微信网站建设哪家好,如何在网上卖货,网站建设在线推广,整站快速排名优化起因#xff1a;随着我公司在线应用软件的增多#xff0c;比如wordpress、 next cloud、SuitCRM 、iFair等#xff0c;许多场合都要求填写邮箱地址#xff0c;绑定邮箱。因为不想将过多的数据存储于第三方空间#xff0c;因此考虑在公司局域网内搭建一个私有的电子邮箱服务…起因随着我公司在线应用软件的增多比如wordpress、 next cloud、SuitCRM 、iFair等许多场合都要求填写邮箱地址绑定邮箱。因为不想将过多的数据存储于第三方空间因此考虑在公司局域网内搭建一个私有的电子邮箱服务器再通过公司域名实现功能的透传。
零、用到的服务器环境介绍
0.1 外网固定ip的vps
Debian12 最小化安装frps 0.53.2, nginx , 假设绑定的域名 www.abctest.com mail.abctest.com
该vps上运行了 公司的官方网站采用的是html5 CSS 编写的静态单页网站结合私有ssl证书通过 https://www.abctest.com 访问。
0.2 局域网搭建的iRedMail邮箱服务器
Debian12 最小化安装frpc 0.53.2
一、邮件服务器的搭建
1.1 假设域名 abctest.com 邮箱服务器 mail.abctest.com
这里服务器环境为Debian12最小化安装邮箱服务器采用可交互式安装的 iRedMail安装过程可以参考官网安装的过程中选择使用了PostgreSQL数据库密码假设为 Abctest888要求设置邮箱域输入 abctest.com 即可还要求设邮箱管理员postmasterabctest.com 的密码这里假设为 Abctest888
1.2 安装完成后如何进入邮箱 这里假设邮件服务器在本地局域网的ip为 192.168.1.250
管理员模式登录
* - iRedMail Admin: https://192.168.1.250/iredadmin
管理员账号postmasterabctest.com 密码Abctest888普通用户模式登录
* - Roundcube webmail: https://mail.abctest.com ## 默认的webGUI
* - SOGo groupware: https://mail.abctest.com/SOGo/ ## SOGo登录GUI
1.3 安装完成后可以查看服务器的总体配置
1.3.1 基本配置如下
cat iRedMail-1.6.8/configexport STORAGE_BASE_DIR/var/vmail
export WEB_SERVERNGINX
export BACKEND_ORIGPGSQL
export BACKENDPGSQL
export VMAIL_DB_BIND_PASSWDs9SmJbOlKpPzm5T8j5qDrxobekuDbpvL
export VMAIL_DB_ADMIN_PASSWDIhSdIIPzbzSSXUK0BfMM5rKmtri0qPsk
export MLMMJADMIN_API_AUTH_TOKENqBQyzRCwHEOvRAYlhja5tAaXhhmBXQh4
export NETDATA_DB_PASSWDyx0nFXuiWJs7D26xeVCwZw4RAdjEtnCA
export PGSQL_ROOT_PASSWDAbctest888
export FIRST_DOMAINabctest.com
export DOMAIN_ADMIN_PASSWD_PLAINAbctest888
export USE_IREDADMINYES
export USE_ROUNDCUBEYES
export USE_SOGOYES
export USE_NETDATAYES
export USE_FAIL2BANYES
export AMAVISD_DB_PASSWDtPpwOzq33oVMISgktgS3f55IeRTWjKKz
export IREDADMIN_DB_PASSWDEVIH8ZTsCDv3jbowtmSMEd94LLDAkVtW
export RCM_DB_PASSWDy9lMIKGYsjtwE07MTIsZU1EzTbGIDZyT
export SOGO_DB_PASSWD21NHY4yp1Yjw1qkeF4mZ2EBzBlzKW5JM
export SOGO_SIEVE_MASTER_PASSWDQfnTNbkQmfSn965EnGiyNzysGO3shnou
export IREDAPD_DB_PASSWD7QcVfbX0QTSi0Lprxisefp1YIOtdmYxn
export FAIL2BAN_DB_PASSWD9D4j3twgaQTS06ioSluhPeXHPnELI2kI
#EOF
1.3.2 安装完成后的邮箱服务器信息如下
cat iRedMail-1.6.8/iRedMail.tipsAdmin of domain abctest.com:* Account: postmasterabctest.com* Password: Abctest888You can login to iRedAdmin with this account, login name is full email address.First mail user:* Username: postmasterabctest.com* Password: Abctest888* SMTP/IMAP auth type: login* Connection security: STARTTLS or SSL/TLSYou can login to webmail with this account, login name is full email address.