Mama ist fertig!

Dieser Commit ist enthalten in:
timo 2017-05-09 19:21:51 +02:00
Ursprung 9a0ab9c5e3
Commit 572d0f924a
3 geänderte Dateien mit 7 neuen und 7 gelöschten Zeilen

Datei anzeigen

@ -11,17 +11,17 @@ mailcow uses **at least** 3 domain names that should be covered by your new cert
This is just an example of how to obtain certificates with certbot. There are several methods!
### 1\. Get the certbot client:
1\. Get the certbot client:
``` bash
wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot
```
### 2\. Make sure you set `HTTP_BIND=0.0.0.0` and `HTTP_PORT=80` in `mailcow.conf` or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then rebuild Nginx:
2\. Make sure you set `HTTP_BIND=0.0.0.0` and `HTTP_PORT=80` in `mailcow.conf` or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then rebuild Nginx:
``` bash
docker-compose up -d
```
### 3\. Request the certificate with the webroot method:
3\. Request the certificate with the webroot method:
``` bash
cd /path/to/git/clone/mailcow-dockerized
source mailcow.conf
@ -38,7 +38,7 @@ certbot certonly \
!!! warning
Remember to replace the example.org domain with your own domain, this command will not work if you don't.
### 4\. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:
4\. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder:
``` bash
mv data/assets/ssl/cert.{pem,pem.backup}
mv data/assets/ssl/key.{pem,pem.backup}
@ -46,7 +46,7 @@ ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/fullchain.pem) data/a
ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem) data/assets/ssl/key.pem
```
### 5\. Restart affected containers:
5\. Restart affected containers:
```
docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow
```

Datei anzeigen

@ -1,4 +1,4 @@
Redis is used as a key-value store for rspamd's and (some of) mailcow's settings and data. If you are familiar with redis please read the [introduction to redis](https://redis.io/topics/introduction) and maybe visit this [wonderfull guide](http://try.redis.io/) on how to use it.
Redis is used as a key-value store for rspamd's and (some of) mailcow's settings and data. If you are unfamiliar with redis please read the [introduction to redis](https://redis.io/topics/introduction) and maybe visit this [wonderfull guide](http://try.redis.io/) on how to use it.
## Client

Datei anzeigen

@ -1,6 +1,6 @@
For DNS blacklist lookups and DNSSEC.
Most systems use either a public or a local caching DNS resolver.
That's a very bad idea when it comes to filter spam using DNS-based blackhole lists (DNSBL) or similar technics.
That's a very bad idea when it comes to filter spam using DNS-based black hole lists (DNSBL) or similar technics.
Most if not all providers apply a rate limit based on the DNS resolver that is used to query their service.
Using a public resolver like Googles 4x8, OpenDNS or any other shared DNS resolver like your ISPs will hit that limit very soon.