环境
Ubuntu 22.04 server 64bit
nginx+php
sqlite3
FQDN
怎样使修改的静态主机名永久生效?
1 2 3 4 5 6 7 echo > /etc/hostname mail.example.comvim /etc/cloud/cloud.cfg reboot
安装nginx 1 2 3 apt-get -y install nginx systemctl start nginx systemctl enable nginx
安装certbot 1 2 3 4 5 6 7 8 apt-get -y install certbot certbot certonly --manual -d 'yinxianwei.com,*.yinxianwei.com'
设置证书自动更新 1 2 crontab -e @daily certbot certonly --manual -d 'yinxianwei.com,*.yinxianwei.com' && systemctl reload postfix dovecot nginx
查看日志 1 less /var/log/letsencrypt/letsencrypt.log
安装php 1 2 apt-get -y install php-imap php-mbstring php-fpm php-sqlite3 systemctl enable php8.1-fpm
安装postfix 1 2 3 apt-get -y install postfix postfix-sqlite systemctl start postfix systemctl enable postfix
1 vim /etc/postfix/master.cf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_tls_auth_only=yes -o smtpd_reject_unlisted_recipient=no -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING smtps inet n - y - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 vim /etc/postfix/main.cf smtpd_tls_cert_file=/etc/letsencrypt/live/example.com/fullchain.pem smtpd_tls_key_file=/etc/letsencrypt/live/example.com/privkey.pem smtpd_tls_security_level=may smtpd_tls_loglevel = 1 smtpd_tls_session_cache_database = btree:${data_directory} /smtpd_scache smtp_tls_CApath=/etc/ssl/certs smtp_tls_security_level=may smtp_tls_loglevel = 1 smtp_tls_session_cache_database = btree:${data_directory} /smtp_scache smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 mailbox_transport = lmtp:unix:private/dovecot-lmtp smtputf8_enable = no smtpd_use_tls=yes smtpd_tls_auth_only=yes smtpd_sasl_type=dovecot smtpd_sasl_path=private/auth smtpd_sasl_auth_enable=yes smtpd_sasl_security_options=noanonymous smtpd_sender_restrictions=permit_sasl_authenticated smtpd_recipient_restrictions=permit_mynetworks permit_sasl_authenticated permit_auth_destination reject_unauth_destination
安装dovecot 1 2 3 apt-get -y install dovecot-core dovecot-imapd dovecot-lmtpd dovecot-sqlite systemctl start dovecot systemctl enable dovecot
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 vim /etc/dovecot/dovecot.conf protocols = imap lmtp !include_try /usr/share/dovecot/protocols.d/*.protocol vim /etc/dovecot/conf.d/10-mail.conf mail_location = maildir:~/Maildir mail_home = /var/vmail/mailbox/%d/%n/ namespace inbox { separator = / inbox = yes } vim /etc/dovecot/conf.d/10-master.conf service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } } service lmtp { unix_listener /var/spool/postfix/private/auth { mode = 0600 user = postfix group = postfix } } service stats { unix_listener stats-reader { user = www-data group = www-data mode = 0660 } unix_listener stats-writer { user = www-data group = www-data mode = 0660 } } gpasswd -a www-data dovecot vim /etc/dovecot/conf.d/10-auth.conf disable_plaintext_auth = yes auth_username_format = %u auth_mechanisms = plain login auth_default_realm = example.com !include auth-sql.conf.ext auth_debug = yes auth_debug_passwords = yes vim /etc/dovecot/dovecot-sql.conf.ext driver = sqlite connect = /var/vmail/db/postfixadmin.db default_pass_scheme = ARGON2I password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1' user_query = SELECT maildir, 2000 AS uid, 2000 AS gid FROM mailbox WHERE username = '%u' AND active='1' iterate_query = SELECT username AS user FROM mailbox vim /etc/dovecot/conf.d/10-ssl.conf ssl = required ssl_cert = </etc/letsencrypt/live/example.com/fullchain.pem ssl_key = </etc/letsencrypt/live/example.com/privkey.pem ssl_prefer_server_ciphers = yes ssl_min_protocol = TLSv1.2 vim /etc/ssl/openssl.cnf vim /etc/dovecot/conf.d/15-mailboxes.conf mailbox Junk { auto = create special_use = \Junk } mailbox Trash { auto = create special_use = \Trash } mailbox Sent { auto = create special_use = \Sent }
添加用户 1 2 3 4 5 6 adduser vmail --system --group --uid 2000 --disabled-login --no-create-home mkdir /var/vmail/mkdir /var/vmail/mailboxmkdir /var/vmail/db/touch /var/vmail/db/postfixadmin.dbchown vmail:vmail /var/vmail/ -R
安装postfixadmin 1 2 3 4 5 6 7 8 9 10 11 12 apt install acl cd /srv/wget -O postfixadmin.tgz https://github.com/postfixadmin/postfixadmin/archive/postfixadmin-3.3.10.tar.gz tar -zxvf postfixadmin.tgz mv postfixadmin-postfixadmin-3.3.10 postfixadminln -s /srv/postfixadmin /usr/share/nginx/postfixadminmkdir -p /srv/postfixadmin/templates_csetfacl -R -m u:www-data:rwx /srv/postfixadmin/templates_c/ setfacl -R -m u:www-data:rx /etc/letsencrypt/live/ /etc/letsencrypt/archive/ setfacl -R -m u:www-data:rwx /var/run/dovecot/stats-reader /var/run/dovecot/stats-writer
