跳转到内容
主菜单
主菜单
移至侧栏
隐藏
导航
首页
最近更改
随机页面
MediaWiki帮助
MalacoKnowledge
搜索
搜索
登录
个人工具
登录
查看“Maddy”的源代码
页面
讨论
大陆简体
阅读
查看源代码
查看历史
工具
工具
移至侧栏
隐藏
操作
阅读
查看源代码
查看历史
常规
链入页面
相关更改
特殊页面
页面信息
←
Maddy
因为以下原因,您没有权限编辑该页面:
您请求的操作仅限属于该用户组的用户执行:
用户
您可以查看和复制此页面的源代码。
Maddy 是 Golang 写的易于配置的邮箱收发服务器,集成了 IMAP 和 SMTP 以及 DKIM ,十分方便。 ==安装== <pre>$ yay -S maddy</pre>这里我使用 sqlite<pre># pacman -S sqlite</pre> ==配置文件== ===Maddy 配置=== <pre>$ vim /etc/maddy/maddy.conf</pre>内容如下<pre>## Maddy Mail Server - default configuration file (2021-08-16) # Suitable for small-scale deployments. Uses its own format for local users DB, # should be managed via maddyctl utility. # # See tutorials at https://maddy.email for guidance on typical # configuration changes. # # See manual pages (also available at https://maddy.email) for reference # documentation. # ---------------------------------------------------------------------------- # Base variables $(hostname) = DOMAIN $(primary_domain) = DOMAIN $(local_domains) = $(primary_domain) #tls file /etc/maddy/certs/$(hostname)/fullchain.pem /etc/maddy/certs/$(hostname)/privkey.pem tls file /etc/letsencrypt/live/$(local_domains)/fullchain.pem /etc/letsencrypt/live/$(local_domains)/privkey.pem # ---------------------------------------------------------------------------- # Local storage & authentication # pass_table provides local hashed passwords storage for authentication of # users. It can be configured to use any "table" module, in default # configuration a table in SQLite DB is used. # Table can be replaced to use e.g. a file for passwords. Or pass_table module # can be replaced altogether to use some external source of credentials (e.g. # PAM, /etc/shadow file). # # If table module supports it (sql_table does) - credentials can be managed # using 'maddyctl creds' command. auth.pass_table local_authdb { table sql_table { driver sqlite3 dsn credentials.db table_name passwords } } # imapsql module stores all indexes and metadata necessary for IMAP using a # relational database. It is used by IMAP endpoint for mailbox access and # also by SMTP & Submission endpoints for delivery of local messages. # # IMAP accounts, mailboxes and all message metadata can be inspected using # imap-* subcommands of maddyctl utility. storage.imapsql local_mailboxes { driver sqlite3 dsn imapsql.db } # ---------------------------------------------------------------------------- # SMTP endpoints + message routing hostname $(hostname) table.chain local_rewrites { optional_step regexp "(.+)\+(.+)@(.+)" "$1@$3" optional_step static { entry postmaster postmaster@$(primary_domain) } optional_step file /etc/maddy/aliases } msgpipeline local_routing { # Insert handling for special-purpose local domains here. # e.g. # destination lists.example.org { # deliver_to lmtp tcp://127.0.0.1:8024 # } destination postmaster $(local_domains) { modify { replace_rcpt &local_rewrites } deliver_to &local_mailboxes } default_destination { reject 550 5.1.1 "User doesn't exist" } } smtp tcp://0.0.0.0:25 { limits { # Up to 20 msgs/sec across max. 10 SMTP connections. all rate 20 1s all concurrency 10 } dmarc yes check { require_mx_record dkim spf } source $(local_domains) { reject 501 5.1.8 "Use Submission for outgoing