Evening. I've been running Exim 4 in a Docker container for a while, to isolate it from the rest of the stuff on my server. I figured it was about time I tidied it up and packaged it so other people could use it.
I basically take the exim4 binary out of the most recent Debian Testing exim4-daemon-heavy package, along with all the shared libs it depends on, CA certs, time zone files etc, and stick them in a scratch image. This gives me a full featured version of Exim, but with a minimal image (14MB compressed). There is nothing else for an attacker to use if they compromise Exim, e.g no shell. It's auto-built daily, and a new version of the image is pushed if any files in the image have changed from the previous build. It has some tricks related to setting the time zone and user at runtime, and a useful set of docker tags so you can pin a specific build, Debian package revision, patch or minor version. More explained in the docs at https://gitlab.com/grepular/docker-exim4 and the image is on Docker Hub - https://hub.docker.com/r/grepular/exim4 Feel free to use/re-use/contribute. I intend to maintain it. I'm surprised there isn't an official image by now TBH. Mike
signature.asc
Description: This is a digitally signed message part
-- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
