首先,需要编辑 /etc/hosts 文件,找到含有你的 VPS IP 地址的那一行;如果没有,则添加一行。内容如下:
127.0.0.1 mail.*****.com mail
其中, 127.0.0.1 可换为你的服务器 IP 地址,后面依次填入长主机名和短主机名,切记不可填反。
然后,我们找到 VPS 的 /etc/hostname 文件,编辑里面的内容为 mail (域名的前缀)
这样,就设置好了主机名。重启 VPS后我们检查一下是否设置正确:
执行:hostname
此时我们应该只能看到短主机名 mail. 如果你看到了长主机名 mail.jichang.ml , 说明之前设置错误,请重新检查上述步骤。
执行:hostname -f
此时,我们应该只能看到长主机名 mail.jichang.ml
这样,我们就全部设置好了主机名(hostname), 可以进行接下来的其他操作了
c
Welcome to Ubuntu 22.04.5 LTS (GNU/Linux 5.15.0-124-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/pro
System information as of Sun Oct 20 03:04:58 AM UTC 2024
System load: 0.25
Usage of /: 33.7% of 9.75GB
Memory usage: 6%
Swap usage: 0%
Processes: 144
Users logged in: 0
IPv4 address for enp0s3: 192.168.1.6
IPv6 address for enp0s3: 2409:8a4c:725c:2710:a00:27ff:fe6c:5547
* Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s
just raised the bar for easy, resilient and secure K8s cluster deployment.
https://ubuntu.com/engage/secure-kubernetes-at-the-edge
Expanded Security Maintenance for Applications is not enabled.
12 updates can be applied immediately.
To see these additional updates run: apt list --upgradable
Enable ESM Apps to receive additional future security updates.
See https://ubuntu.com/esm or run: sudo pro status
New release '24.04.1 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Sun Oct 20 03:04:58 2024
wqbboy@mail:~$ sudo su -
[sudo] password for wqbboy:
root@mail:~# cd /root/iRedMail-1.7.1/
root@mail:~/iRedMail-1.7.1# ls
ChangeLog config Documentations iRedMail.sh pkgs runtime tools
conf dialog functions LICENSE README.md samples update
root@mail:~/iRedMail-1.7.1# hostname
mail
root@mail:~/iRedMail-1.7.1# hostname -f
mail.xgpolice.com
root@mail:~/iRedMail-1.7.1# cat /etc/hostname
mail
root@mail:~/iRedMail-1.7.1# cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 mail.xg****.com mail localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
root@mail:~/iRedMail-1.7.1#
root@mail:~/iRedMail-1.7.1#
下载并安装 iRedMail
我写这篇博文的时候,iRedMail 的最新版为 1.7.1,若是版本进行了更新,请大家自行修改下面命令中的版本号。
wget https://github.com/iredmail/iRedMail/archive/refs/tags/1.7.1.tar.gz
tar -xf iRedMail.tar.gz
cd iRedMail-1.7.1
bash iRedMail.sh
c
root@mail:~/iRedMail-1.7.1#
root@mail:~/iRedMail-1.7.1# pwd
/root/iRedMail-1.7.1
root@mail:~/iRedMail-1.7.1# bash iRedMail.sh
按照以下顺序进行安装
不安装,请按 Ctrl-C
![回车选YES]
回车选YES
输入数据密码
后面连续输入两次y,
c
********************************************************************
* Start iRedMail Configurations
********************************************************************
[ INFO ] Generate self-signed SSL cert (4096 bits, expire in 10 years).
[ INFO ] Generate Diffie Hellman Group with openssl, please wait.
[ INFO ] Create required system accounts.
[ INFO ] Configure MariaDB database server.
[ INFO ] Setup daily cron job to backup SQL databases with /var/vmail/backup/backup_mysql.sh
[ INFO ] Configure Postfix (MTA).
[ INFO ] Configure Dovecot (POP3/IMAP/Managesieve/LMTP/LDA).
[ INFO ] Configure Nginx web server.
[ INFO ] Configure PHP.
[ INFO ] Configure mlmmj (mailing list manager).
[ INFO ] Configure ClamAV (anti-virus toolkit).