1 vim /srv/postfixadmin/config.local.php
1 2 3 4 5 6 7 8 9 10 11 <?php $CONF ['encrypt' ] = 'dovecot:ARGON2I' ;$CONF ['dovecotpw' ] = "/usr/bin/doveadm pw -r 5" ;if (@file_exists ('/usr/bin/doveadm' )) { $CONF ['dovecotpw' ] = "/usr/bin/doveadm pw -r 5" ; } $CONF ['configured' ] = true ;$CONF ['database_type' ] = 'sqlite' ;$CONF ['database_name' ] = '/var/vmail/db/postfixadmin.db' ;$CONF ['default_language' ] = 'cn' ;?>
1 vim /etc/nginx/conf.d/postfixadmin.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 server { listen 80; listen [::]:80; server_name postfixadmin.example.com; root /usr/share/nginx/postfixadmin/public/; index index.php index.html; access_log /var/log/nginx/postfixadmin_access.log; error_log /var/log/nginx/postfixadmin_error.log; location / { try_files $uri $uri/ /index.php; } location ~ ^/(.+\.php)$ { try_files $uri =404; fastcgi_pass unix:/run/php/php8.1-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; } }
1 2 3 4 5 打开 http://postfixadmin.example.com/setup.php 设置密码 vim /srv/postfixadmin/config.local.php $CONF['setup_password'] = 'xxx'; 刷新页面
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 vim /etc/postfix/main.cf virtual_mailbox_domains = sqlite:/etc/postfix/sql/sqlite_virtual_domains_maps.cf virtual_mailbox_maps = sqlite:/etc/postfix/sql/sqlite_virtual_mailbox_maps.cf virtual_alias_maps = sqlite:/etc/postfix/sql/sqlite_virtual_alias_maps.cf virtual_transport = lmtp:unix:private/dovecot-lmtp mkdir /etc/postfix/sql/echo -e "dbpath = /var/vmail/db/postfixadmin.db\nquery = SELECT domain FROM domain WHERE domain='%s' AND active = '1'" > /etc/postfix/sql/sqlite_virtual_domains_maps.cfecho -e "dbpath = /var/vmail/db/postfixadmin.db\nquery = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'" > /etc/postfix/sql/sqlite_virtual_mailbox_maps.cfecho -e "dbpath = /var/vmail/db/postfixadmin.db\nquery = SELECT goto FROM alias WHERE address='%s' AND active = '1'" > /etc/postfix/sql/sqlite_virtual_alias_maps.cfchmod 0640 /etc/postfix/sql/*setfacl -R -m u:postfix:rx /etc/postfix/sql/ postconf -e "mydestination = \$myhostname, localhost.\$mydomain, localhost" vim /etc/postfix/main.cf virtual_mailbox_base = /var/vmail virtual_minimum_uid = 2000 virtual_uid_maps = static:2000 virtual_gid_maps = static:2000 systemctl restart postfix dovecot
安装webmail 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 apt install php-xml php-curl mkdir /var/www/rainloopwget https://www.rainloop.net/repository/webmail/rainloop-latest.zip unzip rainloop-latest.zip -d /var/www/rainloop cd /var/www/rainloopfind . -type d -exec chmod 755 {} \; find . -type f -exec chmod 644 {} \; chown -R www-data:www-data .vim /etc/nginx/conf.d/webmail.conf server { listen 80; listen [::]:80; server_name webmail.example.com; root /var/www/rainloop; index index.php index.html; access_log /var/log/nginx/webmail_access.log; error_log /var/log/nginx/webmail_error.log; location / { try_files $uri $uri / /index.php; } location ^~ /data { deny all; } location ~ ^/(.+\.php)$ { try_files $uri =404; fastcgi_pass unix:/run/php/php8.1-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name ; include /etc/nginx/fastcgi_params; } } 打开: http://webmail.example.com/index.php?admin admin 12345 域名 - 添加域名 名字: *.example.com IMAP: mail.example.com, SSL/TLS SMTP: mail.example.com, SSL/TLS 勾选 使用短用户名登录 域名 - 添加别名 example.com -> *.example.com
https://support.huaweicloud.com/ecs_faq/zh-cn_topic_0050735736.html
https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-on-ubuntu-22-04
https://imaginefei.com/2022/09/03/IT%E6%8A%80%E6%9C%AF/%E8%BF%90%E7%BB%B4/%E5%9F%BA%E7%A1%80%E8%AE%BE%E6%96%BD/%E9%82%AE%E4%BB%B6%E7%B3%BB%E7%BB%9F%E6%90%AD%E5%BB%BA%E4%B9%8BPostfix-Dovecot-Postfixadmin/
https://developer.aliyun.com/article/417606
https://www.linuxbabe.com/redhat/postfixadmin-create-virtual-mailboxes-centos-mail-server
https://www.linuxbabe.com/redhat/run-your-own-email-server-centos-postfix-smtp-server
https://github.com/postfixadmin/postfixadmin/issues/567
https://www.linuxbabe.com/mail-server/postfixadmin-ubuntu
