Debian Poste 邮局搭建

212次阅读
没有评论

安装 Docker

apt install docker-compose

端口检查

apt install telnet && telnet smtp.qq.com 25

运行命令

    docker run \
        -d \
        --net=host \
        -e TZ=Asia/Shanghai \
        -v /mail_data:/data \
        --name "mail_server" \
        -h "mail. 顶级域名. 后缀 " \
        -e "HTTPS=OFF" \
        -e "HTTP_PORT=11080" \
        -e "DISABLE_CLAMAV=TRUE" \
        -e "DISABLE_RSPAMD=TRUE" \
        -t analogic/poste.io
  • -h指定域名

Dns 配置

dkim 获取

点击 Virtual domainsGenerate new key

记录类型 主机记录 记录值
MX @ mail. 顶级域名. 后缀
TXT @ v=spf1 mx ~all
A mail 服务器 ip
TXT _dmarc v=DMARC1; p=none; pct=100; rua=mailto:mail@顶级域名. 后缀
CNAME imap mail. 顶级域名. 后缀
CNAME smtp mail. 顶级域名. 后缀
CNAME pop mail. 顶级域名. 后缀
TXT dkim. 顶级域名. 后缀 dkim 值

部署 TLS 证书

点击 system setingsTLS certinlcate

第一个空

mail. 顶级域名. 后缀

第二个空

imap. 顶级域名. 后缀
smtp. 顶级域名. 后缀
pop. 顶级域名. 后缀

save changes即可

Nginx 反代

server {

    listen 443 ssl;                 # 监听端口
    server_name mail. 顶级域名. 后缀;   # 绑定域名

    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers         AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
    ssl_certificate /usr/local/nginx/ssl/all_cn.pem; # 证书文件路径
    ssl_certificate_key /usr/local/nginx/ssl/all_cn.key; # 私钥文件路径
    ssl_session_cache   shared:SSL:10m;
    ssl_session_timeout 10m;

    location / {

        proxy_pass http://127.0.0.1:11080;
        proxy_set_header Host $host;             # 保留原始 Host 头
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme; 
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

    }

}

server {

    listen 80;
    server_name mail. 顶级域名. 后缀;   # 绑定域名

    # 重定向 HTTP 到 HTTPS
    return 301 https://$server_name$request_uri;

}

server {

    listen 80;
    server_name pop. 顶级域名. 后缀;   # 绑定域名

    location / {

        proxy_pass http://127.0.0.1:11080;
        proxy_set_header Host $host;             # 保留原始 Host 头
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme; 

    }

}

server {

    listen 80;
    server_name smtp. 顶级域名. 后缀;   # 绑定域名

    location / {

        proxy_pass http://127.0.0.1:11080;
        proxy_set_header Host $host;             # 保留原始 Host 头
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme; 
    }

}

server {

    listen 80;
    server_name imap. 顶级域名. 后缀;   # 绑定域名
    location / {

        proxy_pass http://127.0.0.1:11080;
        proxy_set_header Host $host;             # 保留原始 Host 头
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme; 

    }

}
正文完
发表至: debian
2024-11-07
 0
评论(没有评论)

近期文章

近期评论