poste.io邮局搭建
安装脚本
curl -sS -O https://raw.githubusercontent.com/woniu336/open_shell/main/poste_io.sh && chmod +x poste_io.sh && ./poste_io.sh |
脚本内的各个端口说明
| 服务 | 端口 | 说明 |
|---|---|---|
| SMTP | 25 | SMTP 服务端口 |
| IMAP | 143 | IMAP 服务端口 |
| POP3 | 110 | POP3 服务端口 |
| SMTPS | 465 | SMTPS 服务端口 |
| IMAPS | 993 | IMAPS 服务端口 |
| POP3S | 995 | POP3S 服务端口 |
| MSA | 587 | SMTP 端口主要由电子邮件客户端在 STARTTLS 和身份验证之后使用 |
| Sieve | 4190 | 远程筛子设置 |
| Web | 8808 | Web服务端口 |
| Web | 8843 | Web服务端口 |
启动
docker compose up -d |
在cloudflare添加dns解析
如:mail.example.com 作为邮箱域名
| 记录类型 | 主机记录 | 记录值 |
|---|---|---|
| A | 服务器ip | |
| CNAME | imap | mail.example.com |
| CNAME | pop | mail.example.com |
| CNAME | smtp | mail.example.com |
| MX | @ | mail.example.com |
| TXT | @ | v=spf1 mx ~all |
| TXT | _dmarc | v=DMARC1; p=none; rua=mailto:admin@example.com |
| TXT | DKIM Key | DKIM 记录值 |
安装nginx
apt install -y nginx |
配置nginx反向代理vim /etc/nginx/nginx.conf
配置文件如下,这里最好用我的配置文件,否则poste.io在下发证书时会有问题。本人这么配置才下发成功,网上找的配置反而失败。user root;
worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
upstream poste_backend { server 127.0.0.1:8808; }
server {
listen 80;
server_name mail.example.com imap.example.com smtp.example.com pop.example.com;
location ^~ /.well-known/acme-challenge/ {
proxy_pass http://poste_backend;
proxy_set_header Host $host;
}
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name mail.example.com imap.example.com smtp.example.com pop.example.com;
ssl_certificate /etc/nginx/conf.d/ssl/mail.example.com.crt;
ssl_certificate_key /etc/nginx/conf.d/ssl/mail.example.com.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
location ^~ /.well-known/acme-challenge/ {
proxy_pass http://poste_backend;
proxy_set_header Host $host;
}
location / {
proxy_pass http://poste_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_read_timeout 86400;
}
}
}
下发Web端访问的证书curl https://get.acme.sh | sh -s email=example@gmail.com
~/.acme.sh/acme.sh --upgrade --auto-upgrade
~/.acme.sh/acme.sh --issue -d mail.example.com --standalone
# 安装证书
~/.acme.sh/acme.sh --install-cert -d mail.example.com --key-file /etc/nginx/conf.d/ssl/mail.example.com.key
~/.acme.sh/acme.sh --install-cert -d mail.example.com --fullchain-file /etc/nginx/conf.d/ssl/mail.example.com.crt
配置poste.io
浏览器访问https://mail.example.com,进入poste.io的配置页面,按照提示进行配置即可。
配置 Let’s Encrypt 证书
日志结尾出现以下内容则下发成功[xxxxxxxxxx] LEScript.INFO: Got certificate! YAY!
[xxxxxxxxxx] LEScript.INFO: Saving fullchain.pem
[xxxxxxxxxx] LEScript.INFO: Saving cert.pem
[xxxxxxxxxx] LEScript.INFO: Saving chain.pem
[xxxxxxxxxx] LEScript.INFO: Done !!§§!
配置DNS 解析TXT记录
在控制台创建dkim密钥,生成后添加到 DNS 解析TXT记录
配置邮件客户端
| 协议 | 服务器地址 | 端口 | SSL |
|---|---|---|---|
| SMTP | smtp.example.com | 465 | true |
| IMAP | imap.example.com | 993 | true |
| POP3 | pop.example.com | 995 | true |
开始享用自建邮局的快乐,你已经拥有了无数个邮箱。
邮箱检测
https://www.mail-tester.com/