SMTP" } default_source { destination postmaster $(local_domains) { deliver_to &local_routing } default_destination { reject 550 5.1.1 "User doesn't exist" } } } submission tls://[::]:465 { #submission tls://0.0.0.0:465 tcp://0.0.0.0:587 { limits { # Up to 50 msgs/sec across any amount of SMTP connections. all rate 50 1s } auth &local_authdb source $(local_domains) { check { authorize_sender { prepare_email &local_rewrites user_to_email identity } } destination postmaster $(local_domains) { deliver_to &local_routing } default_destination { modify { dkim $(primary_domain) $(local_domains) default } deliver_to &remote_queue } } default_source { reject 501 5.1.8 "Non-local sender domain" } } target.remote outbound_delivery { limits { # Up to 20 msgs/sec across max. 10 SMTP connections # for each recipient domain. destination rate 20 1s destination concurrency 10 } mx_auth { dane mtasts { cache fs fs_dir mtasts_cache/ } local_policy { min_tls_level none min_mx_level none } } } target.queue remote_queue { target &outbound_delivery autogenerated_msg_domain $(primary_domain) bounce { destination postmaster $(local_domains) { deliver_to &local_routing } default_destination { reject 550 5.0.0 "Refusing to send DSNs to non-local addresses" } } } # ---------------------------------------------------------------------------- # IMAP endpoints imap tls://[::]:993 { #imap tls://0.0.0.0:993 tcp://0.0.0.0:143 { auth &local_authdb storage &local_mailboxes }</pre>主要修改 <code>min_tls_level</code> 为 <code>none</code> 为了 office365/outlook 通讯。还有<code>hostname</code> <code>primary_domain</code> 以及 <code>tls</code> 文件位置 信件存储在 <code>/var/lib/maddy/messages</code> sqlite 存储在 <code>/var/lib/maddy/</code> === SSL key === # setfacl -R -m u:maddy:rX /etc/letsencrypt/{live,archive} ===systemd 配置=== <pre>$ vim /usr/lib/systemd/system/maddy.service $ vim /usr/lib/systemd/system/maddy@.service</pre>可以修改成你需要的,但是如果要修改为 <code>root</code> 那么<pre>User=root Group=root #AmbientCapabilities=CAP_NET_BIND_SERVICE #CapabilityBoundingSet=CAP_NET_BIND_SERVICE </pre>之后<pre># systemctl enable maddy # systemctl start maddy</pre> ===用户配置=== <pre>$ maddyctl creds create/password <username@example.com> --password <YourPassword> #创建用户/更改用户密码 $ maddyctl creds create #删除用户 $ maddyctl creds list # 查看你刚创建的用户名 $ maddyctl imap-acct create/remove <username@example.com> # 创建/删除一个邮件储存账户 $ maddyctl imap-acct list # 查看刚创建的 imap 储存账户 $ maddyctl imap-mboxes list <username@example.com> # 可以看到该账户下有哪些分类 $ maddyctl imap-msgs list <username@example.com> <INBOX> # 可以查看当前账户对应分类接收到的邮件,一般收件在 INBOX 中</pre> ==端口== 以下端口需要开放 *25:通信 *465: SMTP *993: IMAP ==解析== ===A 记录=== *type: A *host: 根据你的 domain,二级域名填写二级域名的名称,一级域名空或者@/* *value: IP ===MX 记录=== *type: MX *host: 根据你的 domain,二级域名填写二级域名的名称,一级域名空或者@/* *value: domain ==送信优化== ===DKIM=== 在 <code>/var/lib/maddy/dkim_keys</code> 下的 .dns 文件存在,文件内容即是 DKIM 解析 添加解析 *type: TXT *host: default._domainkey *value: .dns 内容 ===SPF=== 添加解析 *type: TXT *host: 根据你的 domain,二级域名填写二级域名的名称,一级域名空或者@/* *value: v=spf1 mx ~all ==收信优化== ===DMARC=== *type: TXT *host: _dmarc *value: v=DMARC1; p=quarantine; p 可以为 <code>none</code> <code>quarantine</code> <code>reject</code> 分别 接受不处理、接受并处理、拒绝 没经过 DMARC 检验的邮件 [[分类:Server]]
返回
Maddy
。
开关有限宽度模式
