docker + email

docker pull lejmr/iredmai:mysql-lastest
docker run -d --privileged -p 90:80 -p 8443:443 \
           -e "DOMAIN=adsryen.cn" -e "HOSTNAME=mail" \
           -e "MYSQL_ROOT_PASSWORD=123456" \
           -e "SOGO_WORKERS=1" \
           -e "TIMEZONE=Europe/Prague" \
           -e "POSTMASTER_PASSWORD=123456" \
           -e "IREDAPD_PLUGINS=['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy']" \
           -v `pwd`/mysql:/var/lib/mysql \
           -v `pwd`/vmail:/var/vmail \
           -v `pwd`/clamav:/var/lib/clamav \
           --name=mail lejmr/iredmail:mysql-latest

scp /Users/adsryen/Downloads/docker-compose.yml root@adsryen.cn:/root/mail

docker-compose -f docker-compose.iredmail.yml up -d

docker-compose.iredmail.yml

mail.adsryen.cn/iredadmin/dashboard/checknew

hostnamectl set-hostname adsryen.cn adsryen.cn:90/iredadmin/dashboard/checknew

最佳实践

EwoMail 开源企业邮件系统 的docker镜像 bestwu/ewomail

启动容器

docker run  -d -h mail.adsryen.cn --restart=always \
  	-p 25:25 \
	-p 587:587 \
	-p 465:465 \
	-p 143:143 \
	-p 993:993 \
	-p 110:110 \
	-p 995:995  \
	-p 109:109 \
	-p 90:80 \
	-p 9090:8080 \
	-v `pwd`/mysql/:/ewomail/mysql/data/ \
	-v `pwd`/vmail/:/ewomail/mail/ \
	-v `pwd`/rainloop:/ewomail/www/rainloop/data \
	-v `pwd`/ssl/certs/:/etc/ssl/certs/ \
	-v `pwd`/ssl/private/:/etc/ssl/private/ \
	-v `pwd`/ssl/dkim/:/ewomail/dkim/ \
  --name mail bestwu/ewomailserver  

访问

  • 邮箱管理后台 http://localhost:8080

ewomail.adsryen.cn

默认用户: admin

默认密码: ewomail123

  • Rainloop 管理端 http://localhost/?admin

默认用户: admin

默认密码: 12345

mail.adsryen.cn

  • Rainloop 用户端 http://localhost

设置 DNS

mail.adsryen.cn 改成你的域名

spf记录: v=spf1 include:adsryen.cn -all

DKIM 设置

docker exec mail amavisd showkeys
; key#1, domain adsryen.cn, /ewomail/dkim/mail.pem
dkim._domainkey.adsryen.cn.	3600 TXT (
  "v=DKIM1; p="
  "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDyk2JYMeTjn55AVU7OlZF++6ed"
  "Eu4tGtB35/6+sbQ3ugm0QflplbIWE2vu/gFsuatSn4xKUYIsrp0njaMMbC00qwkT"
  "dWjfI/lmFP/23i/ejKNFNxA4O/zWrtIfCbQ3dxlgkvtKE0oGcNHX+Q3le3LxCRua"
  "FIq1QRT7GOzHS7R67QIDAQAB")

dkim._domainkey

v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDyk2JYMeTjn55AVU7OlZF++6edEu4tGtB35/6+sbQ3ugm0QflplbIWE2vu/gFsuatSn4xKUYIsrp0njaMMbC00qwkTdWjfI/lmFP/23i/ejKNFNxA4O/zWrtIfCbQ3dxlgkvtKE0oGcNHX+Q3le3LxCRuaFIq1QRT7GOzHS7R67QIDAQAB

测试生效

docker exec mail amavisd testkeys
yum install xinetd telnet telnet-server -y
telnet smtp.qq.com 25

