このページの翻訳:
- 日本語 (ja)
- English (en)
最近の更新
- 2024.01.18 SSL Error in Rails created
- 2024.01.18 RailsでSSLエラー 以前のリビジョンを復元 (2024/01/18 07:06)
- 31 CentOS5 TLS1.2 created
- 2024.04.12 MySQL BIT Field created
最近の更新
文書の過去の版を表示しています。
メールサーバも普通にたてるより、Dockerで作った方が良いかも
今回は下記でSSLを用意しておく想定
10 Docker Let's Encrypt
cd /app/ git clone https://github.com/docker-mailserver/docker-mailserver.git
cd /app/docker-mailserver/
volumesにSSL証明書を読み込むように書きを追加してあります。
compose.yml
services: mailserver: image: ghcr.io/docker-mailserver/docker-mailserver:latest container_name: mailserver # Provide the FQDN of your mail server here (Your DNS MX record should point to this value) hostname: mail.hogehoge.com env_file: mailserver.env # More information about the mail-server ports: # https://docker-mailserver.github.io/docker-mailserver/latest/config/security/understanding-the-ports/ # To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks. ports: - "25:25" # SMTP (explicit TLS => STARTTLS) - "143:143" # IMAP4 (explicit TLS => STARTTLS) - "465:465" # ESMTP (implicit TLS) - "587:587" # ESMTP (explicit TLS => STARTTLS) - "993:993" # IMAP4 (implicit TLS) volumes: - ./docker-data/dms/mail-data/:/var/mail/ - ./docker-data/dms/mail-state/:/var/mail-state/ - ./docker-data/dms/mail-logs/:/var/log/mail/ - ./docker-data/dms/config/:/tmp/docker-mailserver/ - /etc/localtime:/etc/localtime:ro - /var/lib/docker/volumes/app_certs/_data:/etc/letsencrypt/live restart: always stop_grace_period: 1m # Uncomment if using `ENABLE_FAIL2BAN=1`: cap_add: - NET_ADMIN healthcheck: test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1" timeout: 3s retries: 0
# diff mailserver.env mailserver.env.org 45c45 < POSTMASTER_ADDRESS=hoge@hogehoge.com --- > POSTMASTER_ADDRESS= 91c91 < SPOOF_PROTECTION=1 --- > SPOOF_PROTECTION= 179c179 < ENABLE_DNSBL=1 --- > ENABLE_DNSBL=0 185c185 < ENABLE_FAIL2BAN=1 --- > ENABLE_FAIL2BAN=0 212c212 < SSL_TYPE=letsencrypt --- > SSL_TYPE= 348c348 < ENABLE_SPAMASSASSIN=1 --- > ENABLE_SPAMASSASSIN=0 460c460 < ENABLE_POSTGREY=1 --- > ENABLE_POSTGREY=0
# docker-compose up -d
通常だとProcmail利用じゃないので、Procmailで配送するよう変更する場合imageを新たに作ります。
# Mail directory virtual_transport = lmtp:unix:/var/run/dovecot/lmtp virtual_mailbox_domains = /etc/postfix/vhost virtual_mailbox_maps = texthash:/etc/postfix/vmailbox virtual_alias_maps = texthash:/etc/postfix/virtual ↓ # Mail directory virtual_transport = procmail virtual_mailbox_domains = /etc/postfix/vhost virtual_mailbox_maps = texthash:/etc/postfix/vmailbox virtual_alias_maps = texthash:/etc/postfix/virtual virtual_uid_maps = static:5000 virtual_gid_maps = static:5000
procmail unix - n n - - pipe flags=R user=docker argv=/usr/bin/procmail -t -m USER=${user} DOMAIN=${nexthop} /tmp/docker-mailserver/procmailrc
docker-data/dms/config/procmailrc
SHELL=/bin/bash PATH=/usr/bin:/bin DROPPRIVS=yes MAILDIR=/var/mail/$DOMAIN/$USER DEFAULT=$MAILDIR/ # ロックファイル LOCKFILE=/var/mail/.procmail.lock # ログ出力先 LOGFILE=/var/mail/.procmail.log # 詳細ログ出力 VERBOSE=OFF ## 以下にprocmailレシピを書いていく :0 E * ^From:.*hoge@junkmail.com $MAILDIR/.Junk/
procmailだけ追加インストール
RUN <<EOF rm -rf /usr/share/locale/* rm -rf /usr/share/man/* rm -rf /usr/share/doc/* update-locale apt update apt install -y procmail EOF