测试应用 邮件服务器

Signed-off-by: 萌森 <qyg2297248353@163.com>

apps/docker-mailserver/14.0.0/data.yml

@@ -1,38 +0,0 @@
-additionalProperties:
-  formFields:
-    - default: "/home/bark"
-      edit: true
-      envKey: BARK_ROOT_PATH
-      labelZh: 数据持久化路径
-      labelEn: Data persistence path
-      required: true
-      type: text
-    - default: 8080
-      edit: true
-      envKey: PANEL_APP_PORT_HTTP
-      labelZh: WebUI 端口
-      labelEn: WebUI port
-      required: true
-      rule: paramPort
-      type: number
-    - default: ""
-      edit: true
-      envKey: BARK_SERVER_DSN
-      labelZh: 数据库链接
-      labelEn: Database URL
-      required: false
-      type: text
-    - default: ""
-      edit: true
-      envKey: BARK_SERVER_BASIC_AUTH_USER
-      labelZh: 用户名 (服务基础验证)
-      labelEn: Basic Auth User
-      required: false
-      type: text
-    - default: ""
-      edit: true
-      envKey: BARK_SERVER_BASIC_AUTH_PASSWORD
-      labelZh: 密码 (服务基础验证)
-      labelEn: Basic Auth Password
-      required: false
-      type: text

apps/docker-mailserver/README.md

@@ -1,13 +0,0 @@
-# Docker Mailserver
-
-docker-mailserver，简称 DMS，是一个可用于生产的全栈但简单的邮件服务器（SMTP、IMAP、LDAP、反垃圾邮件、反病毒等）。它只使用配置文件，不使用
-SQL 数据库。其形象以 "保持简单和版本化 "为口号。
-
-## 前置准备
-
-- `域名`
-- `DNS 解析`
-- `服务器`
-    - `Docker` 服务
-    - `推荐配置`: 1核2G内存 容器已启用交换功能
-    - `最小配置`: 1核512M内存 (禁用 ClamAV 服务)

