Allow MailHog to use privileged ports locally

[martinkoehler]

MailHog allows to configure the port where it listens e.g. via
the environment variable MH_SMTP_BIND_ADDR. However privileged ports are
not allowed, since MailHog runs as normal user.
Using setcap the MailHog binary is allowed to bind on privileged ports

Closes #328

[bvdbasch]

@kraxx @tyndyll @anthonyptetlow @rpkamp @teohhanhui

Can one of you please merge this pull request? Thanks you 🙏

[tyndyll]

I will look at it over the weekend. Want to understand the implications of using the capabilities before merging.

[tyndyll]

Would it be possible to extract the setcap portion as an additional stage in the Dockerfile build? I can then create and publish two images mailhog:latest and mailhog:latest-privileged-ports. This will give people the option of running it

[martinkoehler]

@tyndyll: Is this what you mean?
BTW: The default behavoir does not change, so IMHO people can use mailhog:latest-privileged-ports as a drop-in without noticing a difference. Only if they specify a priveleged port in the Environment, this now works :-)
Or do you have security concerns?
Thanks.

[tyndyll]

I have security concerns, but I'm 99% sure that they're not valid. I'm just doing some reading up to make sure I'm not missing something! Expect this to be merged in on Friday

[martinkoehler]

Thanks. Take your time. Better to check than to be sorry.

[bvdbasch]

@tyndyll Thanks for looking into this. I agree with @martinkoehler that reading up on security should not be rushed. 👍🏻