参考资料

version: '2.3'

services:
  portainer:
    image: "ewomail/ewomail"
    container_name: "mail"
    hostname: "mail.adsryen.cn"
    restart: always 
    ports:
      - "0.0.0.0:2210:22"
      - "0.0.0.0:25:25"
      - "0.0.0.0:109:109"
      - "0.0.0.0:110:110"
      - "0.0.0.0:143:143"
      - "0.0.0.0:465:465"
      - "0.0.0.0:587:587"
      - "0.0.0.0:993:993"
      - "0.0.0.0:995:995"
      - "172.16.166.99:8010:8000"
      - "172.16.166.99:8011:8010"
      - "172.16.166.99:8012:8020"
    volumes:
      - "./cgroup:/sys/fs/cgroup:ro"
    privileged: true
    tty: true
    stdin_open: true
  mail:
    image: bestwu/ewomailserver
    hostname: mail.ewomail.com
    container_name: ewomail
    restart: always
    ports:
      - "25:25"
      - "143:143"
      - "587:587"
      - "993:993"
      - "109:109"
      - "110:110"
      - "465:465"
      - "995:995"
      - "80:80"
      - "8080:8080"
    volumes:
      - ./mysql:/ewomail/mysql/data
      - ./vmail:/ewomail/mail
      - ./rainloop:/ewomail/www/rainloop/data
      - ./ssl/certs/:/etc/ssl/certs/
      - ./ssl/private/:/etc/ssl/private/
      - ./ssl/dkim/:/ewomail/dkim/

认证官方镜像

docker pull ewomail/ewomail

下载配置文件

curl -o docker-compose.yml https://raw.githubusercontent.com/EwoMail/ewomail-docker/master/docker-compose.yml

修改配置文件

version: '2.3'

services:
  portainer:
    image: "ewomail/ewomail"
    container_name: "mail"
    hostname: "mail.adsryen.cn"
    restart: always 
    ports:
      - "0.0.0.0:25:25"
      - "0.0.0.0:587:587"
      - "0.0.0.0:465:465"
      - "0.0.0.0:143:143"
      - "0.0.0.0:993:993"
      - "0.0.0.0:110:110"
      - "0.0.0.0:995:995"
	  - "0.0.0.0:109:109"
      - "0.0.0.0:2210:22"
      - "127.0.0.1:8000:8000"
      - "127.0.0.1:8010:8010"
      - "127.0.0.1:8020:8020"
    volumes:
      - "/root/mail/cgroup:/sys/fs/cgroup:ro"
    privileged: true
    tty: true
    stdin_open: true

启动容器

docker-compose up -d

拉取镜像

docker pull bestwu/ewomail

体验测试

邮箱管理后台:http://IP:8010 (默认账号admin,密码ewomail123)

ewomail.adsryen.cn

web邮件系统:http://IP:8000

mail.adsryen.cn

开放端口

8000,8010,8020,25,143,993,995,587,110,109,22,80,465

启动容器

docker run  -d -h mail.adsryen.cn --restart=always \
  	-p 25:25 \
	-p 587:587 \
	-p 465:465 \
	-p 143:143 \
	-p 993:993 \
	-p 110:110 \
	-p 995:995  \
	-p 109:109 \
	-p 90:80 \
	-p 9090:8080 \
	-v `pwd`/mysql/:/ewomail/mysql/data/ \
	-v `pwd`/vmail/:/ewomail/mail/ \
	-v `pwd`/ssl/certs/:/etc/ssl/certs/ \
	-v `pwd`/ssl/private/:/etc/ssl/private/ \
	-v `pwd`/rainloop:/ewomail/www/rainloop/data \
	-v `pwd`/ssl/dkim/:/ewomail/dkim/ \
  --name ewomail bestwu/ewomailserver  