apps/mailserver/14.0.0/data.yml

@@ -0,0 +1,136 @@
+additionalProperties:
+  formFields:
+    - default: "/home/bark"
+      edit: true
+      envKey: MAILSERVER_ROOT_PATH
+      labelZh: 数据持久化路径
+      labelEn: Data persistence path
+      required: true
+      type: text
+    - default: 25
+      edit: true
+      envKey: PANEL_APP_PORT_SMTP
+      labelZh: SMTP 端口 (保持默认)
+      labelEn: SMTP Port (keep default)
+      required: true
+      rule: paramPort
+      type: number
+    - default: 143
+      edit: true
+      envKey: PANEL_APP_PORT_IMAP
+      labelZh: IMAP 端口 (保持默认)
+      labelEn: IMAP Port (keep default)
+      required: true
+      rule: paramPort
+      type: number
+    - default: 465
+      edit: true
+      envKey: PANEL_APP_PORT_SMTPS
+      labelZh: SMTP SSL 端口 (保持默认)
+      labelEn: SMTP SSL Port (keep default)
+      required: true
+      rule: paramPort
+      type: number
+    - default: 587
+      edit: true
+      envKey: PANEL_APP_PORT_ESMTP
+      labelZh: SMTP 提交端口 (保持默认)
+      labelEn: SMTP Submission Port (keep default)
+      required: true
+      rule: paramPort
+      type: number
+    - default: 993
+      edit: true
+      envKey: PANEL_APP_PORT_IPAPS
+      labelZh: IMAP SSL 端口 (保持默认)
+      labelEn: IMAP SSL Port (keep default)
+      required: true
+      rule: paramPort
+      type: number
+    - default: 0
+      edit: true
+      envKey: ENABLE_POP3
+      labelZh: 启用 POP3
+      labelEn: Enable POP3
+      required: true
+      type: select
+      values:
+        - label: 启用
+          value: 1
+        - label: 禁用
+          value: 0
+    - default: 110
+      edit: true
+      envKey: PANEL_APP_PORT_POP
+      labelZh: POP3 端口 (保持默认)
+      labelEn: POP3 Port (keep default)
+      required: false
+      rule: paramPort
+      type: number
+    - default: 995
+      edit: true
+      envKey: PANEL_APP_PORT_POPS
+      labelZh: POP3 SSL 端口 (保持默认)
+      labelEn: POP3 SSL Port (keep default)
+      required: false
+      rule: paramPort
+      type: number
+    - default: "postmaster@domain.com"
+      edit: true
+      envKey: POSTMASTER_ADDRESS
+      labelZh: 管理员邮箱地址
+      labelEn: Postmaster email address
+      required: true
+      type: text
+    - default: 0
+      edit: true
+      envKey: ENABLE_AMAVIS
+      labelZh: 内容过滤器 (Amavis支持)
+      labelEn: Content filter (Amavis support)
+      required: true
+      type: select
+      values:
+        - label: 启用
+          value: 1
+        - label: 禁用
+          value: 0
+    - default: 0
+      edit: true
+      envKey: ENABLE_CLAMAV
+      labelZh: 邮件病毒扫描 (ClamAV支持)
+      labelEn: Mail virus scanning (ClamAV support)
+      required: true
+      type: select
+      values:
+        - label: 启用
+          value: 1
+        - label: 禁用
+          value: 0
+    - default: "manual"
+      edit: true
+      envKey: SSL_TYPE
+      labelZh: SSL 证书类型
+      labelEn: SSL certificate type
+      required: true
+      type: select
+      values:
+        - label: Let's Encrypt
+          value: "letsencrypt"
+        - label: 本地证书
+          value: "manual"
+        - label: 禁用 SSL
+          value: ""
+    - default: "public.crt"
+      edit: true
+      envKey: CERTS_PUBLIC_CRT
+      labelZh: SSL Public 证书文件名
+      labelEn: SSL Public certificate file name
+      required: false
+      type: text
+    - default: "private.key"
+      edit: true
+      envKey: CERTS_PRIVATE_KEY
+      labelZh: SSL Private 证书文件名
+      labelEn: SSL Private certificate file name
+      required: false
+      type: text

apps/mailserver/14.0.0/docker-compose.yml

@@ -21,18 +21,27 @@ services:
       - ${PANEL_APP_PORT_SMTPS}:465
       - ${PANEL_APP_PORT_ESMTP}:587
       - ${PANEL_APP_PORT_IPAPS}:993
+      - ${PANEL_APP_PORT_POP:-}:110
+      - ${PANEL_APP_PORT_POPS:-}:995
     env_file:
       - /etc/1panel/envs/global.env
       - /etc/1panel/envs/mailserver/mailserver.env
       - ${ENV_FILE:-/etc/1panel/envs/default.env}
     volumes:
       - /etc/localtime:/etc/localtime:ro
-      - ${DOCKER_MAILSERVER_ROOT_PATH}/dms/mail-data/:/var/mail/
-      - ${DOCKER_MAILSERVER_ROOT_PATH}/dms/mail-state/:/var/mail-state/
-      - ${DOCKER_MAILSERVER_ROOT_PATH}/dms/mail-logs/:/var/log/mail/
-      - ${DOCKER_MAILSERVER_ROOT_PATH}/dms/config/:/tmp/docker-mailserver/
+      - ${MAILSERVER_ROOT_PATH}/dms/mail-data/:/var/mail/
+      - ${MAILSERVER_ROOT_PATH}/dms/mail-state/:/var/mail-state/
+      - ${MAILSERVER_ROOT_PATH}/dms/mail-logs/:/var/log/mail/
+      - ${MAILSERVER_ROOT_PATH}/dms/config/:/tmp/docker-mailserver/
+      - ${MAILSERVER_ROOT_PATH}/certs/:/tmp/dms/certs/
+      - ${MAILSERVER_ROOT_PATH}/dms-backups/:/backup/
     environment:
-      -
+      - LOG_LEVEL=info
+      - SUPERVISOR_LOGLEVEL=info
+      - ACCOUNT_PROVISIONER=FILE
+      - SSL_CERT_PATH=/tmp/dms/certs/${CERTS_PUBLIC_CRT:-public.crt}
+      - SSL_KEY_PATH=/tmp/dms/certs/${CERTS_PRIVATE_KEY:-private.key}
+      - SPOOF_PROTECTION=1
     healthcheck:
       test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
       timeout: 3s

