Improved start-mailserver output (#420)

* Improved start-mailserver output * Fixed rework to make tests work again * Improved output and updated SSL certs for LE
2024-09-27 23:09:48 +02:00 · 2016-12-23 23:56:39 +01:00 · 2016-12-23 23:56:39 +01:00 · ccad91c23d
commit ccad91c23d
parent 2a15ac619e
5 changed files with 202 additions and 145 deletions
--- a/3
+++ b/3
@ -117,8 +117,7 @@ RUN sed -i -r "/^#?compress/c\compress\ncopytruncate" /etc/logrotate.conf && \
  sed -i -r 's|/var/log/mail|/var/log/mail/mail|g' /etc/logrotate.d/rsyslog

 # Get LetsEncrypt signed certificate
-RUN curl -s https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.pem > /etc/ssl/certs/lets-encrypt-x1-cross-signed.pem && \
-  curl -s https://letsencrypt.org/certs/lets-encrypt-x2-cross-signed.pem > /etc/ssl/certs/lets-encrypt-x2-cross-signed.pem
+RUN curl -s https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem > /etc/ssl/certs/lets-encrypt-x3-cross-signed.pem 

 COPY ./target/bin /usr/local/bin
 # Start-mailserver script
--- a/4
+++ b/4
@ -28,7 +28,8 @@ run:
 		-e VIRUSMAILS_DELETE_DELAY=7 \
 		-e SASL_PASSWD="external-domain.com username:password" \
 		-e ENABLE_MANAGESIEVE=1 \
-		-e PERMIT_DOCKER=host\
+		-e PERMIT_DOCKER=host \
+		-e DMS_DEBUG=0 \
 		-h mail.my-domain.com -t $(NAME)
 	sleep 20
 	docker run -d --name mail_pop3 \
@ -36,6 +37,7 @@ run:
 		-v "`pwd`/test":/tmp/docker-mailserver-test \
 		-v "`pwd`/test/config/letsencrypt":/etc/letsencrypt/live \
 		-e ENABLE_POP3=1 \
+		-e DMS_DEBUG=1 \
 		-e SSL_TYPE=letsencrypt \
 		-h mail.my-domain.com -t $(NAME)
 	sleep 20
--- a/README.md
+++ b/README.md
@ -93,6 +93,11 @@ Please check [how the container starts](https://github.com/tomav/docker-mailserv

 Value in **bold** is the default value.

+##### DMS_DEBUG
+
+  - **empty** (0) => Debug disabled
+  - 1 => Enables debug on startup
+
 ##### ENABLE_POP3

  - **empty** => POP3 service disabled
--- a/target/start-mailserver.sh
+++ b/target/start-mailserver.sh
@ -8,6 +8,7 @@
 ##########################################################################
 declare -A DEFAULT_VARS
 DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}"
+DEFAULT_VARS["DMS_DEBUG"]="${DMS_DEBUG:="0"}"
 ##########################################################################
 # << DEFAULT VARS
 ##########################################################################
@ -34,7 +35,8 @@ DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}"
 # Implement them in the section-group: {check,setup,fix,start}
 ##########################################################################
 function register_functions() {
-	notify 'taskgrp' 'Registering check,setup,fix,misc and start-daemons functions'
+	notify 'taskgrp' 'Initializing setup'
+	notify 'task' 'Registering check,setup,fix,misc and start-daemons functions'

 	################### >> check funcs

@ -75,7 +77,10 @@ function register_functions() {
 	_register_setup_function "_setup_security_stack"
 	_register_setup_function "_setup_postfix_aliases"
 	_register_setup_function "_setup_postfix_vhost"
-	_register_setup_function "_setup_postfix_relay_amazon_ses"
+
+	if [ ! -z "$AWS_SES_HOST" -a ! -z "$AWS_SES_USERPASS" ]; then
+		_register_setup_function "_setup_postfix_relay_amazon_ses"
+	fi

 	################### << setup funcs

@ -93,7 +98,8 @@ function register_functions() {

 	################### >> daemon funcs

-	_register_start_daemon "_start_daemons_sys"
+	_register_start_daemon "_start_daemons_cron"
+	_register_start_daemon "_start_daemons_rsyslog"

 	if [ "$ENABLE_ELK_FORWARDER" = 1 ]; then
 		_register_start_daemon "_start_daemons_filebeat"
@ -191,45 +197,78 @@ function _register_misc_function() {
 function notify () {
 	c_red="\e[0;31m"
 	c_green="\e[0;32m"
+	c_brown="\e[0;33m"
 	c_blue="\e[0;34m"
 	c_bold="\033[1m"
 	c_reset="\e[0m"

 	notification_type=$1
 	notification_msg=$2
+	notification_format=$3
+	msg=""