[ INFO ] Configure Amavisd-new (interface between MTA and content checkers).
[ INFO ] Configure SpamAssassin (content-based spam filter).
[ INFO ] Configure iRedAPD (postfix policy daemon).
[ INFO ] Configure iRedAdmin (official web-based admin panel).
[ INFO ] Configure Roundcube webmail.
[ INFO ] Configure Fail2ban (authentication failure monitor).
[ INFO ] Configure netdata (system and application monitor).
*************************************************************************
* iRedMail-1.7.1 installation and configuration complete.
*************************************************************************
< Question > Would you like to use firewall rules provided by iRedMail?
< Question > File: /etc/nftables.conf, with SSHD ports: 22. [Y|n]y
[ INFO ] Copy firewall sample rules.
< Question > Restart firewall now (with ssh ports: 22)? [y|N]y
[ INFO ] Restarting firewall ...
[ INFO ] Updating ClamAV database (freshclam), please wait ...
ERROR: Failed to lock the log file /var/log/clamav/freshclam.log: Resource temporarily unavailable
********************************************************************
* URLs of installed web applications:
*
* - Roundcube webmail: https://mail.xgpolice.com/mail/
* - netdata (monitor): https://mail.xgpolice.com/netdata/
*
* - Web admin panel (iRedAdmin): https://mail.xgpolice.com/iredadmin/
*
* You can login to above links with below credential:
*
* - Username: postmaster@***.com
* - Password: master
*
********************************************************************
* Congratulations, mail server setup completed successfully. Please
* read below file for more information:
*
* - /root/iRedMail-1.7.1/iRedMail.tips
*
* And it's sent to your mail account postmaster@***.com.
*
********************* WARNING **************************************
*
* Please reboot your system to enable all mail services.
*
********************************************************************
在这里插入代码片
root@mail:~/iRedMail-1.7.1# rebootConnection to 192.168.1.6 closed by remote host.
Connection to 192.168.1.6 closed.
C:\Users\Administrator>ssh wqbboy@192.168.1.6
wqbboy@192.168.1.6's password:
Welcome to Ubuntu 22.04.5 LTS (GNU/Linux 5.15.0-124-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/pro
System information as of Sun Oct 20 03:45:20 AM UTC 2024
System load: 0.83
Usage of /: 48.9% of 9.75GB
Memory usage: 32%
Swap usage: 0%
Processes: 201
Users logged in: 0
IPv4 address for enp0s3: 192.168.1.6
IPv6 address for enp0s3: 2409:8a4c:725c:2710:a00:27ff:fe6c:5547
* Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s
just raised the bar for easy, resilient and secure K8s cluster deployment.
https://ubuntu.com/engage/secure-kubernetes-at-the-edge
Expanded Security Maintenance for Applications is not enabled.
12 updates can be applied immediately.
To see these additional updates run: apt list --upgradable
Enable ESM Apps to receive additional future security updates.
See https://ubuntu.com/esm or run: sudo pro status
New release '24.04.1 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Sun Oct 20 03:05:39 2024 from 192.168.1.5
wqbboy@mail:~$ sudo su -\
>
[sudo] password for wqbboy:
root@mail:~# ping
ping: usage error: Destination address required
root@mail:~#
网页登录
安装配置iRedMail
安装过程会以交换形式进行,需要注意的地方有
安装完成后查看文件 /root/iRedMail-1.6.2/iRedMail.tips, 这里记录会所有iRedMail相关服务和组件的信息。
(5)配置 SSL 证书
配置前准备:
sudo vim /etc/nginx/sites-enabled/00-default-ssl.conf
修改server_name这一行为:
server_name mail.mydomain.com;
停止nginx
sudo service nginx stop
如果不配置nginx的server_name和停止nginx服务,certbot会安装失败。
使用 Let's Encrypt 提供免费的 SSL 证书,访问https://certbot.eff.org/instructions?ws=nginx\&os=ubuntufocal根据官方文档进行操作
由于Ubuntu22.04自带snap,可以跳过snap的安装,直接更新snap
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo certbot --nginx
配置过程中会提示你输入证书域名: mail.mydomain.com
配置结束后启动nginx
sudo service nginx start