apps/mailserver/README.md

@@ -0,0 +1,69 @@
+# Docker Mailserver
+
+docker-mailserver，简称 DMS，是一个可用于生产的全栈但简单的邮件服务器（SMTP、IMAP、LDAP、反垃圾邮件、反病毒等）。它只使用配置文件，不使用
+SQL 数据库。其形象以 "保持简单和版本化 "为口号。
+
+## 前置准备
+
+- `域名`
+- `DNS 解析`
+- `服务器`
+    - `Docker` 服务
+    - `推荐配置`: 1核2G内存 容器已启用交换功能
+    - `最小配置`: 1核512M内存 (禁用 ClamAV 服务)
+
+### DNS 配置
+
+假设你的域名是 `example.com`
+
+邮件服务器的完全限定域名 (FQDN) 是 mail.example.com，你需要配置以下记录：
+
+- `A` 记录: `mail.example.com` 指向你的服务器 IP 地址
+    - MX 记录告诉每个人哪个 (DNS) 名称负责您域中的电子邮件。
+- `MX` 记录: `example.com` 指向 `mail.example.com`
+    - A 记录告诉每个人 DNS 名称
+- `PTR` 记录(可选): 你的服务器 IP 地址指向 `mail.example.com`
+    - PTR 记录是 A 记录的对应记录
+
+当然，您也可以完全在 example.com 上配置，您需要更改您的 MX 记录：
+
+- `MX` 记录: `example.com` 指向 `example.com`
+- `A` 记录: `example.com` 指向您的服务器 IP 地址
+
+什么是 PTR 记录？[请参阅](https://en.wikipedia.org/wiki/Reverse_DNS_lookup)
+
+此项服务在 DNS 解析商中可能存在收费，如您不想使用此项服务，可以不配置 PTR 记录。
+
+### 证书准备
+
+您需要一个有效的 SSL 证书，您可以使用 `Let's Encrypt` 或者其他证书颁发机构颁发的证书。
+
+将证书文件放置在 持久化目录的 `certs` 目录下，文件名为 `public.crt` 和 `private.key`。
+
+## 安装完成
+
+首次启动至少要添加一个账户，您有两分钟的时间来执行此操作。请在容器终端中运行以下命令。
+
+如果您错过了这个时间，您可以通过删除容器并重新启动来重新启动此过程。
+
+> 创建 用户
+>
+> `setup email add <NEW ADDRESS>`
+
+```sh
+setup email add user@example.com
+```
+
+> 设置别名
+>
+> `setup alias add <ALIAS> <EMAIL>`
+
+```sh
+setup alias add postmaster@example.com user@example.com
+```
+
+> 更新证书
+
+将证书文件放置在 持久化目录的 `certs` 目录下，文件名为 `public.crt` 和 `private.key`。
+
+重启容器，即可更新证书。

apps/mailserver/data.yml

@@ -1,9 +1,9 @@
-name: Docker Mailserver
+name: Mailserver
 title: 是一个可用于生产的全栈但简单的邮件服务器
 description: 是一个可用于生产的全栈但简单的邮件服务器
 additionalProperties:
-  key: docker-mailserver
-  name: Docker Mailserver
+  key: mailserver
+  name: Mailserver
   tags:
     - Email
     - Local
@@ -12,6 +12,6 @@ additionalProperties:
   type: runtime
   crossVersionUpdate: true
   limit: 0
-  website: https://docker-mailserver.github.io/
+  website: https://docker-mailserver.github.io/docker-mailserver/latest/
   github: https://github.com/docker-mailserver/docker-mailserver/
-  document: https://docker-mailserver.github.io/
+  document: https://docker-mailserver.github.io/docker-mailserver/latest/

envs/mailserver/mailserver.env

@@ -1,26 +1,100 @@
-POSTMASTER_ADDRESS=
+# -----------------------------------------------
+# --- Mailserver Environment Variables ----------
+# -----------------------------------------------
 
