Poste.io邮局搭建

安装脚本

curl -sS -O https://raw.githubusercontent.com/woniu336/open_shell/main/poste_io.sh && chmod +x poste_io.sh && ./poste_io.sh


系统检查
────────────────────────
✓ Telnet......... 已安装
✓ 邮局服务....... 已安装

端口检测
────────────────────────
Connected to smtp.qq.com.
Connection closed by foreign host.
✓ 端口 25........ 当前可用

操作选项
────────────────────────
1. 安装          2. 更新
3. 卸载          0. 退出
────────────────────────
请输入选项 [0-3]: 1

脚本内的各个端口说明

启动

docker compose文件

version: '3.7'

services:
  mailserver:
    image: analogic/poste.io
    hostname: mail.example.com
    ports:
      - "25:25"
      - "110:110"
      - "143:143"
      - "587:587"
      - "993:993"
      - "995:995"
      - "4190:4190"
      - "465:465"
      - "8808:80"
      - "8843:443"
    environment:
      - [email protected]
      - LETSENCRYPT_HOST=mail.example.com
      - VIRTUAL_HOST=mail.example.com
      - DISABLE_CLAMAV=TRUE
      - TZ=Asia/Shanghai
      - HTTPS=OFF
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./mail-data:/data

构建

docker compose up -d

在cloudflare添加dns解析

如：mail.example.com 作为邮箱域名

安装nginx

apt install -y nginx
mkdir /etc/nginx/conf.d/ssl

配置nginx反向代理

vim /etc/nginx/nginx.conf

配置文件如下，这里最好用我的配置文件，否则poste.io在下发证书时会有问题。本人这么配置才下发成功，网上找的配置反而失败。

user root;
worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
include /etc/nginx/modules-enabled/*.conf;

events {
	worker_connections 768;
	# multi_accept on;
}

http {
	sendfile on;
	tcp_nopush on;
	types_hash_max_size 2048;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	access_log /var/log/nginx/access.log;

	gzip on;

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
	
	
	upstream poste_backend { server 127.0.0.1:8808; }
	
	server {
		listen 80;
		server_name mail.example.com imap.example.com smtp.example.com pop.example.com;
	
		location ^~ /.well-known/acme-challenge/ {
			proxy_pass         http://poste_backend;
			proxy_set_header   Host $host;
		}
		return 301 https://$host$request_uri;
	}
	
	server {
		listen 443 ssl http2;
		server_name mail.example.com imap.example.com smtp.example.com pop.example.com;
	
		ssl_certificate     /etc/nginx/conf.d/ssl/mail.example.com.crt;
		ssl_certificate_key /etc/nginx/conf.d/ssl/mail.example.com.key;
		ssl_protocols       TLSv1.2 TLSv1.3;
		ssl_prefer_server_ciphers on;
	
		add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
	
		location ^~ /.well-known/acme-challenge/ {
			proxy_pass       http://poste_backend;
			proxy_set_header Host $host;
		}
	
		location / {
			proxy_pass                   http://poste_backend;
			proxy_set_header Host        $host;
			proxy_set_header X-Real-IP   $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
			proxy_set_header X-Forwarded-Proto $scheme;
			proxy_set_header Upgrade     $http_upgrade;
			proxy_set_header Connection  'upgrade';
			proxy_read_timeout 86400;
		}
	}

	
}

下发Web端访问的证书

curl https://get.acme.sh | sh -s [email protected]
~/.acme.sh/acme.sh --upgrade --auto-upgrade
~/.acme.sh/acme.sh --issue -d mail.example.com --standalone
# 安装证书
~/.acme.sh/acme.sh --install-cert -d mail.example.com --key-file /etc/nginx/conf.d/ssl/mail.example.com.key
~/.acme.sh/acme.sh --install-cert -d mail.example.com --fullchain-file /etc/nginx/conf.d/ssl/mail.example.com.crt

配置poste.io

浏览器访问https://mail.example.com，进入poste.io的配置页面，按照提示进行配置即可。

配置 Let’s Encrypt 证书

日志结尾出现以下内容则下发成功

[xxxxxxxxxx] LEScript.INFO: Got certificate! YAY!
[xxxxxxxxxx] LEScript.INFO: Saving fullchain.pem
[xxxxxxxxxx] LEScript.INFO: Saving cert.pem
[xxxxxxxxxx] LEScript.INFO: Saving chain.pem
[xxxxxxxxxx] LEScript.INFO: Done !!§§!

配置DNS 解析TXT记录

在控制台创建dkim密钥，生成后添加到 DNS 解析TXT记录

配置邮件客户端

开始享用自建邮局的快乐，你已经拥有了无数个邮箱。

邮箱检测