Docker自建Email服务器-已购域名上私人邮件系统
搭建Email服务,该方法适用于个人,公司或组织
备注:
这是我找到唯一简便安装且能正常使用的邮件系统,请留言告诉我你是否有更好的自建解决方案。
踩了很多的坑,经历了一个月左右的时间,才测试收发邮件成功(部分邮箱目的地无法达到,由于互联网上的反垃圾邮件策略),持续更新完善中.
怎么用
-
日常收发邮件
- 通过搭建邮件服务来收发你自己域名下的邮件
-
第三方平台(或自己搭建的服务)上需要设置的SMTP服务(SMTP邮箱设置)邮件通知/告知
相关内容
实现方法
iRedMail Docker搭建
iRedMail docker-compose.yml
version: '3.9'
services:
mariadb:
image: 'iredmail/mariadb:stable'
volumes:
- './postfix_queue:/var/spool/postfix'
- './sa_rules:/var/lib/spamassassin'
- './clamav:/var/lib/clamav'
- './mysql:/var/lib/mysql'
- './ssl:/opt/iredmail/ssl'
- './custom:/opt/iredmail/custom'
- './imapsieve_copy:/var/vmail/imapsieve_copy'
- './mlmmj-archive:/var/vmail/mlmmj-archive'
- './mlmmj:/var/vmail/mlmmj'
- './mailboxes:/var/vmail/vmail1'
- './backup-mysql:/var/vmail/backup/mysql'
ports:
- '587:587'
- '465:465'
- '25:25'
- '993:993'
- '143:143'
- '995:995'
- '110:110'
- '4433:443'
- '8093:80'
env_file:
- ./iredmail-docker.conf
container_name: iRedMail
Docker启动后,假如一切正常则调试信息类似于:
一切启动正常后,可以开始设置DNS记录,然后端口映射出防火墙。
最后可用系统自带的WEB网页客户端来收发邮件,或使用Outlook等客户端配置SMTP,POP3来收发邮件
设置DNS
Your DNS MX record should point to this value
设置DNS项范例:
| DNS类型 | DNS记录名 | 内容/值 | 说明/备注 |
DNS类型 | DNS记录名 | 内容/值 | 备注/说明 |
---|---|---|---|
MX | carlzeng.com. | mail.carlzeng.com. | 标识邮件服务器名称,DNS MX entry |
A | mail.carlzeng.com. | *.8.18.* | 邮件服务器的IP地址 |
TXT | carlzeng.com. | v=spf1 mx -all | SPF entry/记录 |
TXT | dkim._domainkey.carlzeng.com. | v=DKIM1; k=rsm; p=* | DKIM entry/记录,含DKIM公钥public key,详见下方如何在docker中用命令获取这个内容值 |
TXT | dmarc.carlzeng.com | v=DMARC1; p= reject; rua=* | DMARC entry/记录 |
问:三个TXT记录不知道怎么从iRedMail邮件系统中获取?
答:After installation: Setup DNS records for your iRedMail server (A, PTR, MX, SPF, DKIM, DMARC)
假如想要检测DNS记录的正确性,可以使用:https://mxtoolbox.com/
SPF entry/记录
v=spf1 mx a:mail.carlzeng.com -all
DKIM entry/记录
关于如何获取dkim._domainkey.mydomain.com.的内容/值,举例:
> docker exec -it iRedMail bash
root@cc9dd27b3e25:/etc/amavis/conf.d# amavisd-new showkeys
; key#1 1024 bits, i=dkim, d=carlzeng.com, /opt/iredmail/custom/amavisd/dkim/carlzeng.com.pem
dkim._domainkey.carlzeng.com. 3600 TXT (
"v=DKIM1; p="
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDUF5BslOb2fARJjXK41xsAPSg"
"hToQAkJzRuxp5pwaCyqPzIbFNxTZ66z9yw+rbeXYKdpu3bKemHhKVQ7rvnmVlFFL"
"Nvef7Pk9ddT/nur2T1sfUY6yDu5QRcZArClAQRjfNCFRA11VgsD5q6OKS5GTNtE5"
"dz3kJGpVdCllilo4OwIDAQAB")
DMARC entry/记录
v=DMARC1; p=reject; sp=none; adkim=s; aspf=s; rua=mailto:postmaster@carlzeng.com; ruf=mailto:postmaster@carlzeng.com
端口映射
这个步骤的作用是让路由器上接收到的邮件相关的数据,都转发给正确的邮件服务系统。
外部端口 | 内部NAS/Mail主机端口 | 说明 |
---|---|---|
'587:587' | ||
'465:465' | ||
'25:25' | ||
'993:993' | ||
'143:143' | ||
'995:995' | ||
'110:110' | ||
4433 | 4433 | 添加到443端口的访问可能 |
将这些端口一一对应,很庆幸这些端口还没有被ISP屏蔽;
SMTP设置发邮件
比如在佰阅发卡kamifaka中设置邮箱信息,用于消息通知之邮箱通知。
错误:无法成功到达邮件目的地
错误及解决方法
Docker启动错误:"Permission denied"
iRedMail | /usr/sbin/mysqld: Can't create file '/var/lib/mysql/mysqld.err' (errno: 13 "Permission denied")
iRedMail | 2024-02-28 16:12:07 0 [ERROR] mysqld: Can't create/write to file '/var/lib/mysql/aria_log_control' (Errcode: 13 "Permission denied")
解决办法:
chmod 777 -R /volume2/KingchuxingSSD512G/docker/compose/iRedMail
chmod 777 -R /volume2/KingchuxingSSD512G/docker/compose/iRedMail/mysql/
DNS设置错误之No DMARC Record found
错误列表检测自:https://mxtoolbox.com/emailhealth/carlzeng.com/
Category | Host | Result | ||
---|---|---|---|---|
dmarc | carlzeng.com | No DMARC Record found | More Info | |
blacklist | mail.carlzeng.com | Blacklisted by UCEPROTECTL3 | More Info | |
mx | carlzeng.com | No DMARC Record found | More Info |
错误解决:
原来DNS记录的名称搞错了,正确的dmarc DNS记录名必须是(含下划线):_dmarc
iredadmin操作不携带端口错误
操作的后台https://iredmail.carlzeng.com:3/iredadmin,当提交新的确认操作时,页面跳转到未携带端口状态