-ACCOUNT_PROVISIONER=FILE
+# DOCUMENTATION FOR THESE VARIABLES IS FOUND UNDER
+# https://docker-mailserver.github.io/docker-mailserver/latest/config/environment/
+
+# -----------------------------------------------
+# --- General Section ---------------------------
+# -----------------------------------------------
+
+# empty => uses the `hostname` command to get the mail server's canonical hostname
+# => Specify a fully-qualified domainname to serve mail for.  This is used for many of the config features so if you can't set your hostname (e.g. you're in a container platform that doesn't let you) specify it in this environment variable.
 OVERRIDE_HOSTNAME=
 
-# log level
-LOG_LEVEL=info
-SUPERVISOR_LOGLEVEL=info
+# REMOVED in version v11.0.0! Use LOG_LEVEL instead.
+DMS_DEBUG=0
 
-# default: 5000
+# Set the log level for DMS.
+# This is mostly relevant for container startup scripts and change detection event feedback.
+#
+# Valid values (in order of increasing verbosity) are: `error`, `warn`, `info`, `debug` and `trace`.
+# The default log level is `info`.
+LOG_LEVEL=info
+
+# critical => Only show critical messages
+# error => Only show erroneous output
+# **warn** => Show warnings
+# info => Normal informational output
+# debug => Also show debug messages
+SUPERVISOR_LOGLEVEL=
+
+# Support for deployment where these defaults are not compatible (eg: some NAS appliances):
+# /var/mail vmail User ID (default: 5000)
 DMS_VMAIL_UID=
+# /var/mail vmail Group ID (default: 5000)
 DMS_VMAIL_GID=
 
-# Disable update checking
+# **empty** => use FILE
+# LDAP => use LDAP authentication
+# OIDC => use OIDC authentication (not yet implemented)
+# FILE => use local files (this is used as the default)
+ACCOUNT_PROVISIONER=
+
+# empty => postmaster@domain.com
+# => Specify the postmaster address
+POSTMASTER_ADDRESS=
+
+# Check for updates on container start and then once a day
+# If an update is available, a mail is sent to POSTMASTER_ADDRESS
+# 0 => Update check disabled
+# 1 => Update check enabled
 ENABLE_UPDATE_CHECK=0
+
+# Customize the update check interval.
+# Number + Suffix. Suffix must be 's' for seconds, 'm' for minutes, 'h' for hours or 'd' for days.
 UPDATE_CHECK_INTERVAL=1d
 
-NETWORK_INTERFACE=
+# Set different options for mynetworks option (can be overwrite in postfix-main.cf)
+# **WARNING**: Adding the docker network's gateway to the list of trusted hosts, e.g. using the `network` or
+# `connected-networks` option, can create an open relay
+# https://github.com/docker-mailserver/docker-mailserver/issues/1405#issuecomment-590106498
+# The same can happen for rootless podman. To prevent this, set the value to "none" or configure slirp4netns
+# https://github.com/docker-mailserver/docker-mailserver/issues/2377
+#
+# none => Explicitly force authentication
+# container => Container IP address only
+# host => Add docker container network (ipv4 only)
+# network => Add all docker container networks (ipv4 only)
+# connected-networks => Add all connected docker networks (ipv4 only)
 PERMIT_DOCKER=none
-TZ=Asia/Shanghai
-TLS_LEVEL=modern
 
