docker-compose 安装maddy 邮件服务
冷轩信发表于 2023-03-01 10:10:00
docker-compose.yml
version: "3.5"
services:
maddy:
image: foxcpp/maddy:latest
restart: unless-stopped
ports:
- "25:25"
- "143:143"
- "587:587"
- "993:993"
volumes:
- ./maddydata:/data
environment:
# REPLACE DOMAINS WITH YOURS
- MADDY_HOSTNAME=mx.example.com
- MADDY_DOMAIN=example.com
php:
image: php:8.1-fpm-alpine
restart: unless-stopped
volumes:
- ./snappymail:/var/www
nginx:
image: nginx:latest
restart: unless-stopped
depends_on:
- php
ports:
- "80:80"
- "443:443"
volumes:
- ./snappymail:/var/www
- ./nginx/ssl:/etc/nginx/ssl
- ./nginx/default.conf:/etc/nginx/conf.d/default.conf
maddy.conf 放入maddydata文件夹
## Maddy Mail Server - default configuration file (2022-06-18)
## This is the copy of maddy.conf with changes necessary to run it in Docker.
# Suitable for small-scale deployments. Uses its own format for local users DB,
# should be managed via maddyctl utility.
#
# See tutorials at https://maddy.email for guidance on typical
# configuration changes.
# ----------------------------------------------------------------------------
# Base variables
$(hostname) = {env:MADDY_HOSTNAME}
$(primary_domain) = {env:MADDY_DOMAIN}
$(local_domains) = $(primary_domain)
tls file /data/tls/fullchain.pem /data/tls/privkey.pem
# ----------------------------------------------------------------------------
# Local storage & authentication
# pass_table provides local hashed passwords storage for authentication of
# users. It can be configured to use any "table" module, in default
# configuration a table in SQLite DB is used.
# Table can be replaced to use e.g. a file for passwords. Or pass_table module
# can be replaced altogether to use some external source of credentials (e.g.
# PAM, /etc/shadow file).
#
# If table module supports it (sql_table does) - credentials can be managed
# using 'maddyctl creds' command.
auth.pass_table local_authdb {
table sql_table {
driver sqlite3
dsn credentials.db
table_name passwords
}
}
# imapsql module stores all indexes and metadata necessary for IMAP using a
# relational database. It is used by IMAP endpoint for mailbox access and
# also by SMTP & Submission endpoints for delivery of local messages.
#
# IMAP accounts, mailboxes and all message metadata can be inspected using
# imap-* subcommands of maddyctl utility.
storage.imapsql local_mailboxes {
driver sqlite3
dsn imapsql.db
}
# ----------------------------------------------------------------------------
# SMTP endpoints + message routing
hostname $(hostname)
table.chain local_rewrites {
optional_step regexp "(.+)\+(.+)@(.+)" "$1@$3"
optional_step static {
entry postmaster postmaster@$(primary_domain)
}
optional_step file /etc/maddy/aliases
}
msgpipeline local_routing {
# Insert handling for special-purpose local domains here.
# e.g.
# destination lists.example.org {
# deliver_to lmtp tcp://127.0.0.1:8024
# }
destination postmaster $(local_domains) {
modify {
replace_rcpt &local_rewrites
}
deliver_to &local_mailboxes
}
default_destination {
reject 550 5.1.1 "User doesn't exist"
}
}
smtp tcp://0.0.0.0:25 {
limits {
# Up to 20 msgs/sec across max. 10 SMTP connections.
all rate 20 1s
all concurrency 10
}
dmarc yes
check {
require_mx_record
dkim
spf
}
source $(local_domains) {
reject 501 5.1.8 "Use Submission for outgoing SMTP"
}
default_source {
destination postmaster $(local_domains) {
deliver_to &local_routing
}
default_destination {
reject 550 5.1.1 "User doesn't exist"
}
}
}
submission tls://0.0.0.0:465 tcp://0.0.0.0:587 {
limits {
# Up to 50 msgs/sec across any amount of SMTP connections.
all rate 50 1s
}
auth &local_authdb
source $(local_domains) {
check {
authorize_sender {
prepare_email &local_rewrites
user_to_email identity
}
}
destination postmaster $(local_domains) {
deliver_to &local_routing
}
default_destination {
modify {
dkim $(primary_domain) $(local_domains) default
}
deliver_to &remote_queue
}
}
default_source {
reject 501 5.1.8 "Non-local sender domain"
}
}
target.remote outbound_delivery {
limits {
# Up to 20 msgs/sec across max. 10 SMTP connections
# for each recipient domain.
destination rate 20 1s
destination concurrency 10
}
mx_auth {
dane
mtasts {
cache fs
fs_dir mtasts_cache/
}
local_policy {
min_tls_level encrypted
min_mx_level none
}
}
}
target.queue remote_queue {
target &outbound_delivery
autogenerated_msg_domain $(primary_domain)
bounce {
destination postmaster $(local_domains) {
deliver_to &local_routing
}
default_destination {
reject 550 5.0.0 "Refusing to send DSNs to non-local addresses"
}
}
}
# ----------------------------------------------------------------------------
# IMAP endpoints
imap tls://0.0.0.0:993 tcp://0.0.0.0:143 {
auth &local_authdb
storage &local_mailboxes
}
SSL 证书
maddydata/tls/fullchain.pem
maddydata/tls/privkey.pem
/nginx/ssl/
nginx 配置文件
下载 https://github.com/the-djmaze/snappymail/blob/master/.docker/dev/nginx/default.conf
放入nginx 并修改
dkim
域名添加txt 记录 default._domainkey
复制 maddydata/dkim/example.com_default.dns 填入
添加账户
docker-compose exec maddy maddyctl creds create foxcpp@maddy.test
docker-compose exec maddy maddyctl imap-acct create foxcpp@maddy.test
snappymail 配置
mx.example.com/?admin 打开管理面板 用户admin 密码在snappymail/data/_data_/_default_/
php权限
chown 82:82 snappymail -R
已知问题
snappymail 发信不保存到已发送邮件,暂时不了解是maddy的问题还是snappymail问题,Linux Geary 发信是可以保存的
内存占用真的很少