MoinMoin Logo
  • Comments
  • Immutable Page
  • Menu
    • Navigation
    • RecentChanges
    • FindPage
    • Local Site Map
    • Help
    • HelpContents
    • HelpOnMoinWikiSyntax
    • Display
    • Attachments
    • Info
    • Raw Text
    • Print View
    • Edit
    • Load
    • Save
  • Login

Navigation

  • Start
  • Sitemap

Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment

  • Docker
  • SmtpsPop3s

Contents

  1. POP3S/SMTPS
    1. Ports
    2. Docker environment
    3. Send email
    4. Get message
    5. Send to port 587

POP3S/SMTPS

Services with postfix and dovecot

Ports

The encrypted port for POP3 is 995 and works over TLS/SSL. port 587 is the standard port for secure SMTP

  • https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol

SMTP servers commonly use the Transmission Control Protocol on port number 25 (for plaintext) and 587 (for encrypted communications).

  • https://en.wikipedia.org/wiki/Post_Office_Protocol

A POP3 server listens on well-known port number 110 for service requests. Encrypted communication for POP3 is either requested after protocol initiation, using the STLS command, if supported, or by POP3S, which connects to the server using Transport Layer Security (TLS) or Secure Sockets Layer (SSL) on well-known TCP port number 995.

Docker environment

connect.sh

   1 #!/bin/sh
   2 docker exec -it mail-container bash

saslauthd

   1 START=yes
   2 DESC="SASL Authentication Daemon"
   3 NAME="saslauthd"
   4 MECHANISMS="pam"
   5 MECH_OPTIONS=""
   6 THREADS=5
   7 OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

main.cf

   1 # TLS parameters
   2 smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
   3 smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
   4 smtpd_tls_security_level=may
   5 
   6 smtp_tls_CApath=/etc/ssl/certs
   7 smtp_tls_security_level=may
   8 smtp_tls_session_cache_database=btree:${data_directory}/smtp_scache
   9 myhostname=mail.example.org
  10 mydomain=example.org
  11 smtpd_recipient_restrictions=permit_sasl_authenticated , reject_unauth_destination
  12 relay_domains=
  13 smtpd_sasl_auth_enable=yes
  14 smtpd_sasl_security_options=noanonymous
  15 smtpd_sasl_local_domain=$myhostname
  16 
  17 smtpd_sasl_auth_enable = yes
  18 smtpd_sasl_path = smtpd
  19 smtpd_sasl_type = cyrus
  20 
  21 broken_sasl_auth_clients=yes
  22 smtpd_relay_restrictions=permit_sasl_authenticated
  23 home_mailbox=Maildir/
  24 mail_spool_directory=/var/mail
  25 mydestination=$myhostname localhost.$mydomain localhost $mydomain
  26 mynetworks=127.0.0.0/8 10.0.0.0/24

smtpd.conf

   1 pwcheck_method: saslauthd

mailstart.sh

   1 #!/bin/sh
   2 service saslauthd start
   3 service dovecot start
   4 service postfix start
   5 cat

master.cf

   1 smtp      inet  n       -       y       -       -       smtpd
   2 submission inet n       -       y       -       -       smtpd
   3 pickup    unix  n       -       y       60      1       pickup
   4 cleanup   unix  n       -       y       -       0       cleanup
   5 qmgr      unix  n       -       n       300     1       qmgr
   6 tlsmgr    unix  -       -       y       1000?   1       tlsmgr
   7 rewrite   unix  -       -       y       -       -       trivial-rewrite
   8 bounce    unix  -       -       y       -       0       bounce
   9 defer     unix  -       -       y       -       0       bounce
  10 trace     unix  -       -       y       -       0       bounce
  11 verify    unix  -       -       y       -       1       verify
  12 flush     unix  n       -       y       1000?   0       flush
  13 proxymap  unix  -       -       n       -       -       proxymap
  14 proxywrite unix -       -       n       -       1       proxymap
  15 smtp      unix  -       -       y       -       -       smtp
  16 relay     unix  -       -       y       -       -       smtp
  17         -o syslog_name=postfix/$service_name
  18 showq     unix  n       -       y       -       -       showq
  19 error     unix  -       -       y       -       -       error
  20 retry     unix  -       -       y       -       -       error
  21 discard   unix  -       -       y       -       -       discard
  22 local     unix  -       n       n       -       -       local
  23 virtual   unix  -       n       n       -       -       virtual
  24 lmtp      unix  -       -       y       -       -       lmtp
  25 anvil     unix  -       -       y       -       1       anvil
  26 scache    unix  -       -       y       -       1       scache
  27 postlog   unix-dgram n  -       n       -       1       postlogd
  28 maildrop  unix  -       n       n       -       -       pipe
  29   flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
  30 uucp      unix  -       n       n       -       -       pipe
  31   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
  32 ifmail    unix  -       n       n       -       -       pipe
  33   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
  34 bsmtp     unix  -       n       n       -       -       pipe
  35   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
  36 scalemail-backend unix -       n       n       -       2       pipe
  37   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
  38 mailman   unix  -       n       n       -       -       pipe
  39   flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}