-SPOOF_PROTECTION=1
+# Set the timezone. If this variable is unset, the container runtime will try to detect the time using
+# `/etc/localtime`, which you can alternatively mount into the container. The value of this variable
+# must follow the pattern `AREA/ZONE`, i.e. of you want to use Germany's time zone, use `Europe/Berlin`.
+# You can lookup all available timezones here: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List
+TZ=Asia/Shanghai
+
+# In case you network interface differs from 'eth0', e.g. when you are using HostNetworking in Kubernetes,
+# you can set NETWORK_INTERFACE to whatever interface you want. This interface will then be used.
+#  - **empty** => eth0
+NETWORK_INTERFACE=
+
+# empty => modern
+# modern => Enables TLSv1.2 and modern ciphers only. (default)
+# intermediate => Enables TLSv1, TLSv1.1 and TLSv1.2 and broad compatibility ciphers.
+TLS_LEVEL=
+
+# Configures the handling of creating mails with forged sender addresses.
+#
+# **0** => (not recommended) Mail address spoofing allowed. Any logged in user may create email messages with a forged sender address (see also https://en.wikipedia.org/wiki/Email_spoofing).
+# 1 => Mail spoofing denied. Each user may only send with his own or his alias addresses. Addresses with extension delimiters(http://www.postfix.org/postconf.5.html#recipient_delimiter) are not able to send messages.
+SPOOF_PROTECTION=
+
+# Enables the Sender Rewriting Scheme. SRS is needed if your mail server acts as forwarder. See [postsrsd](https://github.com/roehling/postsrsd/blob/master/README.md#sender-rewriting-scheme-crash-course) for further explanation.
+#  - **0** => Disabled
+#  - 1 => Enabled
 ENABLE_SRS=0
 
 # Enables the OpenDKIM service.
@@ -65,7 +139,7 @@ SPAM_SUBJECT=
 # Enables Rspamd
 # **0** => Disabled
 #   1   => Enabled
-ENABLE_RSPAMD=0
+ENABLE_RSPAMD=1
 
 # When `ENABLE_RSPAMD=1`, an internal Redis instance is enabled implicitly.
 # This setting provides an opt-out to allow using an external instance instead.
@@ -80,7 +154,7 @@ ENABLE_RSPAMD_REDIS=
 #
 # **0** => disabled
 # 1     => enabled
-RSPAMD_LEARN=0
+RSPAMD_LEARN=1
 
 # This settings controls whether checks should be performed on emails coming
 # from authenticated users (i.e. most likely outgoing emails). The default value
@@ -97,7 +171,7 @@ RSPAMD_CHECK_AUTHENTICATED=0
 #
 # **0** => disabled
 # 1     => enabled
-RSPAMD_GREYLISTING=0
+RSPAMD_GREYLISTING=1
 
 # Can be used to enable or disable the Hfilter group module.
 #
@@ -119,7 +193,7 @@ RSPAMD_NEURAL=0
 # Amavis content filter (used for ClamAV & SpamAssassin)
 # 0 => Disabled
 # 1 => Enabled
-ENABLE_AMAVIS=1
+ENABLE_AMAVIS=0
 
 # -1/-2/-3 => Only show errors
 # **0**    => Show warnings
@@ -317,7 +391,7 @@ ENABLE_SPAMASSASSIN=0
 # - 1 => KAM enabled
 #
 # Note: only has an effect if `ENABLE_SPAMASSASSIN=1`
-ENABLE_SPAMASSASSIN_KAM=0
+ENABLE_SPAMASSASSIN_KAM=1
 
 # deliver spam messages to the inbox (tagged using SPAM_SUBJECT)
 SPAMASSASSIN_SPAM_TO_INBOX=1
@@ -326,7 +400,7 @@ SPAMASSASSIN_SPAM_TO_INBOX=1
 MOVE_SPAM_TO_JUNK=1
 
 # spam messages will be marked as read
-MARK_SPAM_AS_READ=0
+MARK_SPAM_AS_READ=1
 
 # add 'spam info' headers at, or above this level
 SA_TAG=2.0