Option for an Alternate Submission Port #203
Conversation
…lacchi/docker-postfix into alternate-submission-port
|
Hi @embusalacchi. First off -- thank you for contributing back. This is always appreciated. Secondly, can you please explain the reasoning behind this commit? Because you can always port-forward on a port >1024. Eg. docker run --rm --name postfix -e "ALLOWED_SENDER_DOMAINS=example.com" -p 1587:587 boky/postfixwill make your submission port 1587. After we discuss the reasoning, I can dive into the commit itself. |
I am sure this is a rather narrow use case - so if it's not something you want to merge I totally get it. However, we have a policy and monitoring where we cannot have the processes in a container listening on ports below 1023. We are moving towards not allowing containers to run as root but I will cross that bridge at another time. For now this is a good first step for us. Like I said, if this is too niche of a use case I totally understand. |
|
I'm torn on this. On one hand -- thank you for the work. Seriously. On the other: I'm not quite sure if increased complexity is worth it. Your case seems like quite an edge case -- most likely has to do something with security and not running as root. But you cannot do that with Postfix (see #195), so why bother? |
|
Honestly, I don't disagree! I just felt like I did the work and tested it so I should at least see if you want to merge it in. It's totally fine if you want to cancel it. |
For policy reasons I needed to be able to submit emails on a port > 1024. I made a few tweaks to allow the container to accept submission on a port other than 587 for anyone else that may need it.
NOTE: This is my first time contributing back into a public project so please let me know if this is inappropriate or if I did something wrong. It feels like this might be helpful to others so I thought I would put in a PR.