 	case "${notification_type}" in
-		'inf')
-			msg="${c_green}  * ${c_reset}${notification_msg}"
-			;;
-		'err')
-			msg="${c_red}  * ${c_reset}${notification_msg}"
-			;;
-		'warn')
-			msg="${c_blue}  * ${c_reset}${notification_msg}"
-			;;
-		'task')
-			msg=" >>>> ${notification_msg}"
-			;;
 		'taskgrp')
 			msg="${c_bold}${notification_msg}${c_reset}"
 			;;
+		'task')
+			if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
+				msg="  ${notification_msg}${c_reset}"
+			fi
+			;;
+		'inf')
+			if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
+				msg="${c_green}  * ${notification_msg}${c_reset}"
+			fi
+			;;
+		'started')
+			msg="${c_green} ${notification_msg}${c_reset}"
+			;;
+		'warn')
+			msg="${c_brown}  * ${notification_msg}${c_reset}"
+			;;
+		'err')
+			msg="${c_red}  * ${notification_msg}${c_reset}"
+			;;
 		'fatal')
-			msg="${c_bold} >>>> ${notification_msg} <<<<${c_reset}"
+			msg="${c_red}Error: ${notification_msg}${c_reset}"
 			;;
 		*)
 			msg=""
 			;;
 	esac

-	[[ ! -z "${msg}" ]] && echo -e "${msg}"
+	case "${notification_format}" in
+		'n')
+			options="-ne"
+	  	;;
+		*)
+  		options="-e"
+			;;
+	esac
+
+	[[ ! -z "${msg}" ]] && echo $options "${msg}"
 }

 function defunc() {
-	notify 'fatal' "Please fix the failures. Exiting ..." 
+	notify 'fatal' "Please fix your configuration. Exiting..." 
 	exit 1
 }

+function display_startup_daemon() {
+  $1 &>/dev/null
+  res=$?
+  if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
+	  if [ $res = 0 ]; then
+			notify 'started' " [ OK ]"
+		else
+	  	echo "false"
+			notify 'err' " [ FAILED ]"
+		fi
+  fi
+	return $res
+}
+
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 # !  CARE --> DON'T CHANGE, except you know exactly what you are doing
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
@ -243,7 +282,7 @@ function defunc() {
 # Description: Place functions for initial check of container sanity
 ##########################################################################
 function check() {
-	notify 'taskgrp' 'Checking configuration sanity:'
+	notify 'taskgrp' 'Checking configuration'
 	for _func in "${FUNCS_CHECK[@]}";do
 		$_func
 		[ $? != 0 ] && defunc
@ -253,11 +292,11 @@ function check() {
 function _check_hostname() {
 	notify "task" "Check that hostname/domainname is provided (no default docker hostname) [$FUNCNAME]"

-	if ( ! echo $(hostname) | grep -E '^(\S+[.]\S+)$' ); then
+	if ( ! echo $(hostname) | grep -E '^(\S+[.]\S+)$' > /dev/null ); then
 		notify 'err' "Setting hostname/domainname is required"
 		return 1
 	else 
-		notify 'inf' "Hostname has been set"
+		notify 'inf' "Hostname has been set to $(hostname)"
 		return 0
 	fi
 }
@ -277,11 +316,9 @@ function _check_environment_variables() {
 # Description: Place functions for functional configurations here
 ##########################################################################
 function setup() {
-	notify 'taskgrp' 'Setting up the Container:'
-
+	notify 'taskgrp' 'Configuring mail server'
 	for _func in "${FUNCS_SETUP[@]}";do
 		$_func
-		[ $? != 0 ] &&  defunc
 	done
 }

@ -291,14 +328,14 @@ function _setup_default_vars() {
 	for var in ${!DEFAULT_VARS[@]}; do
 		echo "export $var=${DEFAULT_VARS[$var]}" >> /root/.bashrc
 		[ $? != 0 ] && notify 'err' "Unable to set $var=${DEFAULT_VARS[$var]}" && return 1
-		notify 'inf' "$var=${DEFAULT_VARS[$var]} set"
+		notify 'inf' "Set $var=${DEFAULT_VARS[$var]}"
 	done
 }

 function _setup_mailname() {
 	notify 'task' 'Setting up Mailname'

-	echo "Creating /etc/mailname"
+	notify 'inf' "Creating /etc/mailname"
 	echo $(hostname -d) > /etc/mailname
 }

@ -317,7 +354,7 @@ function _setup_dovecot() {
 	# Enable Managesieve service by setting the symlink
 	# to the configuration file Dovecot will actually find
 	if [ "$ENABLE_MANAGESIEVE" = 1 ]; then
-		echo "Sieve management enabled"
+		notify 'inf' "Sieve management enabled"
 		mv /etc/dovecot/protocols.d/managesieved.protocol.disab /etc/dovecot/protocols.d/managesieved.protocol
 	fi
 }
@ -327,9 +364,9 @@ function _setup_dovecot_local_user() {
 	echo -n > /etc/postfix/vmailbox
 	echo -n > /etc/dovecot/userdb
 	if [ -f /tmp/docker-mailserver/postfix-accounts.cf -a "$ENABLE_LDAP" != 1 ]; then
-		echo "Checking file line endings"
+		notify 'inf' "Checking file line endings"
 		sed -i 's/\r//g' /tmp/docker-mailserver/postfix-accounts.cf
-		echo "Regenerating postfix 'vmailbox' and 'virtual' for given users"
+		notify 'inf' "Regenerating postfix user list"
 		echo "# WARNING: this file is auto-generated. Modify config/postfix-accounts.cf to edit user list." > /etc/postfix/vmailbox