#进入虚拟机 docker exec -it ewomail /bin/bash

#在/etc/hosts中已有域名指向 172.17.0.2 mail.adsryen.cn mail

  • sendmail:用于发邮件。资格最老的邮局,所有Linux发行版基本都带。但是配置麻烦。

  • postfix:Wietse Venema觉得sendmail配置太麻烦了,就开发了一个“简化配置版sendmail”,即postfix。支持smtp协议。

  • dovecot:用于收邮件,支持imap/pop3。

  • spamassasin:垃圾邮件过滤器。可以自订规则。

  • clamav:邮件杀毒工具。

  • opendkim:生成dkim签名。有什么用?详见下面的“反垃圾邮件技术”。

  • fail2ban:防止别人暴力破解用户名密码的工具。

配置

运行成功后访问

  • 邮箱管理后台 http://localhost:8080

默认用户: admin

默认密码: ewomail123

ewomail.adsryen.cn

  • Rainloop 管理端 http://localhost/?admin

rainloop.adsryen.cn/?admin

默认用户: admin

默认密码: 12345

  • Rainloop 用户端 http://localhost

rainloop.adsryen.cn

设置域名DNS

将mail.ewomail.cn 改成你的域名

v=spf1 include:adsryen.cn -all

dkim 设置

docker exec ewomail amavisd showkeys
docker exec ewomail amavisd testkeys
docker pull tvial/docker-mailserver:latest
curl -o setup.sh https://raw.githubusercontent.com/tomav/docker-mailserver/master/setup.sh; chmod a+x ./setup.sh

curl -o docker-compose.yml https://raw.githubusercontent.com/tomav/docker-mailserver/master/docker-compose.yml.dist

curl -o .env https://raw.githubusercontent.com/tomav/docker-mailserver/master/.env.dist

curl -o env-mailserver https://raw.githubusercontent.com/tomav/docker-mailserver/master/env-mailserver.dist
docker-compose up -d mail
./setup.sh email add <user@domain> [<password>]

./setup.sh email add test@adsryen.cn 123456
./setup.sh config dkim
cat config/opendkim/keys/domain.tld/mail.txt

cat config/opendkim/keys/adsryen.cn/mail.txt 
mail._domainkey	IN	TXT	( "v=DKIM1; h=sha256; k=rsa; "
	  "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmu8hYaaFpFDlSbJPRupiHwhhdsicOYrYDJpJXUMtf8Rh5rXbOpi4vJ59ml9EUyjB62LaHlK65a2rB4GUuwq2YZJvd2gCdqJv8wsidlavU/LLNI9/gIzqG/2JqsENGz6tClMpDVqFFEN7ShOAApMjn3Yq80Qy4F+vNhDTjaoBl1odQYwDW5fy3Oorh8ipf50J1H+7ehiUG30yC"
	  "S537m6A35HoFpCx2g/ThuwWHK1P7HiSJ20bvoPZn/FKwAoQt+DM3R4H2Na+NudVWadmXmGezz+KWToe/dDUTfN66qMvMuzPbhbJy3MUfFvqcscZsD7PrJdOTuLeYG5ESgSccse0QIDAQAB" )  ; ----- DKIM key mail for adsryen.cn

mail._domainkey v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmu8hYaaFpFDlSbJPRupiHwhhdsicOYrYDJpJXUMtf8Rh5rXbOpi4vJ59ml9EUyjB62LaHlK65a2rB4GUuwq2YZJvd2gCdqJv8wsidlavU/LLNI9/gIzqG/2JqsENGz6tClMpDVqFFEN7ShOAApMjn3Yq80Qy4F+vNhDTjaoBl1odQYwDW5fy3Oorh8ipf50J1H+7ehiUG30yCS537m6A35HoFpCx2g/ThuwWHK1P7HiSJ20bvoPZn/FKwAoQt+DM3R4H2Na+NudVWadmXmGezz+KWToe/dDUTfN66qMvMuzPbhbJy3MUfFvqcscZsD7PrJdOTuLeYG5ESgSccse0QIDAQAB

docker exec mail openssl s_client -connect 0.0.0.0:587 -starttls smtp -CApath /etc/letsencrypt/
docker exec mail openssl s_client -connect 0.0.0.0:993 -starttls imap -CApath /etc/letsencrypt/
docker-compose up -d mail

最后更新于