mirror/docker-mailserver.docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2025-08-31 15:30:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

docs(refactor): Large refactor + additions + fixes

Browse source 
Consistency pass, formatting cleanup and fixes, introduce admonitions, add front-matter.

---

docs: Add front-matter

---

docs: Fix and format links

- Some links were invalid (eg files moved or renamed)
- Some were valid but had invalid section headers (content removed or migrated)
- Some use `http://` instead of `https://` when the website supports a secure connection.
- Some already used the `[name][reference]` convention but often with a number that wasn't as useful for maintenance.
- All referenced docs needed URLs replaced. Opted for the `[name][reference]` approach to group them all clearly at the bottom of the doc, especially with the relative URLs and in some cases many duplicate entries.
- All `tomav` references from the original repo prior to switch to an organization have been corrected.
- Minor cosmetic changes to the `name` part of the URL, such as for referencing issues to be consistent.
- Some small changes to text body, usually due to duplicate URL reference that was unnecessary (open relay, youtous)
- Switched other links to use the `[name][reference]` format when there was a large group of URLs such as wikipedia or kubernetes. Github repos that reference projects related to `docker-mailserver` also got placed here so they're noticed better by maintainers. This also helped quite a bit with `mermaid` external links that are very long.
- There was a Github Wiki supported syntax in use `[[name | link]]` for `fetchmail` page that isn't compatible by default with MkDocs (needs a plugin), converted to `[name][reference]` instead since it's a relative link.

---

docs: Update commit link for LDAP override script

Logic moved to another file, keeping the permalink commit reference so it's unaffected by any changes in the file referenced in future.

---

docs: Heading corrections

Consistency pass. Helps with the Table of Contents (top-right UI) aka Document Outline.
docs: codefence cleanup

---

docs: misc cleanup

---

docs: Add Admonitions

Switches `<details>` usage for collapsible admonitions (`???`) while other text content is switched to the visually more distinct admoniton (`!!!` or `???+`) style.

This does affect editor syntax highlighting a bit and markdown linting as it's custom non-standard markdown syntax.
This commit is contained in:
polarathene 2021-03-01 23:41:19 +13:00
parent f13df19b87
commit 021e942c4c
30 changed files with 1369 additions and 1027 deletions
Download patch file Download diff file Expand all files Collapse all files

