_1          |   290   SMTP>> QUIT
mail_1          |   290   SMTP(close)>>
mail_1          |   289 LOG: MAIN
mail_1          |   289   ** [email protected] R=smarthost T=remote_smtp_smarthost H=email-smtp.ap-southeast-1.amazonaws.com ${REDACTED} X=TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_256_GCM:256 CV=yes DN="CN=email-smtp.ap-southeast-1.amazonaws.com": SMTP error from remote mail server after MAIL FROM:<>: 501 Invalid MAIL FROM address provided

What am i expecting to be fixed?

Are there any environment variables required to populate the "MAIL_FROM"? I am using another docker image that relies on this SMTP server for sending emails. I dont expect to have different emails to send on behalf of the server (use case is to notify the users in the organization).

Please assist, thank you!

The container doesn't accept underscores in hostnames in his default config. Underscores are added to the hostnames when using this container with docker-compose.

Error Message:

viiv-podcast-smtp_1   |   281 LOG: MAIN REJECT
viiv-podcast-smtp_1   |   281   rejected EHLO from viiv-podcast_viiv-podcast-craft_1.viiv-podcast_internal [172.31.58.4]: syntactically invalid argument(s): 

Solution: https://logs.paulooi.com/exim-rejected-ehlo-syntactically-invalid-argument.php

Hi, thanks for this relay image. I have lots of unnecessary info for each SES email, VERBOSE setting is not set in env. One line log entry would be enough for most cases.

mailrelay-1    |   286   SMTP<< 250 Ok
mailrelay-1    |   286   SMTP>> DATA
mailrelay-1    |   286   SMTP<< 354 End data with <CR><LF>.<CR><LF>
mailrelay-1    |   286   SMTP>> (writing message)
mailrelay-1    |   286   SMTP>> .
mailrelay-1    |   286   SMTP<< 250 Ok ...
mailrelay-1    |   286   SMTP+> QUIT
mailrelay-1    |   286   SMTP(TLS shutdown)>>
mailrelay-1    |   286   SMTP(shutdown)>>
mailrelay-1    |   286   SMTP<< 221 Bye
mailrelay-1    |   286 LOG: MAIN
mailrelay-1    |   286   SMTP(drain 40 bytes)<< 
mailrelay-1    |   286 0x17
mailrelay-1    |   286 0x03

Hello,

exim uses the host local ip address as the client remote ip address

250-******* Hello ***** [10.0.0.2]

is it possible to show the real remote ip address?

Hi, thanks for sharing this project. I have been using namshi/docker-smtp but have noticed it is no longer being maintained
(there was response to request for providing an updated image with important exim4 security updates namshi/docker-smtp#81)

I'm wondering if you are able and intend to actively maintain this project? If so, I would switch and will encourage others to do so as well. I would also consider becoming a co-maintainer to help push out security updates when needed.

See namshi/docker-smtp#22 (comment).

If we see the DKIM key, the owner needs to be changed to Debian-exim.

Considering a bunch of apps require smtp authentification as a security measurement, I wanted to ask if that could be added/is in the scope of this project.

I upgraded my helm chart from using the namshi/smtp image to use this fork instead (thank you for maintaining it!)

If you think it's appropriate and useful, it might be worth linking to:

https://artifacthub.io/packages/helm/ntppool/smtp

Hi, thank you for maintaining this project.
I currently use this to only send emails, I was wondering if it's possible to also receive and forward incoming emails?
for example:
[email protected] => forward => [email protected]
Thanks

smtp_banner config name - how to change it?

Hi all,
I'm using ixdotai/smtp as a sidecar container with my app container (PHP), for sending out email.

      containers:
      - name: myapp
        image: myapp
        imagePullPolicy: Always
        ...
      - name: smtp
        image: ixdotai/smtp
        env:
        - name: TZ
          value: "Asia/Ho_Chi_Minh"

myapp (PHP) will send out going emails through localhost smtp port 25 (smtp container), I'm getting strange problem.
After a few hours of no use, users access myapp and use it to send out emails , it will fail , with smtp logs like

  337 LOG: MAIN
  337   SMTP connection from localhost ([10.244.0.81]) [127.0.0.1] lost while reading message data

Users try second , third time more , and it back to work normally.

  338 Exim version 4.94.2 uid=101 gid=101 pid=338 D=80001
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DANE DKIM DNSSEC Event I18N OCSP PIPE_CONNECT PRDR SOCKS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
  338 LOG: queue_run MAIN
  338   Start queue run: pid=338
  338 LOG: queue_run MAIN
  338   End queue run: pid=338

The problem keeps repeating, I also tried with bytemark/smtp & namshi/smtp before, same problem , so it's my app's fault or something else ?

Hello,

i've tested to send an email using gmail as realy and it works but the problem is that i see a copy on my gmail inbox too.
Why is that? Any chance to disable this behaviour?

thank you

There is credit given to the namshi/smtp dockerhub image, which this project seems to have forked from. No clear differences detailed though. Would it be possible to update that with a bit more information on what changes your image has?

Hi,

on ARMv7 (raspberry pi 3b) the docker image keeps restarting since the last update.
on amd64 it works fine.

Log:

I'm using this container as the outgoing smarthost for my docker containers. The only access to the incoming port is through an internal docker bridge, so until now no need for authentication, however, I'd like to use this also as outgoing mailserver for gmail "send mail as" accounts. I know I can use smtp.gmail.com, but such mail arrives as [email protected] via [email protected]. For this reason I need to be able to authenticate for example by username/password. Is there a way to do this?