* Enabled services: rsyslog postfix postgresql nginx php8.2-fpm dovecot clamav-daemon amavis clamav-freshclam sogo memcached fail2ban cron nftablesSSL cert keys (size: 4096):- /etc/ssl/certs/iRedMail.crt- /etc/ssl/private/iRedMail.keyMail Storage:- Mailboxes: /var/vmail/vmail1- Mailbox indexes:- Global sieve filters: /var/vmail/sieve- Backup scripts and backup copies: /var/vmail/backupPostgreSQL:* Admin user: postgres, Password: Abctest888* Bind account (read-only):- Name: vmail, Password: s9SmJbOlKpPzm5T8j5qDrxobekuDbpvL* Vmail admin account (read-write):- Name: vmailadmin, Password: IhSdIIPsacSSXUK0BfMM5rKrtmi0qPsk* Database stored in: /var/lib/postgresql/15/main* RC script: /etc/init.d/postgresql* Config files:* /etc/postgresql/15/main/postgresql.conf* /etc/postgresql/15/main/pg_hba.conf* Log file: /var/log/postgresql/* See also:- /root/iRedMail-1.6.8/runtime/pgsql_init.pgsql- /var/lib/postgresql/.pgpassSQL commands used to initialize database and import mail accounts:- /root/iRedMail-1.6.8/runtime/*.sqlPostfix:* Configuration files:- /etc/postfix- /etc/postfix/aliases- /etc/postfix/main.cf- /etc/postfix/master.cf* SQL/LDAP lookup config files:- /etc/postfix/pgsqlDovecot:* Configuration files:- /etc/dovecot/dovecot.conf- /etc/dovecot/dovecot-ldap.conf (For OpenLDAP backend)- /etc/dovecot/dovecot-mysql.conf (For MySQL backend)- /etc/dovecot/dovecot-pgsql.conf (For PostgreSQL backend)- /etc/dovecot/dovecot-used-quota.conf (For real-time quota usage)- /etc/dovecot/dovecot-share-folder.conf (For IMAP sharing folder)* Syslog config file:- /etc/rsyslog.d/1-iredmail-dovecot.conf (present if rsyslog 8.x)* RC script: /etc/init.d/dovecot* Log files:- /var/log/dovecot/dovecot.log- /var/log/dovecot/sieve.log- /var/log/dovecot/lmtp.log- /var/log/dovecot/lda.log (present if rsyslog 8.x)- /var/log/dovecot/imap.log (present if rsyslog 8.x)- /var/log/dovecot/pop3.log (present if rsyslog 8.x)- /var/log/dovecot/sieve.log (present if rsyslog 8.x)* See also:- /var/vmail/sieve/dovecot.sieve- Logrotate config file: /etc/logrotate.d/dovecotNginx:* Configuration files:- /etc/nginx/nginx.conf- /etc/nginx/sites-available/00-default.conf- /etc/nginx/sites-available/00-default-ssl.conf* Directories:- /etc/nginx- /var/www/html* See also:- /var/www/html/index.htmlphp-fpm:* Configuration files: /etc/php/8.2/fpm/pool.d/www.confPHP:* PHP config file for Nginx:* Disabled functions: posix_uname,eval,pcntl_wexitstatus,posix_getpwuid,xmlrpc_entity_decode,pcntl_wifstopped,pcntl_wifexited,pcntl_wifsignaled,phpAds_XmlRpc,pcntl_strerror,ftp_exec,pcntl_wtermsig,mysql_pconnect,proc_nice,pcntl_sigtimedwait,posix_kill,pcntl_sigprocmask,fput,phpinfo,system,phpAds_remoteInfo,ftp_login,inject_code,posix_mkfifo,highlight_file,escapeshellcmd,show_source,pcntl_wifcontinued,fp,pcntl_alarm,pcntl_wait,ini_alter,posix_setpgid,parse_ini_file,ftp_raw,pcntl_waitpid,pcntl_getpriority,ftp_connect,pcntl_signal_dispatch,pcntl_wstopsig,ini_restore,ftp_put,passthru,proc_terminate,posix_setsid,pcntl_signal,pcntl_setpriority,phpAds_xmlrpcEncode,pcntl_exec,ftp_nb_fput,ftp_get,phpAds_xmlrpcDecode,pcntl_sigwaitinfo,shell_exec,pcntl_get_last_error,ftp_rawlist,pcntl_fork,posix_setuidClamAV:* Configuration files:- /etc/clamav/clamd.conf- /etc/clamav/freshclam.conf- /etc/logrotate.d/clamav* RC scripts: /etc/init.d/clamav-daemon /etc/init.d/clamav-freshclamAmavisd-new:* Configuration files:- /etc/amavis/conf.d/50-user- /etc/postfix/master.cf- /etc/postfix/main.cf* RC script:- /etc/init.d/amavis* SQL Database:- Database name: amavisd- Database user: amavisd- Database password: tPpwOzq33oVMISgktgS3f55IeRTWjKKzDNS record for DKIM support:; key#1 2048 bits, sdkim, dabctest.com, /var/lib/dkim/abctest.com.pem
dkim._domainkey.abctest.com. 3600 TXT (vDKIM1; pMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9BKQ0Q821NN1IC8FbzC3Uq1XGF/10xypU6LUZpNudmvqApCAQDXcyvMIiYwFhejtMdeLbkqbywuiHGRs3YOlJ/fGTTgIUL8qx3IfxEjtvvsU90fi947211kCKy7SyFHXgkyjlRTUXkUnF3HplIV6TWlXBp9GvpSXW5ZNfBG3zFM2NZTt3A8psKbHs6FQyZ6Z7fMicKEktRrg2e4P2kxwfJ25WFGTVI//H1AsE3ZfjVRQj1rjB2d5Vpls1SZCA3Q6nqc5lDufPxnmviC9FVvjN3K9XcF9beSCV3oTgQUz6PRNuli7/5TMkTUP/DqigodyQqubARdMFPDNn3pXJQIDAQAB)
SpamAssassin:* Configuration files and rules:- /etc/mail/spamassassin- /etc/mail/spamassassin/local.cfiRedAPD - Postfix Policy Server:* Version: 5.3.3* Listen address: 127.0.0.1, port: 7777* SQL database account:- Database name: iredapd- Username: iredapd- Password: 7QcVfbX0QTSi9Lprxisekl1YIOtdmYvz* Configuration file:- /opt/iredapd/settings.py* Related files:- /opt/iRedAPD-5.3.3- /opt/iredapd (symbol link to /opt/iRedAPD-5.3.3iRedAdmin - official web-based admin panel:* Version: 2.5* Root directory: /opt/www/iRedAdmin-2.5* Config file: /opt/www/iRedAdmin-2.5/settings.py* Web access:- URL: https://mail.abctest.com/iredadmin/- Username: postmasterabctest.com- Password: Abctest888* SQL database:- Database name: iredadmin- Username: iredadmin- Password: EVIH8ZTsCDa9jbowtmSMEd63LLDAkVtWRoundcube webmail: /opt/www/roundcubemail-1.6.5* Config file: /opt/www/roundcubemail-1.6.5/config* Web access:- URL: http://mail.abctest.com/mail/ (will be redirected to https:// site)- URL: https://mail.abctest.com/mail/ (secure connection)- Username: postmasterabctest.com- Password: Abctest888* SQL database