 		# Checking that /tmp/docker-mailserver/postfix-accounts.cf ends with a newline
@ -349,7 +386,7 @@ function _setup_dovecot_local_user() {
 			user=$(echo ${login} | cut -d @ -f1)
 			domain=$(echo ${login} | cut -d @ -f2)
 			# Let's go!
-			echo "user '${user}' for domain '${domain}' with password '********'"
+			notify 'inf' "user '${user}' for domain '${domain}' with password '********'"
 			echo "${login} ${domain}/${user}/" >> /etc/postfix/vmailbox
 			# User database for dovecot has the following format:
 			# user:password:uid:gid:(gecos):home:(shell):extra_fields
@ -370,7 +407,7 @@ function _setup_dovecot_local_user() {
 			echo ${domain} >> /tmp/vhost.tmp
 		done < /tmp/docker-mailserver/postfix-accounts.cf
 	else
-		echo "==> Warning: 'config/docker-mailserver/postfix-accounts.cf' is not provided. No mail account created."
+		notify 'warn' "'config/docker-mailserver/postfix-accounts.cf' is not provided. No mail account created."
 	fi
 }

@ -384,7 +421,7 @@ function _setup_ldap() {
 			/etc/postfix/ldap-${i}.cf
 	done

-	echo "Configuring dovecot LDAP authentification"
+  notify 'inf' "Configuring dovecot LDAP authentification"
 	sed -i -e 's|^hosts.*|hosts = '${LDAP_SERVER_HOST:="mail.domain.com"}'|g' \
 		-e 's|^base.*|base = '${LDAP_SEARCH_BASE:="ou=people,dc=domain,dc=com"}'|g' \
 		-e 's|^dn\s*=.*|dn = '${LDAP_BIND_DN:="cn=admin,dc=domain,dc=com"}'|g' \
@ -394,18 +431,18 @@ function _setup_ldap() {
 	# Add  domainname to vhost.
 	echo $(hostname -d) >> /tmp/vhost.tmp

-	echo "Enabling dovecot LDAP authentification"
+	notify 'inf' "Enabling dovecot LDAP authentification"
 	sed -i -e '/\!include auth-ldap\.conf\.ext/s/^#//' /etc/dovecot/conf.d/10-auth.conf
 	sed -i -e '/\!include auth-passwdfile\.inc/s/^/#/' /etc/dovecot/conf.d/10-auth.conf

-	echo "Configuring LDAP"
+	notify 'inf' "Configuring LDAP"
 	[ -f /etc/postfix/ldap-users.cf ] && \
 		postconf -e "virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf" || \
-		echo '==> Warning: /etc/postfix/ldap-user.cf not found'
+		notify 'inf' "==> Warning: /etc/postfix/ldap-user.cf not found"

 	[ -f /etc/postfix/ldap-aliases.cf -a -f /etc/postfix/ldap-groups.cf ] && \
 		postconf -e "virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cf, ldap:/etc/postfix/ldap-groups.cf" || \
-		echo '==> Warning: /etc/postfix/ldap-aliases.cf or /etc/postfix/ldap-groups.cf not found'
+		notify 'inf' "==> Warning: /etc/postfix/ldap-aliases.cf or /etc/postfix/ldap-groups.cf not found"

 	[ ! -f /etc/postfix/sasl/smtpd.conf ] && cat > /etc/postfix/sasl/smtpd.conf << EOF
 pwcheck_method: saslauthd
@ -415,9 +452,9 @@ return 0
 }

 function _setup_saslauthd() {
-	notify 'task' 'Setting up Saslauthd'
+	notify 'task' "Setting up Saslauthd"

-	echo "Configuring Cyrus SASL"
+	notify 'inf' "Configuring Cyrus SASL"
 	# checking env vars and setting defaults
 	[ -z $SASLAUTHD_MECHANISMS ] && SASLAUTHD_MECHANISMS=pam
 	[ -z $SASLAUTHD_LDAP_SEARCH_BASE ] && SASLAUTHD_MECHANISMS=pam
@ -426,7 +463,7 @@ function _setup_saslauthd() {
 	([ -z $SASLAUTHD_LDAP_SSL ] || [ $SASLAUTHD_LDAP_SSL == 0 ]) && SASLAUTHD_LDAP_PROTO='ldap://' || SASLAUTHD_LDAP_PROTO='ldaps://'

 	if [ ! -f /etc/saslauthd.conf ]; then
-		echo "Creating /etc/saslauthd.conf"
+		notify 'inf' "Creating /etc/saslauthd.conf"
 		cat > /etc/saslauthd.conf << EOF
 ldap_servers: ${SASLAUTHD_LDAP_PROTO}${SASLAUTHD_LDAP_SERVER}