54
docs/content/config/troubleshooting/debugging.md
View file

@ -1,54 +1,54 @@
..todo.. - Please contribute more to help others debug this package
---
title: 'Troubleshooting | Debugging'
---
## Enable verbose debugging output
!!! info "Contributions Welcome!"
Please contribute your solutions to help the community :heart:
You may find it useful to enable the [DMS_DEBUG](https://github.com/tomav/docker-mailserver#dms_debug) environment variable.
## Enable Verbose Debugging Output
## Invalid username or Password
You may find it useful to enable the [`DMS_DEBUG`][github-file-env-dmsdebug] environment variable.
## Invalid Username or Password
1. Login Container
1. Shell into the container:
```bash
docker exec -it <mycontainer> bash
```
```sh
docker exec -it <my-container> bash
```
2. Check log files
2. Check log files in `/var/log/mail` could not find any mention of incorrect logins here neither in the dovecot logs.
`/var/log/mail`
could not find any mention of incorrect logins here
neither in the dovecot logs
3. Check the supervisors logs in `/var/log/supervisor`. You can find the logs for startup of fetchmail, postfix and others here - they might indicate problems during startup.
3. Check the supervisors logfiles
`/var/log/supervisor`
You can find the logs for startup of fetchmail, postfix and others here - they might indicate problems during startup
4. Make sure you set your hostname to 'mail' or whatever you specified in your docker-compose.yml file or else your FQDN will be wrong
4. Make sure you set your hostname to `mail` or whatever you specified in your `docker-compose.yml` file or else your FQDN will be wrong.
## Installation Errors
1. During setup, if you get errors trying to edit files inside of the container, you likely need to install vi:
During setup, if you get errors trying to edit files inside of the container, you likely need to install `vi`:
``` bash
```sh
sudo su
docker exec -it <mycontainer> apt-get install -y vim
docker exec -it <my-container> apt-get install -y vim
```
## Testing Connection
I spent HOURS trying to debug "Connection Refused" and "Connection closed by foreign host" errors when trying to use telnet to troubleshoot my connection. I was also trying to connect from my email client (macOS mail) around the same time. Telnet had also worked earlier, so I was extremely confused as to why it suddenly stopped working. I stumbled upon fail2ban.log in my container. In short, when trying to get my macOS client working, I exceeded the number of failed login attempts and fail2ban put dovecot and postfix in jail! I got around it by whitelisting my ipaddresses (my ec2 instance and my local computer)
```bash
## Testing Connection
I spent HOURS trying to debug "Connection Refused" and "Connection closed by foreign host" errors when trying to use telnet to troubleshoot my connection. I was also trying to connect from my email client (macOS mail) around the same time. Telnet had also worked earlier, so I was extremely confused as to why it suddenly stopped working. I stumbled upon `fail2ban.log` in my container. In short, when trying to get my macOS client working, I exceeded the number of failed login attempts and fail2ban put dovecot and postfix in jail! I got around it by whitelisting my ipaddresses (my ec2 instance and my local computer)
```sh
sudo su
docker exec -ti mail bash
cd /var/log
cat fail2ban.log | grep dovecot
# Whitelist ip addresses:
# Whitelist IP addresses:
fail2ban-client set dovecot addignoreip <server ip> # Server
fail2ban-client set postfix addignoreip <server ip>
fail2ban-client set dovecot addignoreip <client ip> # Client
fail2ban-client set postfix addignoreip <client ip>
# this will delete the jails entirely - nuclear option
# This will delete the jails entirely - nuclear option
fail2ban-client stop dovecot
fail2ban-client stop postfix
```
@ -59,4 +59,6 @@ Some hosting provides have a stealth block on port 25. Make sure to check with y
Common hosting providers known to have this issue:
- [Azure](https://docs.microsoft.com/en-us/azure/virtual-network/troubleshoot-outbound-smtp-connectivity)
- [AWS EC2](https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/)
- [AWS EC2](https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/)
[github-file-env-dmsdebug]: https://github.com/docker-mailserver/docker-mailserver/blob/master/ENVIRONMENT.md#dms_debug

