PMG 隔離信件預覽
因外面想要查看被隔離的信件內容方式,我是採用 Nginx 來搭配 PMG 服務來使用
解決程過
首先我們先在前面代理服務上增加服務的設定檔
server {
listen 80;
server_name 您的網域名稱;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
#
server {
# 使用 https 和 http/2 協定
listen 443 ssl http2;
# 上述的 IPv6 方式
listen [::]:443 ssl http2;
server_name 您的網域名稱;
#
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
#
# SSL 憑證證書路徑
ssl_certificate /etc/nginx/ssl/fullchain.pem;
# 私鑰路徑
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
# 緩存有效期
ssl_session_timeout 1d;
# 緩存憑證類型和大小
ssl_session_cache shared:SSL:50m;
#
# intermediate configuration. tweak to your needs.
#
# 使用的加密協定
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1;
# 加密演算法,越前面的優先級越高
ssl_ciphers 'TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5';
# 交握過程使用 Server 的首選加演算法,這裡使用 Client 為首選
ssl_prefer_server_ciphers on;
#
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
#
# 增加 http header
add_header Allow "GET, POST, HEAD, PUT, DELETE" always;
if ($request_method !~ ^(GET|POST|HEAD|PUT|DELETE)$) {
return 405;
}
#
access_log /var/log/nginx/pve_access.log;
error_log /var/log/nginx/pve_error.log;
#proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header PVEClientIP $remote_addr;
proxy_buffering off;
client_max_body_size 0;
proxy_connect_timeout 3600s;
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
send_timeout 3600s;
# proxy requests for static components
location ~ /proxmoxlib.js$|/favicon.ico$|/pve2/|/fontawesome/|/framework7/|/pwt/css/ {
proxy_pass https://指向服務位置:8006;
}
#
location /quarantine {
proxy_pass https://指向服務位置:8006;
}
#
location ~* \.(?:ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
proxy_pass https://指向服務位置:8006;
}
#
location /api2 {
location ~ /api2/(extjs|json|htmlmail)/(access/ticket$|version$) {
proxy_pass https://指向服務位置:8006;
}
location ~ /api2/(extjs|json|htmlmail)/nodes/.+/subscription$ {
proxy_pass https://指向服務位置:8006;
}
location ~ /api2/(extjs|json|htmlmail)/quarantine {
proxy_pass https://指向服務位置:8006;
}
}
return 403;
}
#
location / {
return 403;
}
}