fix: Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE313-OPENSSL-2941811
- https://snyk.io/vuln/SNYK-ALPINE313-OPENSSL-2941811

.env.example

@@ -37,3 +37,6 @@
 
 # Optional: This will disable (no) or enable (yes) the use of SMTPUTF8
 #SMTPUTF8_ENABLE=no
+
+# Optional: This will use allow you to set a custom $message_size_limit value. Default is 10240000.
+#MESSAGE_SIZE_LIMIT=

.github/ISSUE_TEMPLATE/bug_report.md

@@ -6,12 +6,14 @@ labels: ''
 assignees: ''
 
 ---
-
+<!-- BEFORE SUBMITTING YOUR PR, PLEASE REMOVE THIS TEXT -->
+<!-- REMOVE START -->
 **Reporting a bug**
 
 First of all, this is **not** a problem reporting forum, only report if you are pretty sure what you are experiencing is a bug with this image, not a configuration issue, for that you can use the [Github discussions section](https://github.com/juanluisbaptiste/docker-postfix/discussions) and we will do our best to help you to figure out what's going on with your setup.
 
 Also be sure you are using the latest image by doing _docker pull juanluisbaptiste/postfix:latest_.
+<!-- REMOVE END -->
 
 **Please include the contents of:**
 

.github/pull_request_template.md

@@ -1,10 +1,13 @@
+<!-- BEFORE SUBMITTING YOUR PR, PLEASE REMOVE THIS TEXT -->
+<!-- REMOVE START -->
 # Creating a Pull Request
 
 We use github actions to do automatic [semantic versioning](https://github.com/semantic-release/semantic-release), so please use the following nomenclature for the commit message according to the type of change:
 
 * Prefix with `feat:`, and it will trigger a minor version bump. 
-* Prefix with `fix`:, and it will trigger a patch version bump. 
+* Prefix with `fix:`, and it will trigger a patch version bump.
 * Prefix with `BREAKING CHANGE:`, and it will trigger a major version bump.
+<!-- REMOVE END -->
 
 ## Description of the change
 <!--Please be very clear on the intention of the modifications included in the pull request.-->

Dockerfile

@@ -1,5 +1,5 @@
 #Dockerfile for a Postfix email relay service
-FROM alpine:3.13
+FROM alpine:3.15
 MAINTAINER Juan Luis Baptiste juan.baptiste@gmail.com
 
 RUN apk update && \

README.md

@@ -83,6 +83,8 @@ The following env variable(s) are optional.
 
 * `SMTPUTF8_ENABLE` This will enable (default) or disable support for SMTPUTF8. Valid values are `no` to disable and `yes` to enable. Not setting this variable will use the postfix default, which is `yes`.
 
+* `MESSAGE_SIZE_LIMIT` This will change the default limit of 10240000 bytes (10MB).
+
 To use this container from anywhere, the 25 port or the one specified by `SMTP_PORT` needs to be exposed to the docker host server:
 
     docker run -d --name postfix -p "25:25"  \

run.sh

@@ -49,6 +49,9 @@ if [ "${SMTP_PORT}" = "465" ]; then
   add_config_value "smtp_tls_security_level" "encrypt"
 fi
 
+# Bind to both IPv4 and IPv4
+add_config_value "inet_protocols" "all"
+
 # Create sasl_passwd file with auth credentials
 if [ ! -f /etc/postfix/sasl_passwd -a ! -z "${SMTP_USERNAME}" ]; then
   grep -q "${SMTP_SERVER}" /etc/postfix/sasl_passwd  > /dev/null 2>&1
@@ -76,13 +79,25 @@ fi
 #Check for subnet restrictions
 nets='10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16'
 if [ ! -z "${SMTP_NETWORKS}" ]; then
-        for i in $(sed 's/,/\ /g' <<<$SMTP_NETWORKS); do
+  declare ipv6re="^((([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|\
-                if grep -Eq "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/[0-9]{1,2}" <<<$i ; then
+    ([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|\
-                        nets+=", $i"
+    ([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|\
-                else
+    ([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|\
-                        echo "$i is not in proper IPv4 subnet format. Ignoring."
+    :((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}|\
-                fi
+    ::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|\
-        done
+    (2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|\
+    (2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))/[0-9]{1,3})$"
+
+  for i in $(sed 's/,/\ /g' <<<$SMTP_NETWORKS); do
+    if grep -Eq "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/[0-9]{1,2}" <<<$i ; then
+      nets+=", $i"
+    elif grep -Eq "$ipv6re" <<<$i ; then
+      readarray -d \/ -t arr < <(printf '%s' "$i")
+      nets+=", [${arr[0]}]/${arr[1]}"
+    else
+      echo "$i is not in proper IPv4 or IPv6 subnet format. Ignoring."
+    fi
+  done
 fi
 add_config_value "mynetworks" "${nets}"
 
@@ -99,6 +114,12 @@ if [ ! -z "${OVERWRITE_FROM}" ]; then
   echo "Setting configuration option OVERWRITE_FROM with value: ${OVERWRITE_FROM}"
 fi
 
+# Set message_size_limit
+if [ ! -z "${MESSAGE_SIZE_LIMIT}" ]; then
+  postconf -e "message_size_limit = ${MESSAGE_SIZE_LIMIT}"
+  echo "Setting configuration option message_size_limit with value: ${MESSAGE_SIZE_LIMIT}"
+fi
+
 #Start services
 
 # If host mounting /var/spool/postfix, we need to delete old pid file before