@ -477,11 +514,11 @@ function _setup_postfix_aliases() {
 			test "$uname" != "$domain" && echo ${domain} >> /tmp/vhost.tmp
 		done < /tmp/docker-mailserver/postfix-virtual.cf
 	else
-		echo "==> Warning: 'config/postfix-virtual.cf' is not provided. No mail alias/forward created."
+		notify 'inf' "Warning 'config/postfix-virtual.cf' is not provided. No mail alias/forward created."
 	fi
 	if [ -f /tmp/docker-mailserver/postfix-regexp.cf ]; then
 		# Copying regexp alias file
-		echo "Adding regexp alias file postfix-regexp.cf"
+		notify 'inf' "Adding regexp alias file postfix-regexp.cf"
 		cp -f /tmp/docker-mailserver/postfix-regexp.cf /etc/postfix/regexp
 		sed -i -e '/^virtual_alias_maps/{
 		s/ regexp:.*//
@ -493,18 +530,18 @@ function _setup_postfix_aliases() {
 function _setup_dkim() {
 	notify 'task' 'Setting up DKIM'

+	mkdir -p /etc/opendkim && touch /etc/opendkim/SigningTable
+
 	# Check if keys are already available
 	if [ -e "/tmp/docker-mailserver/opendkim/KeyTable" ]; then
-		mkdir -p /etc/opendkim
 		cp -a /tmp/docker-mailserver/opendkim/* /etc/opendkim/
-		echo "DKIM keys added for: `ls -C /etc/opendkim/keys/`"
-		echo "Changing permissions on /etc/opendkim"
-		# chown entire directory
+		notify 'inf' "DKIM keys added for: `ls -C /etc/opendkim/keys/`"
+		notify 'inf' "Changing permissions on /etc/opendkim"
 		chown -R opendkim:opendkim /etc/opendkim/
 		# And make sure permissions are right
 		chmod -R 0700 /etc/opendkim/keys/
 	else
-		echo "No DKIM key provided. Check the documentation to find how to get your keys."
+		notify 'warn' "No DKIM key provided. Check the documentation to find how to get your keys."
 	fi
 }

@ -524,7 +561,7 @@ function _setup_ssl() {
 					KEY="key"
 				fi
 				if [ -n "$KEY" ]; then
-					echo "Adding $(hostname) SSL certificate"
+					notify 'inf' "Adding $(hostname) SSL certificate"

 					# Postfix configuration
 					sed -i -r 's~smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem~smtpd_tls_cert_file=/etc/letsencrypt/live/'$(hostname)'/fullchain.pem~g' /etc/postfix/main.cf
@ -534,14 +571,14 @@ function _setup_ssl() {
 					sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/letsencrypt/live/'$(hostname)'/fullchain\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
 					sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/letsencrypt/live/'$(hostname)'/'"$KEY"'\.pem~g' /etc/dovecot/conf.d/10-ssl.conf

-					echo "SSL configured with 'letsencrypt' certificates"
+					notify 'inf' "SSL configured with 'letsencrypt' certificates"
 				fi
 			fi
 		;;
 	"custom" )
 		# Adding CA signed SSL certificate if provided in 'postfix/ssl' folder
 		if [ -e "/tmp/docker-mailserver/ssl/$(hostname)-full.pem" ]; then
-			echo "Adding $(hostname) SSL certificate"
+			notify 'inf' "Adding $(hostname) SSL certificate"
 			mkdir -p /etc/postfix/ssl
 			cp "/tmp/docker-mailserver/ssl/$(hostname)-full.pem" /etc/postfix/ssl

@ -553,14 +590,14 @@ function _setup_ssl() {
 			sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/postfix/ssl/'$(hostname)'-full\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
 			sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/postfix/ssl/'$(hostname)'-full\.pem~g' /etc/dovecot/conf.d/10-ssl.conf

-			echo "SSL configured with 'CA signed/custom' certificates"
+			notify 'inf' "SSL configured with 'CA signed/custom' certificates"
 		fi
 		;;
 	"manual" )
 		# Lets you manually specify the location of the SSL Certs to use. This gives you some more control over this whole processes (like using kube-lego to generate certs)
 		if [ -n "$SSL_CERT_PATH" ] \
 		&& [ -n "$SSL_KEY_PATH" ]; then
-			echo "Configuring certificates using cert $SSL_CERT_PATH and key $SSL_KEY_PATH"
+			notify 'inf' "Configuring certificates using cert $SSL_CERT_PATH and key $SSL_KEY_PATH"
 			mkdir -p /etc/postfix/ssl
 			cp "$SSL_CERT_PATH" /etc/postfix/ssl/cert
 			cp "$SSL_KEY_PATH" /etc/postfix/ssl/key
@ -575,7 +612,7 @@ function _setup_ssl() {
 			sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/postfix/ssl/cert~g' /etc/dovecot/conf.d/10-ssl.conf
 			sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/postfix/ssl/key~g' /etc/dovecot/conf.d/10-ssl.conf

