Blog

TODO - docker compose 搭建iRedmail（本地的80、443端口已经被占用了）

2025-10-24 02:54PM

我尝试使用了docker、docker ubuntu、docker compose都失败了，主要是因为我本地的80和443端口已经被占用了，但是iredmail必须需要使用443端口，所以页面都打不开

1. 创建 iredmail 文件

$ mkdir /iredmail

2. 进入 iredmail 文件

$ cd /iredmail

3. 拉取镜像文件

$ docker pull iredmail/mariadb:stable

4. 增加 iredmail-docker.conf 文件

$ touch iredmail-docker.conf

echo HOSTNAME=mail.mydomain.com >> iredmail-docker.conf
echo FIRST_MAIL_DOMAIN=mydomain.com >> iredmail-docker.conf
echo FIRST_MAIL_DOMAIN_ADMIN_PASSWORD=my-secret-password >> iredmail-docker.conf
echo MLMMJADMIN_API_TOKEN=$(openssl rand -base64 32) >> iredmail-docker.conf
echo ROUNDCUBE_DES_KEY=$(openssl rand -base64 24) >> iredmail-docker.conf
echo MYSQL_ROOT_PASSWORD=my-secret-password >> iredmail-docker.conf

例如：文件内容

HOSTNAME=mail.bida.exchange
FIRST_MAIL_DOMAIN=bida.exchange
FIRST_MAIL_DOMAIN_ADMIN_PASSWORD=user1234
MLMMJADMIN_API_TOKEN=BeMv4PzGAoeH7WzdnFWnNMfiRIc5RQnRaa6xS2YfqjY=
ROUNDCUBE_DES_KEY=5N8wQkR4VEO/jUKbL+Q13aYFbSS5WALF
MYSQL_ROOT_PASSWORD=user1234

5. 创建 docker-compose.yml 文件

# 说明：需要先手动创建网络；
# docker network create my-app-network

#networks:
# mail-network:
# driver: bridge
# name: mail-network # 指定网络名称

networks:
mail-network:
driver: bridge
name: mail-network

services:
iredmail:
container_name: mail_iredmail
image: iredmail/mariadb:stable
hostname: mail.bida.exchange # 请替换为你的域名
restart: unless-stopped
env_file:
- ./iredmail-docker.conf # 环境变量配置文件路径
ports:
- "8081:80" #我本地的80端口已经被占用了，所以使用8081
- "8443:443" # 我本地的443端口也被占用了，所以使用8443
- "25:25"
- "465:465"
- "587:587"
- "110:110"
- "995:995"
- "143:143"
- "993:993"
volumes:
- ./iredmail/data/backup-mysql:/var/vmail/backup/mysql
- ./iredmail/data/mailboxes:/var/vmail/vmail1
- ./iredmail/data/mlmmj:/var/vmail/mlmmj
- ./iredmail/data/mlmmj-archive:/var/vmail/mlmmj-archive
- ./iredmail/data/imapsieve_copy:/var/vmail/imapsieve_copy
- ./iredmail/data/custom:/opt/iredmail/custom
- ./iredmail/data/ssl:/opt/iredmail/ssl
- ./iredmail/data/mysql:/var/lib/mysql
- ./iredmail/data/clamav:/var/lib/clamav
- ./iredmail/data/sa_rules:/var/lib/spamassassin
- ./iredmail/data/postfix_queue:/var/spool/postfix
networks:
- mail-network

6. 替换证书

cd /opt/app/iredmail/data/ssl # 将证书文件上传到该目录下，并替换cert.pem、combined.pem、key.pem三个文件：

可以先把cert.pem、key.pem和combined.pem进行备份（重命名）

cp key.pem key.pem.backup
cp cert.pem cert.pem.backup
cp combined.pem combined.pem.backup

然后再替换文件

$ cp bida.exchange..crt cert.pem

$ cp bida.exchange.key key.pem

$ cat cert.pem key.pem > combined.pem # 我的ssl证书只有crt和key文件，所以要生成 combined.pem 文件

7. 获取 dkim._domainkey 记录值

7.1 进入容器

$ docker exec -it iredmail /bin/bash

7.2 执行：$ amavisd showkeys 或者 $ amavisd-new showkeys 命令

# 结果跟下面类似：
dkim._domainkey.mydomain.com. 3600 TXT (
"v=DKIM1; p="
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYArsr2BKbdhv9efugByf7LhaK"
"txFUt0ec5+1dWmcDv0WH0qZLFK711sibNN5LutvnaiuH+w3Kr8Ylbw8gq2j0UBok"
"FcMycUvOBd7nsYn/TUrOua3Nns+qKSJBy88IWSh2zHaGbjRYujyWSTjlPELJ0H+5"
"EV711qseo/omquskkwIDAQAB")

# 将所有引号去掉，并合并到一行即可,类似下面这样

v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO6tMWozhzuAgsTvRTlWD7NkWF0uK29KnNNtbAN0Q8a/tuSg2UXOKXnf9W/QQGqTQKWD+E19gEU5+pfyxDYcXQIDAQAB

8. _dmarc 记录值

它的记录值中 postmaster@bida.exchange 应与 iredmail-docker.conf 中 POSTMASTER_EMAIL 的值一样（默认为：postmaster@bida.exchange）