272
docs/content/config/troubleshooting/faq.md
View file

@ -1,3 +1,7 @@
---
title: 'Troubleshooting | FAQ'
---
### What kind of database are you using?
None! No database is required. Filesystem is the database.
@ -5,77 +9,91 @@ This image is based on config files that can be persisted using Docker volumes,
### Where are emails stored?
Mails are stored in `/var/mail/${domain}/${username}`.
You should use a [data volume container](https://medium.com/@ramangupta/why-docker-data-containers-are-good-589b3c6c749e#.uxyrp7xpu) for `/var/mail` to persist data. Otherwise, your data may be lost.
Mails are stored in `/var/mail/${domain}/${username}`.
You should use a [data volume container](https://medium.com/@ramangupta/why-docker-data-containers-are-good-589b3c6c749e#.uxyrp7xpu) for `/var/mail` to persist data.
Otherwise, your data may be lost.
### How to alter the running mailserver instance _without_ relaunching the container?
docker-mailserver aggregates multiple "sub-services", such as Postfix, Dovecot, Fail2ban, SpamAssasin, etc. In many cases, on may edit a sub-service's config and reload that very sub-service, without stopping and relaunching the whole mail server.
`docker-mailserver` aggregates multiple "sub-services", such as Postfix, Dovecot, Fail2ban, SpamAssasin, etc. In many cases, one may edit a sub-service's config and reload that very sub-service, without stopping and relaunching the whole mail server.
In order to do so, you'll probably want to push your config updates to your server through a Docker volume, then restart the sub-service to apply your changes, using `supervisorctl`. For instance, after editing fail2ban's config: `supervisorctl restart fail2ban`.
See [supervisorctl's documentation](http://supervisord.org/running.html#running-supervisorctl).
Tips: to add/update/delete an email account, there is no need to restart postfix/dovecot service inside the container after using setup.sh script.
For more information, see [issues/1639](https://github.com/tomav/docker-mailserver/issues/1639)
!!! tip
To add, update or delete an email account; there is no need to restart postfix / dovecot service inside the container after using `setup.sh` script.
For more information, see [#1639][github-issue-1639].
### How can I sync container with host date/time? Timezone?
Share the host's [`/etc/localtime`](https://www.freedesktop.org/software/systemd/man/localtime.html) with the docker-mailserver container, using a Docker volume:
Share the host's [`/etc/localtime`](https://www.freedesktop.org/software/systemd/man/localtime.html) with the `docker-mailserver` container, using a Docker volume:
```
```yaml
volumes:
- /etc/localtime:/etc/localtime:ro
```
(optional) Add one line to `.env` or `env-mailserver` to set timetzone for container, for example:
```
TZ=Europe/Berlin
```
check here for [`tz name list`](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones)
!!! help "Optional"
Add one line to `.env` or `env-mailserver` to set timetzone for container, for example:
```env
TZ=Europe/Berlin
```
Check here for the [`tz name list`](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones)
### What is the file format?
All files are using the Unix format with `LF` line endings.
Please do not use `CRLF`.
### What about backups?
Assuming that you use `docker-compose` and a data volumes, you can backup your user mails like this:
```
```sh
docker run --rm -ti \
-v maildata:/var/mail \
-v mailstate:/var/mail-state \
-v /backup/mail:/backup \
alpine:3.2 \
tar czf /backup/mail-`date +%y%m%d-%H%M%S`.tgz /var/mail /var/mail-state
tar czf "/backup/mail-$(date +%y%m%d-%H%M%S).tgz" /var/mail /var/mail-state
find /backup/mail -type f -mtime +30 -exec rm -f {} \;
```
### What about `mail-state` folder?
This folder consolidates all data generated by the server itself to persist when you upgrade.
Example of data folder persisted: lib-amavis, lib-clamav, lib-fail2ban, lib-postfix, lib-postgrey, lib-spamassasin, lib-spamassassin, spool-postfix, ...
### How can I configure my email client?
Login are full email address (`user@domain.com`).
# imap
username: <user1@domain.tld>
password: <mypassword>
server: <mail.domain.tld>
imap port: 143 or 993 with ssl (recommended)
imap path prefix: INBOX
