Have a look at https://github.com/bokysan/docker-postfix. You should be
able to find answers here, to many of your questions.
We use them internally, so they are not public facing: StatefulSets with
4 replicas.
On 1/14/26 09:00, Ankit Kulkarni via Postfix-users wrote:
Hello,
I am exploring options to make our existing SMTP infrastructure more
elastic using containerization, potentially by running SMTP workloads
on Kubernetes. Our current system works well, but as we are building
hooks for automated and more robust scaling, I am evaluating whether
moving parts of the SMTP stack to Kubernetes would bring tangible
benefits.
I am specifically looking for advice and real-world experience around
"containerising Postfix and running it in production", possibly under
Kubernetes.
Our current architecture, at a high level, looks like this:
clients → LB → HAProxy → SMTP inbound/outbound instances (Postfix +
policyd + milters) → after-queue milter → other MTA / LMTP
If we introduce containerization, it would start from HAProxy onwards.
Some of the challenges I can see upfront:
* Postfix maintains mail queues, which makes it a stateful service.
Using StatefulSets in Kubernetes seems like a possible way to address
this.
* For SMTP outbound, each instance requires a stable, reputable
public IP. This is a constraint, but something we believe could be solved
with the right setup.
* Postfix-to-milter connection behavior: once a milter connection
breaks, Postfix does not re-establish it mid-session. We recently
discussed this on the mailing list, and one possible mitigation is
using 451 responses, as described here:
https://www.mail-archive.com/[email protected]/msg106876.html
Given this context, my questions are:
* Has anyone run Postfix in containers (Docker / Kubernetes) for
production workloads at a reasonable scale? If yes, how was it done?
* Are there any critical challenges or failure modes beyond the ones
mentioned above?
* Are there recommended architectures, or specific do’s and don’ts,
when running Postfix in containers?
* If this approach is generally not recommended, what are the main
bottlenecks or design reasons?
I have skipped some obvious aspects (for example, graceful shutdown
and startup of containers), assuming those can be handled with
standard mechanisms.
Any guidance, experiences, or pointers would be greatly appreciated.
Thanks in advance.
Ankit Kulkarni
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