-			echo "SSL configured with 'Manual' certificates"
+			notify 'inf' "SSL configured with 'Manual' certificates"
 		fi
 	;;
 "self-signed" )
@ -584,7 +621,7 @@ function _setup_ssl() {
 	&& [ -e "/tmp/docker-mailserver/ssl/$(hostname)-key.pem"  ] \
 	&& [ -e "/tmp/docker-mailserver/ssl/$(hostname)-combined.pem" ] \
 	&& [ -e "/tmp/docker-mailserver/ssl/demoCA/cacert.pem" ]; then
-		echo "Adding $(hostname) SSL certificate"
+		notify 'inf' "Adding $(hostname) SSL certificate"
 		mkdir -p /etc/postfix/ssl
 		cp "/tmp/docker-mailserver/ssl/$(hostname)-cert.pem" /etc/postfix/ssl
 		cp "/tmp/docker-mailserver/ssl/$(hostname)-key.pem" /etc/postfix/ssl
@ -604,7 +641,7 @@ function _setup_ssl() {
 		sed -i -e 's~ssl_cert = </etc/dovecot/dovecot\.pem~ssl_cert = </etc/postfix/ssl/'$(hostname)'-combined\.pem~g' /etc/dovecot/conf.d/10-ssl.conf
 		sed -i -e 's~ssl_key = </etc/dovecot/private/dovecot\.pem~ssl_key = </etc/postfix/ssl/'$(hostname)'-key\.pem~g' /etc/dovecot/conf.d/10-ssl.conf

-		echo "SSL configured with 'self-signed' certificates"
+		notify 'inf' "SSL configured with 'self-signed' certificates"
 	fi
 	;;
 	esac
@ -626,30 +663,26 @@ function _setup_docker_permit() {

 	case $PERMIT_DOCKER in
 		"host" )
-			echo "Adding $container_network/16 to my networks"
+			notify 'inf' "Adding $container_network/16 to my networks"
 			postconf -e "$(postconf | grep '^mynetworks =') $container_network/16"
-			bash -c "echo $container_network/16 >> /etc/opendmarc/ignore.hosts"
-			bash -c "echo $container_network/16 >> /etc/opendkim/TrustedHosts"
+			echo $container_network/16 >> /etc/opendmarc/ignore.hosts
+			echo $container_network/16 >> /etc/opendkim/TrustedHosts
 			;;

 		"network" )
-			echo "Adding docker network in my networks"
+			notify 'inf' "Adding docker network in my networks"
 			postconf -e "$(postconf | grep '^mynetworks =') 172.16.0.0/12"
-			bash -c "echo 172.16.0.0/12 >> /etc/opendmarc/ignore.hosts"
-			bash -c "echo 172.16.0.0/12 >> /etc/opendkim/TrustedHosts"
+			echo 172.16.0.0/12 >> /etc/opendmarc/ignore.hosts
+			echo 172.16.0.0/12 >> /etc/opendkim/TrustedHosts
 			;;

 		* )
-			echo "Adding container ip in my networks"
+			notify 'inf' "Adding container ip in my networks"
 			postconf -e "$(postconf | grep '^mynetworks =') $container_ip/32"
-			bash -c "echo $container_ip/32 >> /etc/opendmarc/ignore.hosts"
-			bash -c "echo $container_ip/32 >> /etc/opendkim/TrustedHosts"
+			echo $container_ip/32 >> /etc/opendmarc/ignore.hosts
+			echo $container_ip/32 >> /etc/opendkim/TrustedHosts
 			;;
 	esac
-
-	# @TODO fix:  bash: /etc/opendkim/TrustedHosts: No such file or directory
-	# temporary workarround return success
-	return 0
 }

 function _setup_postfix_override_configuration() {
@ -659,9 +692,9 @@ function _setup_postfix_override_configuration() {
 		while read line; do
 			postconf -e "$line"
 		done < /tmp/docker-mailserver/postfix-main.cf
-		echo "Loaded 'config/postfix-main.cf'"
+		notify 'inf' "Loaded 'config/postfix-main.cf'"
 	else
-		echo "No extra postfix settings loaded because optional '/tmp/docker-mailserver/postfix-main.cf' not provided."
+		notify 'inf' "No extra postfix settings loaded because optional '/tmp/docker-mailserver/postfix-main.cf' not provided."
 	fi
 }

@ -678,45 +711,41 @@ function _setup_postfix_sasl_password() {
 	if [ -f /etc/postfix/sasl_passwd ]; then
 		chown root:root /etc/postfix/sasl_passwd
 		chmod 0600 /etc/postfix/sasl_passwd
-		echo "Loaded SASL_PASSWD"
+		notify 'inf' "Loaded SASL_PASSWD"
 	else
-		echo "==> Warning: 'SASL_PASSWD' is not provided. /etc/postfix/sasl_passwd not created."
+		notify 'inf' "Warning: 'SASL_PASSWD' is not provided. /etc/postfix/sasl_passwd not created."
 	fi
 }

