Ondřej Žára
unread,Feb 20, 2023, 10:46:17 AM2/20/23You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to
Hi,
I am looking for tips about handling outgoing smtp traffic in a dockerized scenario. My setup has three containers in a bridge network:
- reverse proxy (to route incoming traffic): 172.19.0.1
- postfix: 172.19.0.2
- webapp (needs to send e-mails): 172.19.0.3
The goal here is to allow the webapp to send e-mails without any particular checks. On a single machine, this would be done via
mynetworks = 127.0.0.1
smtpd_relay_restrictions = permit_mynetworks
...because the webapp would connect from 127.0.0.1. However, in a dockerized world, the webapp connects from 172.19.0.3 - and I cannot really mention this ip in $mynetworks, because docker is free to change the address on container restarts.
An alternative solution would be to set
mynetworks = 172.19/16
...but that would be incorrect as well, because all incoming traffic (from the internet) comes from the proxy, i.e. from 172.19.0.1 - and we do not want to relay that.
So what would be the best practice in this scenario?
Thanks,
Ondrej Zara