Add AIO Dockerfile

2025-10-16 17:47:37 +07:00 · 2025-10-16 17:47:37 +07:00 · c56fc2e6d5
commit c56fc2e6d5
parent 395ea2122e
15 changed files with 793 additions and 5 deletions
--- a/docker/README.md
+++ b/docker/README.md
@ -0,0 +1,164 @@
+# happyDeliver Docker Configuration
+
+This directory contains all configuration files for the all-in-one Docker container.
+
+## Architecture
+
+The Docker container integrates multiple components:
+
+- **Postfix**: Mail Transfer Agent (MTA) that receives emails on port 25
+- **OpenDKIM**: DKIM signature verification
+- **OpenDMARC**: DMARC policy validation
+- **SpamAssassin**: Spam scoring and content analysis
+- **happyDeliver**: Go application (API server + email analyzer)
+- **Supervisor**: Process manager that runs all services
+
+## Directory Structure
+
+```
+docker/
+├── postfix/
+│   ├── main.cf              # Postfix main configuration
+│   ├── master.cf            # Postfix service definitions
+│   └── transport_maps       # Email routing rules
+├── opendkim/
+│   └── opendkim.conf        # DKIM verification config
+├── opendmarc/
+│   └── opendmarc.conf       # DMARC validation config
+├── spamassassin/
+│   └── local.cf             # SpamAssassin rules and scoring
+├── supervisor/
+│   └── supervisord.conf     # Supervisor service definitions
+├── entrypoint.sh            # Container initialization script
+└── config.docker.yaml       # happyDeliver default config
+```
+
+## Configuration Details
+
+### Postfix (postfix/)
+
+**main.cf**: Core Postfix settings
+- Configures hostname, domain, and network interfaces
+- Sets up milter integration for OpenDKIM and OpenDMARC
+- Configures SPF policy checking
+- Routes emails through SpamAssassin content filter
+- Uses transport_maps to route test emails to happyDeliver
+
+**master.cf**: Service definitions
+- Defines SMTP service with content filtering
+- Sets up SPF policy service (postfix-policyd-spf-perl)
+- Configures SpamAssassin content filter
+- Defines happydeliver pipe for email analysis
+
+**transport_maps**: PCRE-based routing
+- Matches test-UUID@domain emails
+- Routes them to the happydeliver pipe
+
+### OpenDKIM (opendkim/)
+
+**opendkim.conf**: DKIM verification settings
+- Operates in verification-only mode
+- Adds Authentication-Results headers
+- Socket communication with Postfix via milter
+- 5-second DNS timeout
+
+### OpenDMARC (opendmarc/)
+
+**opendmarc.conf**: DMARC validation settings
+- Validates DMARC policies
+- Adds results to Authentication-Results headers
+- Does not reject emails (analysis mode only)
+- Socket communication with Postfix via milter
+
+### SpamAssassin (spamassassin/)
+
+**local.cf**: Spam detection rules
+- Enables network tests (RBL checks)
+- SPF and DKIM checking
+- Required score: 5.0 (standard threshold)
+- Adds detailed spam report headers
+- 5-second RBL timeout
+
+### Supervisor (supervisor/)
+
+**supervisord.conf**: Service orchestration
+- Runs all services as daemons
+- Start order: OpenDKIM → OpenDMARC → SpamAssassin → Postfix → API
+- Automatic restart on failure
+- Centralized logging
+
+### Entrypoint Script (entrypoint.sh)
+
+Initialization script that:
+1. Creates required directories and sets permissions
+2. Replaces configuration placeholders with environment variables
+3. Initializes Postfix (aliases, transport maps)
+4. Updates SpamAssassin rules
+5. Starts Supervisor to launch all services
+
+### happyDeliver Config (config.docker.yaml)
+
+Default configuration for the Docker environment:
+- API server on 0.0.0.0:8080
+- SQLite database at /var/lib/happydeliver/happydeliver.db
+- Configurable domain for test emails
+- RBL servers for blacklist checking
+- Timeouts for DNS and HTTP checks
+
+## Environment Variables
+
+The container accepts these environment variables:
+
+- `DOMAIN`: Email domain for test addresses (default: happydeliver.local)
+- `HOSTNAME`: Container hostname (default: mail.happydeliver.local)
+
+Example:
+```bash
+docker run -e DOMAIN=example.com -e HOSTNAME=mail.example.com ...
+```
+
+## Volumes
+
+**Required volumes:**
+- `/var/lib/happydeliver`: Database and persistent data
+- `/var/log/happydeliver`: Log files from all services
+
+**Optional volumes:**
+- `/etc/happydeliver/config.yaml`: Custom configuration file
+
+## Ports
+
+- **25**: SMTP (Postfix)
+- **8080**: HTTP API (happyDeliver)
+
+## Service Startup Order
+
+Supervisor ensures services start in the correct order:
+
+1. **OpenDKIM** (priority 10): DKIM verification milter
+2. **OpenDMARC** (priority 11): DMARC validation milter
+3. **SpamAssassin** (priority 12): Spam scoring daemon
+4. **Postfix** (priority 20): MTA that uses the above services
+5. **happyDeliver API** (priority 30): REST API server
+
+## Email Processing Flow
+
+1. Email arrives at Postfix on port 25
+2. Postfix sends to OpenDKIM milter
+   - Verifies DKIM signature
+   - Adds `Authentication-Results: ... dkim=pass/fail`
+3. Postfix sends to OpenDMARC milter
+   - Validates DMARC policy
+   - Adds `Authentication-Results: ... dmarc=pass/fail`
+4. Postfix routes through SpamAssassin content filter
+   - Checks SPF record
+   - Scores email for spam
+   - Adds `X-Spam-Status` and `X-Spam-Report` headers
+5. Postfix checks transport_maps
+   - If recipient matches test-UUID pattern, route to happydeliver pipe
+6. happyDeliver analyzer receives email
+   - Extracts test ID from recipient
+   - Parses all headers added by filters
+   - Performs additional analysis (DNS, RBL, content)
+   - Generates deliverability score
+   - Stores report in database