错误解决:
没有解决自动携带端口的问题,等待docker重启后继续测试
icloud通信受阻rejected due to listing in Spamhaus PBL
host mx01.mail.icloud.com[17.56.9.31] said: 550
5.7.1 Mail from IP 111.197.216.113 was rejected due to listing in Spamhaus
PBL. For details please see
http://www.spamhaus.org/query/bl?ip=111.197.216.113 (in reply to RCPT TO
command)
解决办法:
去给定的IP AND DOMAIN REPUTATION CHECKER网站上提交解封申请,提交成功后,如图:
程序发邮件被自我拦截为SPAM
从网站平台配置的SMTP,程序发邮件被自我拦截为SPAM;
Spam scanner report:
Spam detection software, running on the system "cc9dd27b3e25",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Test send email
解决办法: 未知,如何关闭自己对自己发邮件的过度SPAM检测(邮件不是SPAM,系统误判)。。。
- https://docs.iredmail.org/disable.spam. … mails.html
- https://docs.iredmail.org/completely.di … assin.html
docker exec -it iRedMail bash
没有找到这个文件:/etc/amavis/conf.d/50-user
# @bypass_virus_checks_maps = (1); # controls running of anti-virus code
# @bypass_spam_checks_maps = (1); # controls running of anti-spam code
Restarting Amavisd service is required after changing settings.
> service amavis restart
Stopping amavisd: amavisd-new.
Starting amavisd: amavisd-new.
environment:
TZ=Asia/Shanghai
发现:使用最初的账户没有这个误判的情况。
是否可删除mail.**的DNS记录?
由于设定了泛域名解析道正确的IP ,目前增加的这条mail.carlzeng.com反而增加了DDNS需要去轮询更新IP的任务数,没有这条DNS解析,直接ping mail.* 也一样得到最新且正确的IP地址。
待实践核实/测试... (理论上没问题,因为iodine已经成功删除/优化掉A记录)
以下为踩坑记录
docker-mailserver
docker-compose.yml (docker-mailserver)
services:
mailserver:
image: ghcr.io/docker-mailserver/docker-mailserver:latest
container_name: mailserver
# Provide the FQDN of your mail server here (Your DNS MX record should point to this value)
hostname: mail.carlzeng.com
ports:
- "25:25"
- "465:465"
- "587:587"
- "993:993"
volumes:
- ./mail-data/:/var/mail/
- ./mail-state/:/var/mail-state/
- ./mail-logs/:/var/log/mail/
- ./config/:/tmp/docker-mailserver/
environment:
- ENABLE_RSPAMD=0
- ENABLE_CLAMAV=0
- ENABLE_FAIL2BAN=1
- TZ=Asia/Shanghai
cap_add:
- NET_ADMIN # For Fail2Ban to work
restart: always
docker-compose up 测试中...
下一步要生成配置文件?
docker exec -ti mailserver setup
mailserver | [ WARNING ] You need at least one mail account to start Dovecot (120s left for account creation before shutdown)
docker exec -ti mailserver setup email add service@carlzeng.com
解决办法:未知
文档信息:
https://github.com/docker-mailserver/docker-mailserver?tab=readme-ov-file
https://docker-mailserver.github.io/docker-mailserver/latest/
postfix and postfixadmin
docker-compose for postfix and postfixadmin
postfixadmin
Postfix Admin is a web based interface to configure and manage a Postfix based email server for many users.
version: '3'
services:
db:
image: mysql:8.0
restart: always
environment:
MYSQL_RANDOM_ROOT_PASSWORD: 1
MYSQL_DATABASE: postfixadmin
MYSQL_USER: postfixadmin
MYSQL_PASSWORD: example
postfixadmin:
depends_on:
- db
image: postfixadmin
ports:
- 8000:80
restart: always
environment:
POSTFIXADMIN_DB_TYPE: mysqli
POSTFIXADMIN_DB_HOST: db
POSTFIXADMIN_DB_USER: postfixadmin
POSTFIXADMIN_DB_NAME: postfixadmin
POSTFIXADMIN_DB_PASSWORD: example
Where to file issues:
https://github.com/postfixadmin/docker/issues
还差一个靠谱可用的postfix
https://gitlab.com/tozd/docker/postfix
https://gitlab.com/tozd/docker/mail
https://hub.docker.com/r/tozd/postfix
Ports
25/tcp
: SMTP port.465/tcp
: SMTPS port.587/tcp
: Mail submission port.
alpine-316`: Postfix 3.7.6
https://hub.docker.com/search?q=postfix
另外一个是:https://github.com/catatnight/docker-postfix
Note:这是我找到唯一简便安装且能正常使用的邮件系统,请留言告诉我你是否有更好的自建解决方案。
感谢列表
Running iRedMail E-Mail Server in Docker
Setup DNS records for your iRedMail server (A, PTR, MX, SPF, DKIM, DMARC)
From zero to full mail server in 20 minutes with Mailu Docker images!