Email Server Ma Hoa: Tu Cai Dat Email Bao Mat tren VPS
Su dung Gmail hay Outlook co nghia la Google va Microsoft co the doc noi dung email cua ban. Tu cai dat email server tren VPS offshore la cach duy nhat de co email that su rieng tu. Voi Anubiz Host VPS tai Iceland, ban co the chay Postfix va Dovecot - hai phan mem email server pho bien nhat - tren may chu do minh hoan toan kiem soat.
Need this done for your project?
We implement, you ship. Async, documented, done in days.
Chuan Bi Truoc Khi Cai Email Server
Truoc khi cai email server, can chuan bi mot so dieu kien:
Yeu cau he thong:
- VPS voi it nhat 2GB RAM (khuyen nghi 4GB) - email server can RAM de xu ly hang doi
- Hostname hop le (FQDN) - vi du mail.yourdomain.com
- Ten mien rieng voi kha nang chinh sua DNS
- Cong 25 (SMTP) khong bi chan boi nha cung cap VPS
Cau hinh DNS truoc:
- A record: mail.yourdomain.com -> IP VPS cua ban
- MX record: yourdomain.com -> mail.yourdomain.com (priority 10)
- PTR record (rDNS): Yeu cau AnubizHost thiet lap reverse DNS cho IP
# Dat hostname dung tren VPS
hostnamectl set-hostname mail.yourdomain.com
echo "your-vps-ip mail.yourdomain.com" >> /etc/hostsKiem tra cong 25 co mo khong:
telnet smtp.gmail.com 25 # Test tu VPS ra ngoaiCai Dat Postfix (SMTP Server)
Postfix la MTA (Mail Transfer Agent) xu ly gui va nhan email:
apt update && apt install -y postfix postfix-mysql dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd opendkim opendkim-tools certbot
# Khi duoc hoi, chon "Internet Site"
# Nhap ten mien: yourdomain.comCau hinh Postfix chinh (/etc/postfix/main.cf):
myhostname = mail.yourdomain.com
mydomain = yourdomain.com
myorigin = $mydomain
inet_interfaces = all
inet_protocols = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
# TLS (ma hoa)
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.yourdomain.com/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mail.yourdomain.com/privkey.pem
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtp_tls_security_level = may
# Gioi han size email
message_size_limit = 52428800 # 50MBsystemctl enable postfix
systemctl restart postfixCai Dat Dovecot Va DKIM
Dovecot la IMAP/POP3 server cho phep email client (Thunderbird, mutt) ket noi lay email:
nano /etc/dovecot/conf.d/10-mail.conf
# Thay doi:
mail_location = maildir:~/Maildir
nano /etc/dovecot/conf.d/10-auth.conf
# Dat:
disable_plaintext_auth = yes
auth_mechanisms = plain login
nano /etc/dovecot/conf.d/10-ssl.conf
ssl = required
ssl_cert = Cau hinh OpenDKIM de email khong bi spam filter:
opendkim-genkey -t -s mail -d yourdomain.com
mv mail.private /etc/opendkim/keys/yourdomain.com/
mv mail.txt /etc/opendkim/keys/yourdomain.com/Them DKIM public key vao DNS (TXT record):
cat /etc/opendkim/keys/yourdomain.com/mail.txt
# Sao chep noi dung v=DKIM1... vao DNS TXT record: mail._domainkey.yourdomain.comKiem tra email server hoat dong dung:
echo "Test email" | mail -s "Test Subject" [email protected]Bao Mat Email Server Va Chong Spam
Email server lam viec tot nhung cung la muc tieu tan cong neu khong duoc bao mat:
Cau hinh SPF record (DNS TXT):
yourdomain.com TXT "v=spf1 mx a ip4:your-vps-ip ~all"Cau hinh DMARC record (DNS TXT):
_dmarc.yourdomain.com TXT "v=DMARC1; p=quarantine; rua=mailto:[email protected]"Cai Postfix Policyd de han che spam:
apt install -y postfix-policyd-spf-python
# Them vao /etc/postfix/master.cf:
policyd-spf unix - n n - 0 spawn
user=policyd-spf argv=/usr/bin/policyd-spfCai Fail2ban cho Postfix va Dovecot:
nano /etc/fail2ban/jail.local
[postfix]
enabled = true
port = smtp,ssmtp
logpath = /var/log/mail.log
maxretry = 5
[dovecot]
enabled = true
port = imaps,pop3s
logpath = /var/log/mail.log
maxretry = 5
systemctl restart fail2banEmail server tu cai dat tren AnubizHost VPS Iceland cho phep ban hoan toan kiem soat du lieu email, khong phu thuoc Google, Microsoft hay bat ky nha cung cap email lon nao.
Related Services
Why Anubiz Host
Ready to get started?
Skip the research. Tell us what you need, and we'll scope it, implement it, and hand it back — fully documented and production-ready.