9. 添加云解析

记录类型	主机记录	记录值	MX优先级
A	mail	部署 iredmail 的服务器的公网 ip
MX	@	mail.bida.exchange	10
TXT	@	v=spf1 mx -all
TXT	dkim._domainkey	v=DKIM1;p=xxxxxxxxx
TXT	_dmarc	v=DMARC1; p=none; pct=100; rua=mailto:postmaster@bida.exchange

10. 启动 docker-compose

$ docker-compose up

首次运行时,它将生成一个自签名的 ssl 证书,这可能需要很长时间时间,请耐心等待

每次运行容器时,任务将很少。

更新 Spam Assassin 规则。
更新ClamAV病毒签名数据库。

FIRST_MAIL_DOMAIN_ADMIN_PASSWORD仅在首次运行时设置/重置,而不是每次运行。

每次启动或启动时,所有SQL密码都会默认设置或重置重新启动容器。如果您不喜欢此密码,请设置在iredmail-docker.conf例如MYSQL_ROOT_PASSWORD=<your-password>

我发现虽然启动了，但是出错了，clamav（反病毒扫描服务）反复启动后立即退出（exit status 1），这通常是由于配置错误、病毒库问题或权限不足导致的。

在浏览器使用服务器ip+端口号，却打不开

因为我这个nginx还没有配置，并且iRedmail指向的还是80端口

先进入docker容器，查看iRedmail在docker是否可以打开

$ docker ps

$ docker exec -it <CONTAINER ID> /bin/bash

$ 使用 curl https://localhost -k

例如：

root@mail:~# curl https://localhost -k
<!DOCTYPE html>
<html lang="en">

<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>Roundcube Webmail :: Welcome to Roundcube Webmail</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0, shrink-to-fit=no, maximum-scale=1.0">
<meta name="theme-color" content="#f4f4f4">
<meta name="msapplication-navbutton-color" content="#f4f4f4">

The JavaScript code in this page is free software: you can redistribute
it and/or modify it under the terms of the GNU General Public License
as published by the Free Software Foundation, either version 3 of
the License, or (at your option) any later version.

The code is distributed WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU GPL for more details.

@licend The above is the entire license notice
for the JavaScript code in this page.
*/
var rcmail = new rcube_webmail();
rcmail.set_env({"task":"login","standard_windows":false,"locale":"en_US","devel_mode":null,"rcversion":10411,"cookie_domain":"","cookie_path":"/","cookie_secure":true,"skin":"elastic","blankpage":"skins/elastic/watermark.html","refresh_interval":60,"session_lifetime":600,"action":"","comm_path":"./?_task=login","compose_extwin":false,"date_format":"yy-mm-dd","date_format_localized":"YYYY-MM-DD","request_token":"87qA8KDaZU5PO3MqvvaV9ATNr1Y2rkqk"});
rcmail.add_label({"loading":"Loading...","servererror":"Server Error!","connerror":"Connection Error (Failed to reach the server)!","requesttimedout":"Request timed out","refreshing":"Refreshing...","windowopenerror":"The popup window was blocked!","uploadingmany":"Uploading files...","uploading":"Uploading file...","close":"Close","save":"Save","cancel":"Cancel","alerttitle":"Attention","confirmationtitle":"Are you sure...","delete":"Delete","continue":"Continue","ok":"OK","back":"Back","errortitle":"An error occurred!","options":"Options","plaintoggle":"Plain text","htmltoggle":"HTML","previous":"Previous","next":"Next","select":"Select","browse":"Browse","choosefile":"Choose file...","choosefiles":"Choose files..."});
rcmail.gui_container("loginfooter","login-footer");rcmail.gui_object('loginform', 'login-form');
rcmail.gui_object('message', 'messagestack');
</script>

</head>
<body class="task-login action-none">
<div id="layout">

<h1 class="voice">Roundcube Webmail Login</h1>

<div id="layout-content" class="selected no-navbar" role="main">
<img src="skins/elastic/images/logo.svg?s=1612812581" id="logo" alt="Logo">
<form id="login-form" name="login-form" method="post" class="propform" action="./?_task=login">
<input type="hidden" name="_token" value="87qA8KDaZU5PO3MqvvaV9ATNr1Y2rkqk">
<input type="hidden" name="_task" value="login"><input type="hidden" name="_action" value="login"><input type="hidden" name="_timezone" id="rcmlogintz" value="_default_"><input type="hidden" name="_url" id="rcmloginurl" value=""><table><tbody><tr><td class="title"><label for="rcmloginuser">Username</label>
</td>
<td class="input"><input name="_user" id="rcmloginuser" required size="40" autocapitalize="off" type="text"></td>
</tr>
<tr><td class="title"><label for="rcmloginpwd">Password</label>
</td>
<td class="input"><input name="_pass" id="rcmloginpwd" required size="40" autocapitalize="off" type="password"></td>
</tr>
</tbody>
</table>
<p class="formbuttons"><button type="submit" id="rcmloginsubmit" class="button mainaction submit">Login</button>
</p>

<div id="login-footer" role="contentinfo">
Roundcube Webmail

</div>
</form>
</div>

</div>
<div id="messagestack"></div>
<script>
$(function() {
rcmail.init();
});
</script>

</body>

那就说明是 nginx 的问题，还没有配置

返回>>

请登录后再发表评论。

评论列表:

目前还没有人发表评论