目录

Docker部署iredmail邮件系统

2024-03-12
3分钟阅读时长

部署

mkdir iredmail && cd iredmail
cat > iredmail-docker.conf <<EOF
HOSTNAME=home.bitllion.top
FIRST_MAIL_DOMAIN=home.bitllion.top
FIRST_MAIL_DOMAIN_ADMIN_PASSWORD=admin
MYSQL_ROOT_PASSWORD=root
EOF

根据实际情况修改上面的域名

配置/root/iredmail/settings.py:

#
# This file is managed by iRedMail Team <[email protected]> with Ansible,
# please do __NOT__ modify it manually.
#

############################################################
# DO NOT TOUCH BELOW LINE.
#
# Import default settings.
# You can always override default settings by placing custom settings in this
# file.
from libs.default_settings import *
############################################################

# Listen address and port.
listen_address = '0.0.0.0'
# Port for normal Postfix policy requests.
listen_port = 7777

# Ports for SRS (Sender Rewriting Scheme).
# - `srs_forward_port` is used in Postfix parameter `sender_canonical_maps`.
# - `recipient_canonical_maps` is used in Postfix parameter `recipient_canonical_maps`.
srs_forward_port = 7778
srs_reverse_port = 7779

# Run as a low privileged user.
run_as_user = 'iredapd'

# Path to pid file.
pid_file = '/var/run/iredapd.pid'

# Log level: info, debug.
log_level = 'info'

# Backend: ldap, mysql, pgsql.
backend = 'mysql'

# Enabled plugins.
#plugins = ['reject_null_sender', 'reject_sender_login_mismatch', 'greylisting', 'throttle', 'amavisd_wblist', 'sql_alias_access_policy', 'sql_ml_access_policy']
plugins = ['reject_null_sender', 'reject_sender_login_mismatch',  'throttle', 'amavisd_wblist', 'sql_alias_access_policy', 'sql_ml_access_policy']
# SRS (Sender Rewriting Scheme)
#
# Rewrite address will be 'xxx@<srs_domain>', so please make sure `srs_domain`
# is a resolvable mail domain name and pointed to your server.
srs_domain = 'home.bitllion.top'

# The secret key(s) used to generate cryptographic hash.
# The first secret key is used for generating AND verifying hash in SRS
# address. If you have old keys, you can append them also for verification only.
srs_secrets = ['PH_IREDAPD_SRS_SECRET']

# For LDAP backend.
#
# LDAP server setting.
# Uri must starts with ldap:// or ldaps:// (TLS/SSL).
#
# Tip: You can get binddn, bindpw from /etc/postfix/ldap/*.cf.
#
ldap_uri = ''
ldap_basedn = ''
ldap_binddn = ''
ldap_bindpw = ''
ldap_enable_tls = False

# For SQL (MySQL/MariaDB/PostgreSQL) backends, used to query mail accounts.
vmail_db_server = '127.0.0.1'
vmail_db_port = 3306
vmail_db_name = 'vmail'
vmail_db_user = 'vmail'
vmail_db_password = 'wnhiVaeFi846RWKIgI4T01GiQwEl55'

# For Amavisd policy lookup and white/blacklists.
amavisd_db_server = '127.0.0.1'
amavisd_db_port = 3306
amavisd_db_name = 'amavisd'
amavisd_db_user = 'amavisd'
amavisd_db_password = '6B2VHQhN0afbsa6sP8M3ep6puSvtRx'

# iRedAPD database, used for greylisting, throttle.
iredapd_db_server = '127.0.0.1'
iredapd_db_port = 3306
iredapd_db_name = 'iredapd'
iredapd_db_user = 'iredapd'
iredapd_db_password = '2Xa1xZ0ekK7aqp5KBH5gtoROzeJoOm'

############################################################
# DO NOT TOUCH BELOW LINE.
from custom_settings import *
############################################################


SQL_DB_DRIVER = 'pymysql'

#
# This file is managed by iRedMail Team <[email protected]> with Ansible,
# please do __NOT__ modify it manually.
#

# Please do NOT touch this file. If you need to modify some settings, add
# them to /opt/iredmail/custom/iredapd/settings.py.

这里其实就是去除了plugins中一个黑名单模块,否则会迟迟收不到信

然后编写一个docker run脚本 start.sh

docker run \
 --name iredmail \
 --env-file iredmail-docker.conf \
 -e "TZ=Asia/Shanghai" \
 -p 80:80 \
 -p 443:443 \
 -p 110:110 \
 -p 995:995 \
 -p 143:143 \
 -p 993:993 \
 -p 25:25 \
 -p 465:465 \
 -p 587:587 \
 -p 3306:3306 \
 -v /root/iredmail/data/www:/home/www \
 -v /root/iredmail/data/nginx:/etc/nginx/sites-enabled \
 -v /root/iredmail/settings.py:/opt/iredapd/settings.py \
 -d \
 iredmail/mariadb:stable

一般来说邮件只开放25(收)和587(发)对外的端口就可以了,web端口我自己内网访问

运行这个脚本后,等几十秒系统初始化,当前docker所在的宿主机ip是10.249.2.103,

前台地址就是 https://10.249.2.103/ 后台管理地址 https://10.249.2.103/iredadmin

默认管理员账户都是 [email protected] 密码是上面iredmail-docker.conf设置好的

批量创建用户

提前在excle表格中设置豪要创建的用户

image-20241114164431851

然后全选复制到一个脚本里,并把这个脚本上传到容器中,create_mail_user_SQL.sh脚本在这里下载:iRedMail/tools/create_mail_user_SQL.sh at master · iredmail/iRedMail (github.com)

然后进入数据库(密码root

mysql -uroot -p
use vmail
source /tmp/user.sql;

dns解析配置

image-20241114164438242

A记录:将你邮箱的公网IP地址域名进行解析

记录类型:A 主机记录:mail 记录值:XXX.XXX.XXX.XXX #你的公网IP TTL:10 #公网固定ip建议为30 例:mail.test.com XXX.XXX.XXX.XXX

image-20241114164444403

MX记录

记录类型:MX 主机记录:@ 记录值:mail.test.com #你的邮箱域名 MX优先级:10 TTL:10

SPF记录

记录类型:TXT 记录主机:@ 记录值:v=spf1 ip4:XXX.XXX.XXX.XXX ~all TTL:10

DKIM记录

记录类型:TXT 记录主机:dkim._domainkey 记录值:如下 TTL:10

DKIM记录值由iRedmail服务器生成,输入一下命令:

/usr/sbin/amavisd-new showkeys

去掉引号合并成一行

image-20241114164450556

下一页 Centos7部署nis服务