Login are full email address (`user@domain.com`).
# smtp
smtp port: 25 or 587 with ssl (recommended)
username: <user1@domain.tld>
password: <mypassword>
```properties
# imap
username: <user1@domain.tld>
password: <mypassword>
server: <mail.domain.tld>
imap port: 143 or 993 with ssl (recommended)
imap path prefix: INBOX
# smtp
smtp port: 25 or 587 with ssl (recommended)
username: <user1@domain.tld>
password: <mypassword>
```
Please use `STARTTLS`.
### How can I manage my custom Spamassassin rules?
Antispam rules are managed in `config/spamassassin-rules.cf`.
### What are acceptable `SA_SPAM_SUBJECT` values?
@ -84,37 +102,40 @@ For no subject set `SA_SPAM_SUBJECT=undef`.
For a trailing white-space subject one can define the whole variable with quotes in `docker-compose.yml`:
```docker-compose
environment:
- "SA_SPAM_SUBJECT=[SPAM] "
```yaml
environment:
- "SA_SPAM_SUBJECT=[SPAM] "
```
### Can I use naked/bare domains (no host name)?
Yes, but not without some configuration changes. Normally it is assumed that docker-mailserver runs on a host with a name, so the fully qualified host name might be `mail.example.com` with the domain `example.com`. The MX records point to `mail.example.com`. To use a bare domain where the host name is `example.com` and the domain is also `example.com`, change mydestination from:
Yes, but not without some configuration changes. Normally it is assumed that `docker-mailserver` runs on a host with a name, so the fully qualified host name might be `mail.example.com` with the domain `example.com`. The MX records point to `mail.example.com`.
`mydestination = $myhostname, localhost.$mydomain, localhost`
To use a bare domain where the host name is `example.com` and the domain is also `example.com`, change `mydestination`:
To:
- From: `mydestination = $myhostname, localhost.$mydomain, localhost`
- To: `mydestination = localhost.$mydomain, localhost`
`mydestination = localhost.$mydomain, localhost`
Add the latter line to `config/postfix-main.cf`. That should work. Without that change there will be warnings in the logs like:
Add the latter line to config/postfix-main.cf. That should work. Without that change there will be warnings in the logs like:
`warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains`
```log
warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains
```
Plus of course mail delivery fails.
### Why are Spamassassin x-headers not inserted into my sample.domain.com subdomain emails?
### Why are Spamassassin `x-headers` not inserted into my `sample.domain.com` subdomain emails?
In the default setup, amavis only applies Spamassassin x-headers into domains matching the template listed in the config file 05-domain_id (in the amavis defaults). The default setup @local_domains_acl = ( ".$mydomain" ); does not match subdomains. To match subdomains, you can override the @local_domains_acl directive in the amavis user config file 50-user with @local_domains_maps = ("."); to match any sort of domain template.
In the default setup, amavis only applies Spamassassin x-headers into domains matching the template listed in the config file (`05-domain_id` in the amavis defaults).
### How can I make SpamAssassin learn spam?
The default setup `@local_domains_acl = ( ".$mydomain" );` does not match subdomains. To match subdomains, you can override the `@local_domains_acl` directive in the amavis user config file `50-user` with `@local_domains_maps = (".");` to match any sort of domain template.
### How can I make SpamAssassin better recognize spam?
Put received spams in `.Junk/` imap folder using `SPAMASSASSIN_SPAM_TO_INBOX=1` and `MOVE_SPAM_TO_JUNK=1` and add a _user_ cron like the following:
```
# This assumes you're having `environment: ONE_DIR=1` in the env-mailserver,
```conf
# This assumes you're having `environment: ONE_DIR=1` in the `mailserver.env`,
# with a consolidated config in `/var/mail-state`
#
# m h dom mon dow command
@ -122,11 +143,12 @@ Put received spams in `.Junk/` imap folder using `SPAMASSASSIN_SPAM_TO_INBOX=1`
0 2 * * * docker exec mail sa-learn --spam /var/mail/domain.com/username/.Junk --dbpath /var/mail-state/lib-amavis/.spamassassin
```