Dockerfile

   1 FROM debian:bookworm
   2 
   3 RUN apt update
   4 RUN apt install -y debconf && \
   5     echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections && \
   6     echo "postfix postfix/mailname string example.org" | debconf-set-selections
   7 RUN apt install -y dovecot-core postfix net-tools vim rsyslog dovecot-pop3d libsasl2-2 sasl2-bin  libsasl2-modules procps
   8 
   9 COPY main.cf /etc/postfix/main.cf
  10 COPY 10-mail.conf /etc/dovecot/conf.d/10-mail.conf
  11 COPY master.cf /etc/postfix/master.cf
  12 COPY saslauthd /etc/default/saslauthd
  13 COPY mailstart.sh /root/
  14 COPY smtpd.conf  /etc/postfix/sasl/smtpd.conf
  15 
  16 RUN useradd -m anonymous
  17 RUN echo 'anonymous:guest' | chpasswd
  18 RUN touch /var/mail/anonymous
  19 RUN chown anonymous:mail /var/mail/anonymous
  20 RUN chmod o-r /var/mail/anonymous
  21 RUN chmod g+rw /var/mail/anonymous
  22 RUN rsyslogd
  23 RUN dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd
  24 RUN usermod -a -G sasl postfix
  25 RUN mkdir -p /var/spool/postfix/var/run/saslauthd
  26 RUN chown root:sasl /var/spool/postfix/var/run/saslauthd
  27 RUN chmod 710 /var/spool/postfix/var/run/saslauthd
  28 
  29 CMD ["sh","/root/mailstart.sh"]

10-mail.conf

   1 mail_location = maildir:/home/%u/Maildir
   2 namespace inbox {
   3   inbox = yes
   4 }
   5 mail_privileged_group = mail
   6 protocol !indexer-worker {
   7 }

build.sh

   1 #!/bin/sh
   2 docker build -t mail .

run.sh

   1 #!/bin/sh
   2 docker run --rm -d -it --name mail-container mail

Send email

   1 openssl s_client -connect 127.0.0.1:25 -starttls smtp
   2 EHLO test
   3 250-mail.example.org
   4 250-PIPELINING
   5 250-SIZE 10240000
   6 250-VRFY
   7 250-ETRN
   8 250-AUTH SCRAM-SHA-512 SCRAM-SHA-384 SCRAM-SHA-256 SCRAM-SHA-224 SCRAM-SHA-1 DIGEST-MD5 NTLM CRAM-MD5 PLAIN LOGIN
   9 250-AUTH=SCRAM-SHA-512 SCRAM-SHA-384 SCRAM-SHA-256 SCRAM-SHA-224 SCRAM-SHA-1 DIGEST-MD5 NTLM CRAM-MD5 PLAIN LOGIN
  10 250-ENHANCEDSTATUSCODES
  11 250-8BITMIME
  12 250-DSN
  13 250 CHUNKING
  14 AUTH LOGIN
  15 334 VXNlcm5hbWU6
  16 YW5vbnltb3Vz
  17 334 UGFzc3dvcmQ6
  18 Z3Vlc3Q=
  19 235 2.7.0 Authentication successful
  20 mail from: root@example.org
  21 250 2.1.0 Ok
  22 rcpt to: anonymous@example.org
  23 250 2.1.5 Ok
  24 data
  25 354 End data with <CR><LF>.<CR><LF>
  26 a2 111222
  27 .
  28 250 2.0.0 Ok: queued as 8AE891694FA
  29 quit

Get message

   1 openssl s_client -connect localhost:995 -ign_eof
   2 +OK Dovecot (Debian) ready.
   3 USER anonymous
   4 +OK
   5 PASS guest
   6 +OK Logged in.
   7 LIST
   8 +OK 1 messages:
   9 1 423
  10 .
  11 +OK 423 octets
  12 Return-Path: <root@example.org>
  13 X-Original-To: anonymous@example.org
  14 Delivered-To: anonymous@example.org
  15 Received: from test (localhost [127.0.0.1])
  16         by mail.example.org (Postfix) with ESMTPSA id AA1A7167F56
  17         for <anonymous@example.org>; Sat, 28 Oct 2023 18:38:10 +0000 (UTC)
  18 Message-Id: <20231028183815.AA1A7167F56@mail.example.org>
  19 Date: Sat, 28 Oct 2023 18:38:10 +0000 (UTC)
  20 From: root@example.org
  21 
  22 a2 111222
  23 .
  24 quit

Send to port 587

   1 openssl s_client -connect 127.0.0.1:587 -starttls smtp
   2 EHLO test
   3 250-mail.example.org
   4 250-PIPELINING
   5 250-SIZE 10240000
   6 250-VRFY
   7 250-ETRN
   8 250-AUTH SCRAM-SHA-512 SCRAM-SHA-384 SCRAM-SHA-256 SCRAM-SHA-224 SCRAM-SHA-1 DIGEST-MD5 NTLM CRAM-MD5 PLAIN LOGIN
   9 250-AUTH=SCRAM-SHA-512 SCRAM-SHA-384 SCRAM-SHA-256 SCRAM-SHA-224 SCRAM-SHA-1 DIGEST-MD5 NTLM CRAM-MD5 PLAIN LOGIN
  10 250-ENHANCEDSTATUSCODES
  11 250-8BITMIME
  12 250-DSN
  13 250 CHUNKING
  14 AUTH LOGIN
  15 334 VXNlcm5hbWU6
  16 YW5vbnltb3Vz
  17 334 UGFzc3dvcmQ6
  18 Z3Vlc3Q=
  19 235 2.7.0 Authentication successful
  20 mail from: root@example.org
  21 250 2.1.0 Ok
  22 rcpt to: anonymous@example.org
  23 250 2.1.5 Ok
  24 data
  25 354 End data with <CR><LF>.<CR><LF>
  26 test 1
  27 .
  28 250 2.0.0 Ok: queued as 3823B169398
  29 quit
  30 221 2.0.0 Bye
  31 closed
  • MoinMoin Powered
  • Python Powered
  • GPL licensed
  • Valid HTML 4.01