 function _setup_postfix_relay_amazon_ses() {
 	notify 'task' 'Setting up Postfix Relay Amazon SES'
-
-	if [ ! -z "$AWS_SES_HOST" -a ! -z "$AWS_SES_USERPASS" ]; then
-		if [ -z "$AWS_SES_PORT" ];then
-			AWS_SES_PORT=25
-		fi
-		echo "Setting up outgoing email via AWS SES host $AWS_SES_HOST:$AWS_SES_PORT"
-		echo "[$AWS_SES_HOST]:$AWS_SES_PORT $AWS_SES_USERPASS" >> /etc/postfix/sasl_passwd
-		postconf -e \
-			"relayhost = [$AWS_SES_HOST]:$AWS_SES_PORT" \
-			"smtp_sasl_auth_enable = yes" \
-			"smtp_sasl_security_options = noanonymous" \
-			"smtp_sasl_password_maps = texthash:/etc/postfix/sasl_passwd" \
-			"smtp_use_tls = yes" \
-			"smtp_tls_security_level = encrypt" \
-			"smtp_tls_note_starttls_offer = yes" \
-			"smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt"
+	if [ -z "$AWS_SES_PORT" ];then
+		AWS_SES_PORT=25
 	fi
+	notify 'inf' "Setting up outgoing email via AWS SES host $AWS_SES_HOST:$AWS_SES_PORT"
+	echo "[$AWS_SES_HOST]:$AWS_SES_PORT $AWS_SES_USERPASS" >> /etc/postfix/sasl_passwd
+	postconf -e \
+		"relayhost = [$AWS_SES_HOST]:$AWS_SES_PORT" \
+		"smtp_sasl_auth_enable = yes" \
+		"smtp_sasl_security_options = noanonymous" \
+		"smtp_sasl_password_maps = texthash:/etc/postfix/sasl_passwd" \
+		"smtp_use_tls = yes" \
+		"smtp_tls_security_level = encrypt" \
+		"smtp_tls_note_starttls_offer = yes" \
+		"smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt"
 }

-
 function _setup_security_stack() {
-	notify 'task' 'Setting up Security Stack'
+	notify 'task' "Setting up Security Stack"

-	echo "Configuring Spamassassin"
+	notify 'inf' "Configuring Spamassassin"
 	SA_TAG=${SA_TAG:="2.0"} && sed -i -r 's/^\$sa_tag_level_deflt (.*);/\$sa_tag_level_deflt = '$SA_TAG';/g' /etc/amavis/conf.d/20-debian_defaults
 	SA_TAG2=${SA_TAG2:="6.31"} && sed -i -r 's/^\$sa_tag2_level_deflt (.*);/\$sa_tag2_level_deflt = '$SA_TAG2';/g' /etc/amavis/conf.d/20-debian_defaults
 	SA_KILL=${SA_KILL:="6.31"} && sed -i -r 's/^\$sa_kill_level_deflt (.*);/\$sa_kill_level_deflt = '$SA_KILL';/g' /etc/amavis/conf.d/20-debian_defaults
 	test -e /tmp/docker-mailserver/spamassassin-rules.cf && cp /tmp/docker-mailserver/spamassassin-rules.cf /etc/spamassassin/

 	if [ "$ENABLE_FAIL2BAN" = 1 ]; then
-		echo "Fail2ban enabled"
+		notify 'inf' "Fail2ban enabled"
 		test -e /tmp/docker-mailserver/fail2ban-jail.cf && cp /tmp/docker-mailserver/fail2ban-jail.cf /etc/fail2ban/jail.local
 	else
 		# Disable logrotate config for fail2ban if not enabled
@ -737,7 +766,7 @@ function _setup_elk_forwarder() {

 	ELK_PORT=${ELK_PORT:="5044"}
 	ELK_HOST=${ELK_HOST:="elk"}
-	echo "Enabling log forwarding to ELK ($ELK_HOST:$ELK_PORT)"
+	notify 'inf' "Enabling log forwarding to ELK ($ELK_HOST:$ELK_PORT)"
 	cat /etc/filebeat/filebeat.yml.tmpl \
 		| sed "s@\$ELK_HOST@$ELK_HOST@g" \
 		| sed "s@\$ELK_PORT@$ELK_PORT@g" \
@ -754,7 +783,7 @@ function _setup_elk_forwarder() {
 # Description: Place functions for temporary workarounds and fixes here
 ##########################################################################
 function fix() {
-	notify 'taskgrg' "Starting to fix:"
+	notify 'taskgrg' "Post-configuration checks..."
 	for _func in "${FUNCS_FIX[@]}";do
 		$_func
 		[ $? != 0 ] && defunc
@ -766,10 +795,10 @@ function _fix_var_mail_permissions() {

 	# Fix permissions, but skip this if 3 levels deep the user id is already set
 	if [ `find /var/mail -maxdepth 3 -a \( \! -user 5000 -o \! -group 5000 \) | grep -c .` != 0 ]; then
+		notify 'inf' "Fixing /var/mail permissions"
 		chown -R 5000:5000 /var/mail
-		echo "/var/mail permissions fixed"
 	else
-		echo "Permissions in /var/mail look OK"
+		notify 'inf' "Permissions in /var/mail look OK"
 	fi
 }
 ##########################################################################
@ -783,11 +812,11 @@ function _fix_var_mail_permissions() {
 # Description: Place functions that do not fit in the sections above here
 ##########################################################################
 function misc() {
-	notify 'taskgrp' 'Starting Misc:'
+	notify 'taskgrp' 'Starting Misc'

 	for _func in "${FUNCS_MISC[@]}";do
 		$_func
-		[ $? != 0 ] &&  defunc
+		[ $? != 0 ] && defunc
 	done
 }