If you run the server with docker-compose, you can leverage on docker configs and the mailserver's own cron. This is less problematic than the simple solution shown above, because it decouples the learning from the host on which the mailserver is running and avoids errors if the server is not running.
If you run the server with `docker-compose`, you can leverage on docker configs and the mailserver's own cron. This is less problematic than the simple solution shown above, because it decouples the learning from the host on which the mailserver is running and avoids errors if the server is not running.
The following configuration works nicely:
create a _system_ cron file:
Create a _system_ cron file:
```sh
# in the docker-compose.yml root directory
mkdir cron
@ -135,8 +157,9 @@ chown root:root cron/sa-learn
chmod 0644 cron/sa-learn
```
edit the system cron file `nano cron/sa-learn`, and set an appropriate configuration:
```
Edit the system cron file `nano cron/sa-learn`, and set an appropriate configuration:
```conf
# This assumes you're having `environment: ONE_DIR=1` in the env-mailserver,
# with a consolidated config in `/var/mail-state`
#
@ -159,20 +182,19 @@ edit the system cron file `nano cron/sa-learn`, and set an appropriate configura
30 3 * * * root sa-learn --ham /var/mail/otherdomain.com/*/cur* --dbpath /var/mail-state/lib-amavis/.spamassassin
```
with plain docker-compose:
```docker-compose
version: "2"
Then with plain `docker-compose`:
```yaml
services:
mail:
image: tvial/docker-mailserver:latest
# ...
volumes:
- ./cron/sa-learn:/etc/cron.d/sa-learn
```
with [docker swarm](https://docs.docker.com/engine/swarm/configs/):
```docker-compose
Or with [docker swarm](https://docs.docker.com/engine/swarm/configs/):
```yaml
version: "3.3"
services:
@ -191,19 +213,25 @@ configs:
With the default settings, Spamassassin will require 200 mails trained for spam (for example with the method explained above) and 200 mails trained for ham (using the same command as above but using `--ham` and providing it with some ham mails). Until you provided these 200+200 mails, Spamassasin will not take the learned mails into account. For further reference, see the [Spamassassin Wiki](https://wiki.apache.org/spamassassin/BayesNotWorking).
### How can I configure a catch-all?
Considering you want to redirect all incoming e-mails for the domain `domain.tld` to `user1@domain.tld`, add the following line to `config/postfix-virtual.cf`:
```
```cf
@domain.tld user1@domain.tld
```
### How can I delete all the e-mails for a specific user?
### How can I delete all the emails for a specific user?
First of all, create a special alias named `devnull` by editing `config/postfix-aliases.cf`:
```cf
devnull: /dev/null
```
devnull: /dev/null
```
Considering you want to delete all the e-mails received for `baduser@domain.tld`, add the following line to `config/postfix-virtual.cf`:
```
baduser@domain.tld devnull
```cf
baduser@domain.tld devnull
```
### How do I have more control about what SPAMASSASIN is filtering?
@ -211,24 +239,26 @@ baduser@domain.tld devnull
By default, SPAM and INFECTED emails are put to a quarantine which is not very straight forward to access. Several config settings are affecting this behavior:
First, make sure you have the proper thresholds set:
```
```conf
SA_TAG=-100000.0
SA_TAG2=3.75
SA_KILL=100000.0
```
The very negative vaue in `SA_TAG` makes sure, that all emails have the Spamassasin headers included.
`SA_TAG2` is the actual threshold to set the YES/NO flag for spam detection.
`SA_KILL` needs to be very high, to make sure nothing is bounced at all (`SA_KILL` superseeds `SPAMASSASSIN_SPAM_TO_INBOX`)
Make sure everything (including SPAM) is delivered to the inbox and not quarantined.
```
- The very negative vaue in `SA_TAG` makes sure, that all emails have the Spamassasin headers included.
- `SA_TAG2` is the actual threshold to set the YES/NO flag for spam detection.
- `SA_KILL` needs to be very high, to make sure nothing is bounced at all (`SA_KILL` superseeds `SPAMASSASSIN_SPAM_TO_INBOX`)
Make sure everything (including SPAM) is delivered to the inbox and not quarantined:
```conf
SPAMASSASSIN_SPAM_TO_INBOX=1
```
Use `MOVE_SPAM_TO_JUNK=1` or create a sieve script which puts spam to the Junk folder.
Use `MOVE_SPAM_TO_JUNK=1` or create a sieve script which puts spam to the Junk folder:
