基于 docker-mailserver 搭建自托管邮件服务器。
注意:以下示例基于 arm64(x96max+ Armbian/Debian)。若直接部署到云服务器,无需端口映射配置。
部署
mkdir ~/docker/mail && cd ~/docker/mail
docker-compose.yml:
version: '2'
services:
mailserver:
image: docker.io/mailserver/docker-mailserver:9.1.0
hostname: mail
domainname: example.com
container_name: mailserver
ports:
- "25:25"
- "143:143"
- "587:587"
- "993:993"
volumes:
- maildata:/var/mail
- mailstate:/var/mail-state
- maillogs:/var/log/mail
- ./config/:/tmp/docker-mailserver/
- /etc/ssl:/tmp/ssl:ro
environment:
- PERMIT_DOCKER=network # 内网端口转发必须加
- ENABLE_SPAMASSASSIN=0
- ENABLE_CLAMAV=0
- ENABLE_FAIL2BAN=1
- SSL_TYPE=manual
- SSL_CERT_PATH=/tmp/ssl/fullchain.cer
- SSL_KEY_PATH=/tmp/ssl/example.com.key
- TZ=Asia/Shanghai
cap_add:
- NET_ADMIN
restart: always
volumes:
maildata:
mailstate:
maillogs:
wget https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/master/mailserver.env
wget https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/v10.0.0/setup.sh
chmod a+x ./setup.sh
docker-compose up -d mailserver
./setup.sh email add admin@example.com <password>
./setup.sh config dkim keysize 1024 domain example.com
证书
将证书放到 /etc/ssl/:
/etc/ssl/
├── fullchain.cer
└── example.com.key
配置 DNS 解析(以阿里云为例)
| 主机记录 | 类型 | 值 |
|---|---|---|
mail._domainkey | TXT | v=DKIM1;h=sha256;k=rsa;p=<公钥> |
@ | MX | mail.example.com (优先级10) |
_dmarc | TXT | v=DMARC1; p=none |
@ | TXT | v=spf1 mx ~all |
DKIM 公钥查看:
cat config/opendkim/keys/example.com/mail.txt
测试
docker exec mailserver openssl s_client -connect 0.0.0.0:587 -starttls smtp -CApath /etc/ssl/
# 成功标志:Verify return code: 0 (ok)
查看日志
docker logs -f mailserver
tail -f /var/lib/docker/volumes/mail_maillogs/_data/mail.log