@ -796,19 +825,19 @@ function _misc_save_states() {
 	# directory
 	statedir=/var/mail-state
 	if [ "$ONE_DIR" = 1 -a -d $statedir ]; then
-		echo "Consolidating all state onto $statedir"
+		notify 'inf' "Consolidating all state onto $statedir"
 		for d in /var/spool/postfix /var/lib/postfix /var/lib/amavis /var/lib/clamav /var/lib/spamassasin /var/lib/fail2ban; do
 			dest=$statedir/`echo $d | sed -e 's/.var.//; s/\//-/g'`
 			if [ -d $dest ]; then
-				echo "  Destination $dest exists, linking $d to it"
+				notify 'inf' "  Destination $dest exists, linking $d to it"
 				rm -rf $d
 				ln -s $dest $d
 			elif [ -d $d ]; then
-				echo "  Moving contents of $d to $dest:" `ls $d`
+				notify 'inf' "  Moving contents of $d to $dest:" `ls $d`
 				mv $d $dest
 				ln -s $dest $d
 			else
-				echo "  Linking $d to $dest"
+				notify 'inf' "  Linking $d to $dest"
 				mkdir -p $dest
 				ln -s $dest $d
 			fi
@ -821,65 +850,66 @@ function _misc_save_states() {
 # >> Start Daemons
 ##########################################################################
 function start_daemons() {
-	notify 'taskgrp' 'Starting Daemons'
+	notify 'taskgrp' 'Starting mail server'

 	for _func in "${DAEMONS_START[@]}";do
 		$_func
-		[ $? != 0 ] &&  defunc
+		[ $? != 0 ] && defunc
 	done
 }

-function _start_daemons_sys() {
-	notify 'task' 'Starting Cron'
-	cron
+function _start_daemons_cron() {
+	notify 'task' 'Starting cron' 'n'
+	display_startup_daemon "cron"	
+}

-	notify 'task' 'Starting rsyslog'
-	/etc/init.d/rsyslog start
+function _start_daemons_rsyslog() {
+	notify 'task' 'Starting rsyslog' 'n'
+	display_startup_daemon "/etc/init.d/rsyslog start"	
 }

 function _start_daemons_saslauthd() {
-	notify "task" "Starting saslauthd"
-	/etc/init.d/saslauthd start
+	notify 'task' 'Starting saslauthd' 'n'
+	display_startup_daemon "/etc/init.d/saslauthd start"
 }

 function _start_daemons_fail2ban() {
-	notify 'task' 'Starting fail2ban'
+	notify 'task' 'Starting fail2ban' 'n'
 	touch /var/log/auth.log
 	# Delete fail2ban.sock that probably was left here after container restart
  	if [ -e /var/run/fail2ban/fail2ban.sock ]; then
    	  rm /var/run/fail2ban/fail2ban.sock
  	fi
-	/etc/init.d/fail2ban start
+	display_startup_daemon "/etc/init.d/fail2ban start"
 }

 function _start_daemons_opendkim() {
-	notify 'task' 'Starting opendkim'
-	/etc/init.d/opendkim start
+	notify 'task' 'Starting opendkim' 'n'
+	display_startup_daemon "/etc/init.d/opendkim start"
 }

 function _start_daemons_opendmarc() {
-	notify 'task' 'Starting opendmarc'
-	/etc/init.d/opendmarc start
+	notify 'task' 'Starting opendmarc' 'n'
+	display_startup_daemon "/etc/init.d/opendmarc start"
 }

 function _start_daemons_postfix() {
-	notify 'task' 'Starting postfix'
-	/etc/init.d/postfix start
+	notify 'task' 'Starting postfix' 'n'
+	display_startup_daemon "/etc/init.d/postfix start"
 }

 function _start_daemons_dovecot() {
 	# Here we are starting sasl and imap, not pop3 because it's disabled by default
-	notify 'task' "Starting dovecot services"
-	/usr/sbin/dovecot -c /etc/dovecot/dovecot.conf
+	notify 'task' 'Starting dovecot services' 'n'
+	display_startup_daemon "/usr/sbin/dovecot -c /etc/dovecot/dovecot.conf"

 	if [ "$ENABLE_POP3" = 1 ]; then
-		echo "Starting POP3 services"
+		notify 'task' 'Starting pop3 services' 'n'
 		mv /etc/dovecot/protocols.d/pop3d.protocol.disab /etc/dovecot/protocols.d/pop3d.protocol
-		/usr/sbin/dovecot reload
+		display_startup_daemon "/usr/sbin/dovecot reload"
 	fi