```
```sieve
require ["comparator-i;ascii-numeric","relational","fileinto"];
if header :contains "X-Spam-Flag" "YES" {
@ -241,49 +271,59 @@ if header :contains "X-Spam-Flag" "YES" {
```
Create a dedicated mailbox for emails which are infected/bad header and everything amavis is blocking by default and put its address into `config/amavis.cf`
```
```cf
$clean_quarantine_to = "amavis\@domain.com";
$virus_quarantine_to = "amavis\@domain.com";
$banned_quarantine_to = "amavis\@domain.com";
$bad_header_quarantine_to = "amavis\@domain.com";
$spam_quarantine_to = "amavis\@domain.com";
```
### What kind of SSL certificates can I use?
You can use the same certificates you use with another mail server.
You can use the same certificates you use with another mail server.
The only thing is that we provide a `self-signed` certificate tool and a `letsencrypt` certificate loader.
### I just moved from my old mail server but "it doesn't work".
### I just moved from my old mail server, but "it doesn't work"?
If this migration implies a DNS modification, be sure to wait for DNS propagation before opening an issue.
Few examples of symptoms can be found [here](https://github.com/tomav/docker-mailserver/issues/95) or [here](https://github.com/tomav/docker-mailserver/issues/97).
This could be related to a modification of your `MX` record, or the IP mapped to `mail.my-domain.tld`. Additionally, [validate your DNS configuration](https://intodns.com/).
Few examples of symptoms can be found [here][github-issue-95] or [here][github-issue-97].
This could be related to a modification of your `MX` record, or the IP mapped to `mail.my-domain.tld`. Additionally, [validate your DNS configuration](https://intodns.com/).
If everything is OK regarding DNS, please provide [formatted logs](https://guides.github.com/features/mastering-markdown/) and config files. This will allow us to help you.
If we're blind, we won't be able to do anything.
### Which system requirements needs my container to run `docker-mailserver` effectively?
### What system requirements are required to run `docker-mailserver` effectively?
1 core and 1GB of RAM + swap partition is recommended to run `docker-mailserver` with clamav.
Otherwise, it could work with 512M of RAM.
Please note that clamav can consume a lot of memory, as it reads the entire signature database into RAM. Current figure is about 850M and growing. If you get errors about clamav or amavis failing to allocate memory you need more RAM or more swap and of course docker must be allowed to use swap (not always the case). If you can't use swap at all you may need 3G RAM.
!!! note
Clamav can consume a lot of memory, as it reads the entire signature database into RAM.
### Is `docker-mailserver` running in a [rancher environment](http://rancher.com/rancher/)?
Current figure is about 850M and growing. If you get errors about clamav or amavis failing to allocate memory you need more RAM or more swap and of course docker must be allowed to use swap (not always the case). If you can't use swap at all you may need 3G RAM.
Yes, by Adding the Environment Variable `PERMIT_DOCKER: network`.
### Can `docker-mailserver` run in a [Rancher Environment](http://rancher.com/rancher/)?
**WARNING**: Adding the docker network's gateway to the list of trusted hosts, e.g. using the `network` or `connected-networks` option, can create an [**open relay**](https://en.wikipedia.org/wiki/Open_mail_relay), [for instance](https://github.com/tomav/docker-mailserver/issues/1405#issuecomment-590106498) if IPv6 is enabled on the host machine but not in Docker. ([#1405](https://github.com/tomav/docker-mailserver/issues/1405))
Yes, by adding the environment variable `PERMIT_DOCKER: network`.
### How can I authenticate users with SMTP_ONLY?
!!! warning
Adding the docker network's gateway to the list of trusted hosts, e.g. using the `network` or `connected-networks` option, can create an [**open relay**](https://en.wikipedia.org/wiki/Open_mail_relay), for instance [if IPv6 is enabled on the host machine but not in Docker][github-issue-1405-comment].
See https://github.com/tomav/docker-mailserver/issues/1247 for an example.
### How can I Authenticate Users with `SMTP_ONLY`?
*ToDo: Write a HowTo/UseCase/Tutorial about authentication with SMTP_ONLY.*