account:- Database name: roundcubemail- Username: roundcube- Password: y5lMIKGYsjtwE07MTIsZU2EzTbGIDZyT* Cron job:- Command: crontab -l -u rootSOGo Groupware:* Web access: httpS://mail.abctest.com/SOGo/* Main config file: /etc/sogo/sogo.conf* Nginx template file: /etc/nginx/templates/sogo.tmpl* Database:- Database name: sogo- Database user: sogo- Database password: 75NHY4yp1Yjw1qkeF3mZ2EBzBlzKW0JM* SOGo sieve account (Warning: its a Dovecot Master User):- file: /etc/sogo/sieve.cred- username: sogo_sieve_masternot-exist.com- password: QfnTNbkQmfSn371EnGiyNzysGO8shnou* See also:- cron job of system user: sogonetdata (monitor):- Config files:- All config files: /opt/netdata/etc/netdata- Main config file: /opt/netdata/etc/netdata/netdata.conf- Modified modular config files:- /opt/netdata/etc/netdata/go.d- /opt/netdata/etc/netdata/python.d- HTTP auth file (if you need a new account to access netdata, pleaseupdate this file with command like htpasswd or edit manually):- /etc/nginx/netdata.users- Log directory: /opt/netdata/var/log/netdata- SQL:- Username: netdata- Password: yx4nFXuiWJs9D38xeVCwZw1RAdjEtnCA- NOTE: No database required by netdata.
1.4 管理员登录界面和普通用户登录界面 二 、frp 软件的设置
可参考我的两篇文章
frp透传软件最新toml格式的配置文件的使用_frpc toml设置-CSDN博客
利用frps搭建本地自签名https服务的透传_frp配置ssl-CSDN博客
假设我们的域名服务器就是frps服务器也就是 www.abctest.com
2.1 frps.toml的配置
cat /etc/frp/frps.tomlbindPort 7777
vhostHTTPSPort 443
vhostHTTPPort 8080
2.2 frpc.toml的配置
主要是对 邮箱服务所需的特定端口进行绑定类型都是tcp cat /etc/frp/frpc.tomlserverAddr www.abctest.com
serverPort 7777[[proxies]]
name ssh-250
type tcp
localIP 127.0.0.1
localPort 33250
remotePort 33250[[proxies]]
name web-250
type https
localPort 443
customDomains [mail.abctest.com][[proxies]]
name smtp-250
type tcp
localPort 25
remotePort 25[[proxies]]
name submission-250
type tcp
localPort 587
remotePort 587[[proxies]]
name pop3-250
type tcp
localPort 110
remotePort 110[[proxies]]
name pop3s-250
type tcp
localPort 995
remotePort 995[[proxies]]
name imap-250
type tcp
localPort 143
remotePort 143[[proxies]]
name imaps-250
type tcp
localPort 993
remotePort 993
三、 服务端nginx对域名 mail.abctest.com 的自动转发
因为外网vps运行的是 frps以及一个官网网页所以已经占据了80端口和443端口要想实现对 https://mail.abctest.com 的转发需要新增一个 nginx 虚拟机的配置。配置文件内容如下 cat /etc/nginx/conf.d/mail.confserver {listen 80 ;listen [::]:80 ;server_name mail.abctest.com;rewrite ^/(.*)$ https://mail.abctest.com:443/$1 permanent;# location / {# proxy_pass http://127.0.0.1:443;# }}
局域网内 iRedMail服务器的 nginx设置
将 /etc/nginx/sites-enabled/{00-default-ssl.conf00-default.conf} 这两个配置文件中 的 server_name 配置上 mail.abctest.com 即可
重启vps和本地iRedMail 服务器上的 nginx
连接测试一下
