From 10caa6e8ba2a463139657b711db61fdbc9bb0c40 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Fri, 18 Jul 2025 21:46:01 +0200
Subject: [PATCH 1/3] Add ca-certificates

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 35cfed6..12af94b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,4 +5,4 @@ CMD ["/usr/sbin/saslauthd", "-d", "-a", "ldap", "-O", "/etc/sasl2/saslauthd.conf
 
 COPY entrypoint.sh /docker-entrypoint.sh
 
-RUN apt update && DEBIAN_FRONTEND=noninteractive apt install -y sasl2-bin libsasl2-modules-ldap && rm -rf /var/lib/apt/lists/*
+RUN apt update && DEBIAN_FRONTEND=noninteractive apt install -y ca-certificates sasl2-bin libsasl2-modules-ldap && rm -rf /var/lib/apt/lists/*

From bf8c1c3b8c47c1ca8e5ad20a19541d014157401b Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Fri, 18 Jul 2025 21:46:07 +0200
Subject: [PATCH 2/3] The right variable is ldap_tls_cacert_file

---
 entrypoint.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 04274cd..2153b91 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -12,7 +12,7 @@ ldap_bind_pw: ${LDAP_BIND_PW}
 ldap_auth_method: ${LDAP_AUTH_METHOD:-bind}
 ldap_deref: ${LDAP_DEREF:-find}
 ldap_ssl: ${LDAP_SSL:-on}
-ldap_tls_cacert_dir: ${LDAP_TLS_CACERT_DIR:-/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt}
+ldap_tls_cacert_file: ${LDAP_TLS_CACERT_FILE:-/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt}
 
 ldap_group_attr: ${LDAP_GROUP_ATTR:-member}
 ldap_group_dn: ${LDAP_GROUP_DN}

From c7bf603ce197f2bbc219f9b23fe026b1b1be1892 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Fri, 18 Jul 2025 21:46:47 +0200
Subject: [PATCH 3/3] Add smtpd.conf

---
 Dockerfile    | 1 +
 entrypoint.sh | 2 --
 smtpd.conf    | 2 ++
 3 files changed, 3 insertions(+), 2 deletions(-)
 create mode 100644 smtpd.conf

diff --git a/Dockerfile b/Dockerfile
index 12af94b..e0104b2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,6 +3,7 @@ FROM debian:stable-slim
 ENTRYPOINT ["/docker-entrypoint.sh"]
 CMD ["/usr/sbin/saslauthd", "-d", "-a", "ldap", "-O", "/etc/sasl2/saslauthd.conf"]
 
+COPY smtpd.conf /etc/sasl2/smtpd.conf
 COPY entrypoint.sh /docker-entrypoint.sh
 
 RUN apt update && DEBIAN_FRONTEND=noninteractive apt install -y ca-certificates sasl2-bin libsasl2-modules-ldap && rm -rf /var/lib/apt/lists/*
diff --git a/entrypoint.sh b/entrypoint.sh
index 2153b91..4386fe4 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,7 +1,5 @@
 #!/bin/sh
 
-mkdir -p /etc/sasl2/
-
 cat <<EOF > /etc/sasl2/saslauthd.conf
 ldap_servers: ${LDAP_SERVERS}
 ldap_search_base: ${LDAP_SEARCH_BASE}
diff --git a/smtpd.conf b/smtpd.conf
new file mode 100644
index 0000000..1290b6a
--- /dev/null
+++ b/smtpd.conf
@@ -0,0 +1,2 @@
+pwcheck_method:saslauthd
+mech_list: PLAIN LOGIN