See [#1247][github-issue-1247] for an example.
### Common errors
!!! todo
Write a How-to / Use-Case / Tutorial about authentication with `SMTP_ONLY`.
```
### Common Errors
```log
warning: connect to Milter service inet:localhost:8893: Connection refused
# DMARC not running
# => /etc/init.d/opendmarc restart
@ -299,66 +339,72 @@ mail amavis[1459]: (01459-01) (!!)AV: ALL VIRUS SCANNERS FAILED
# Clamav is not running (not started or because you don't have enough memory)
# => check requirements and/or start Clamav
```
### Using behind proxy
### How to use when behind a Proxy
Add to `/etc/postfix/main.cf` :
```
proxy_interfaces = X.X.X.X (your public IP)
```cf
proxy_interfaces = X.X.X.X (your public IP)
```
### What about updates
### What About Updates
You can of course use a own script or every now and then pull && stop && rm && start the images but there are tools available for this.
There is a page in the [Update and cleanup](Update-and-cleanup) wiki page that explains how to use it the docker way.
There is a page in the [Update and Cleanup][docs-maintenance] wiki page that explains how to use it the docker way.
### How to adjust settings with the `user-patches.sh` script
### Howto adjust settings with the user-patches.sh script
Suppose you want to change a number of settings that are not listed as variables or add things to the server that are not included?
This docker-container has a built-in way to do post-install processes. If you place a script called **user-patches.sh** in the config directory it will be run after all configuration files are set up, but before the postfix, amavis and other daemons are started.
The config file I am talking about is this volume in the yml file:
`- ./config/:/tmp/docker-mailserver/`
The config file I am talking about is this volume in the yml file: `./config/:/tmp/docker-mailserver/`
To place such a script you can just make it in the config dir, for instance like this:
`cd ./config`
```sh
cd ./config
touch user-patches.sh
chmod +x user-patches.sh
```
`touch user-patches.sh`
`chmod +x user-patches.sh`
and then fill it with suitable code.
Then fill `user-patches.sh` with suitable code.
If you want to test it you can move into the running container, run it and see if it does what you want. For instance:
`./setup.sh debug login # start shell in container`
```sh
# start shell in container
./setup.sh debug login
`cat /tmp/docker-mailserver/user-patches.sh #check the file`
# check the file
cat /tmp/docker-mailserver/user-patches.sh
`/tmp/docker-mailserver/user-patches.sh ## run the script`
# run the script
/tmp/docker-mailserver/user-patches.sh
`exit`
# exit the container shell back to the host shell
exit
```
You can do a lot of things with such a script. You can find an example user-patches.sh script here: [example user-patches.sh script](https://github.com/hanscees/dockerscripts/blob/master/scripts/tomav-user-patches.sh)
You can do a lot of things with such a script. You can find an example `user-patches.sh` script here: [example `user-patches.sh` script][hanscees-userpatches]
#### Special use-case - Patching the `supervisord` config
#### Special case patching supervisord config
It seems worth noting, that the `user-patches.sh` gets executed trough supervisord. If you need to patch some supervisord config (e.g. `/etc/supervisor/conf.d/saslauth.conf`), the patching happens too late.
An easy workaround is to make the `user-patches.sh` reload the supervisord config after patching it:
```bash
#!/bin/bash
sed -i 's/rimap -r/rimap/' /etc/supervisor/conf.d/saslauth.conf
supervisorctl update
```
[docs-maintenance]: ../../advanced/maintenance/update-and-cleanup.md
[github-issue-95]: https://github.com/docker-mailserver/docker-mailserver/issues/95
[github-issue-97]: https://github.com/docker-mailserver/docker-mailserver/issues/97
[github-issue-1247]: https://github.com/docker-mailserver/docker-mailserver/issues/1247
[github-issue-1405-comment]: https://github.com/docker-mailserver/docker-mailserver/issues/1405#issuecomment-590106498
[github-issue-1639]: https://github.com/docker-mailserver/docker-mailserver/issues/1639
[hanscees-userpatches]: https://github.com/hanscees/dockerscripts/blob/master/scripts/tomav-user-patches.sh