 	if [ -f /tmp/docker-mailserver/dovecot.cf ]; then
-		echo 'Adding file "dovecot.cf" to the Dovecot configuration'
 		cp /tmp/docker-mailserver/dovecot.cf /etc/dovecot/local.conf
 		/usr/sbin/dovecot reload
 	fi
@ -895,25 +925,24 @@ function _start_daemons_dovecot() {
 }

 function _start_daemons_filebeat() {
-	notify 'task' 'Starting FileBeat'
-	/etc/init.d/filebeat start
+	notify 'task' 'Starting filebeat' 'n'
+	display_startup_daemon "/etc/init.d/filebeat start"
 }

 function _start_daemons_fetchmail() {
-	notify 'task' 'Starting fetchmail'
+	notify 'task' 'Starting fetchmail' 'n'
 	/usr/local/bin/setup-fetchmail
-	echo "Fetchmail enabled"
-	/etc/init.d/fetchmail start
+	display_startup_daemon "/etc/init.d/fetchmail start"
 }

 function _start_daemons_clamav() {
-	notify 'task' "Starting clamav"
-	/etc/init.d/clamav-daemon start
+	notify 'task' 'Starting clamav' 'n'
+	display_startup_daemon "/etc/init.d/clamav-daemon start"
 }

 function _start_daemons_amavis() {
-	notify 'task' 'Starting Daemon Amavis'
-	/etc/init.d/amavis start
+	notify 'task' 'Starting amavis' 'n'
+	display_startup_daemon "/etc/init.d/amavis start"

 	# @TODO fix: on integration test of mail_with_ldap amavis fails because of:
 	# Starting amavisd:   The value of variable $myhostname is "ldap", but should have been
@ -922,7 +951,7 @@ function _start_daemons_amavis() {
 	# in /etc/amavis/conf.d/05-node_id, or fix what uname(3) provides as a host's 
 	# network name!

-	# > temporary workaround to passe integration test
+	# > temporary workaround to pass integration test
 	return 0
 }
 ##########################################################################
@ -938,6 +967,24 @@ function _start_daemons_amavis() {
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 # >>

+if [[ ${DEFAULT_VARS["DMS_DEBUG"]} == 1 ]]; then
+notify 'taskgrp' ""
+notify 'taskgrp' "#"
+notify 'taskgrp' "#"
+notify 'taskgrp' "# ENV"
+notify 'taskgrp' "#"
+notify 'taskgrp' "#"
+notify 'taskgrp' ""
+printenv
+fi
+
+notify 'taskgrp' ""
+notify 'taskgrp' "#"
+notify 'taskgrp' "#"
+notify 'taskgrp' "# docker-mailserver"
+notify 'taskgrp' "#"
+notify 'taskgrp' "#"
+notify 'taskgrp' ""

 register_functions

@ -947,7 +994,14 @@ fix
 misc
 start_daemons

-tail -f /var/log/mail/mail.log
+notify 'taskgrp' ""
+notify 'taskgrp' "#"
+notify 'taskgrp' "# $(hostname) is up and running"
+notify 'taskgrp' "#"
+notify 'taskgrp' ""
+
+
+tail -fn 0 /var/log/mail/mail.log


 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- a/test/tests.bats
+++ b/test/tests.bats
@ -402,13 +402,8 @@
  [ "$status" -eq 0 ]
 }

-@test "checking ssl: lets-encrypt-x1-cross-signed.pem is installed" {
-  run docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x1-cross-signed.pem
-  [ "$status" -eq 0 ]
-}
-
-@test "checking ssl: lets-encrypt-x2-cross-signed.pem is installed" {
-  run docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x2-cross-signed.pem
+@test "checking ssl: lets-encrypt-x3-cross-signed.pem is installed" {
+  run docker exec mail grep 'BEGIN CERTIFICATE' /etc/ssl/certs/lets-encrypt-x3-cross-signed.pem
  [ "$status" -eq 0 ]
 }

@ -483,7 +478,7 @@
  # Getting mail_fail2ban container IP
  MAIL_FAIL2BAN_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' mail_fail2ban)

-  # Create a container which will send wront authentications and should banned
+  # Create a container which will send wrong authentications and should banned
  docker run --name fail-auth-mailer -e MAIL_FAIL2BAN_IP=$MAIL_FAIL2BAN_IP -v "$(pwd)/test":/tmp/docker-mailserver-test -d $(docker inspect --format '{{ .Config.Image }}' mail) tail -f /var/log/faillog

  docker exec fail-auth-mailer /bin/sh -c 'nc $MAIL_FAIL2BAN_IP 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt'
@ -577,6 +572,8 @@
  [ "$status" -eq 1 ]
  run docker exec mail grep -i 'permission denied' /var/log/mail/mail.log
  [ "$status" -eq 1 ]
+  run docker exec mail grep -i '(!)connect' /var/log/mail/mail.log
+  [ "$status" -eq 1 ]
  run docker exec mail_pop3 grep 'non-null host address bits in' /var/log/mail/mail.log
  [ "$status" -eq 1 ]
  run docker exec mail_pop3 grep ': error:' /var/log/mail/mail.log