在數位化溝通日益頻繁的今日,電子郵件依然是商務往來與個人溝通不可或缺的核心工具。當您厭倦了市面上免費信箱的廣告干擾、儲存空間限制以及對於個人隱私的擔憂時,「自建郵件伺服器」便成為一個極具吸引力的選項。而在眾多網頁郵件客戶端(Webmail)中,開源專案 Roundcube 以其現代化的介面與強大的功能,成為許多技術愛好者與中小企業的首選。
本文將為您深入介紹什麼是 Roundcube,並剖析為何「自建 Roundcube」會是您掌握數位通訊自主權的最佳起點。
什麼是 Roundcube?
Roundcube 是一款開源、免費的網頁郵件軟體。它本身不是一個完整的郵件伺服器,而是一個專業的「郵件客戶端」。您可以將它想像成一個功能強大、介面美觀的網站,專門用來登入並管理您在自己郵件伺服器上的信箱。
不同於需要安裝在電腦上的 Outlook 或 Thunderbird,Roundcube 透過瀏覽器即可操作,讓您隨時隨地都能輕鬆收發信件。它採用了現代化的網頁技術(AJAX),提供了流暢如桌面軟體般的使用體驗,例如拖曳郵件、即時搜尋等。
Roundcube 能夠與絕大多數支援 IMAP 和 SMTP 協議的郵件伺服器軟體(如 Postfix, Dovecot, hMailServer 等)完美配合,成為自建郵件系統中不可或缺的前端門面。
自建 Roundcube 的核心優勢
結合「自建郵件伺服器」與「Roundcube」將為您帶來以下無可比擬的優勢:
1. 數據自主權與無與倫比的隱私保障
這是自建郵件最核心的價值。當您使用大型科技公司提供的免費信箱時,您的郵件內容、聯絡人資訊,甚至是寄送行為都可能被用於廣告分析或其他的商業目的。透過自建郵件伺服器,您的所有郵件資料都儲存在您自己的硬體或您租用的雲端伺服器中。
- 完全掌控: 從硬體規格到軟體配置,一切由您決定,沒有人能窺探您的通訊內容。
- 杜絕廣告: 告別煩人的針對性廣告,享受純淨的郵件溝通體驗。
- 符合法規: 對於需要遵守特定資料保護規範(如 GDPR)的企業或個人,自建方案能確保資料落地與處理方式完全合規。
2. 高度的客製化與彈性
Roundcube 的開源特性賦予了它極高的彈性。您可以根據自身需求,打造獨一無二的郵件系統。
- 品牌化介面: 您可以輕易地修改登入頁面、Logo 與介面主題,打造符合個人風格或企業形象的專屬信箱。
- 豐富的插件生態系: Roundcube 擁有活躍的社群與大量的第三方插件。無論是需要兩步驟驗證(2FA)增強安全性、整合行事曆功能,或是連接雲端儲存,幾乎都能找到對應的解決方案。
- 無限的儲存空間: 您的信箱容量不再受限於服務商的方案。只要您的伺服器硬碟空間足夠,就能享受近乎無限的儲存空間,再也不必為了清理郵件而煩惱。
3. 現代化且友善的使用者介面
相較於一些功能同樣強大但介面過時的 Webmail 軟體,Roundcube 在使用者體驗上取得了絕佳的平衡。
- 直覺式操作: 採用類似桌面軟體的三欄式佈局,並支援郵件拖曳、對話式郵件列表等功能,讓使用者能快速上手。
- 跨裝置支援: Roundcube 的響應式設計(Responsive Design)使其在電腦、平板與手機上都能提供優良的瀏覽與操作體驗。
- 多國語言支援: 內建包含繁體中文在內的數十種語言,滿足不同地區使用者的需求。
4. 長遠來看更具成本效益
雖然初期需要投入時間與一定的硬體或伺服器租用成本,但對於擁有多個使用者或長期使用的情境下,自建方案往往更具經濟效益。
- 無使用者數量費用: 您可以在您的伺服器上建立任意數量的信箱帳號,無需像許多企業郵件服務那樣按人頭付費。
- 避免方案升級費用: 當需要更大空間或更多功能時,您只需升級您的硬體或安裝插件,而非被迫選擇更昂貴的服務方案。
結論
在雲端服務普及的時代,選擇「自建」意味著選擇了更高的自主權與控制力。自建 Roundcube 郵件服務,不僅僅是架設一個信箱那麼簡單,它更代表著您對個人數位資產的重視與保護。
它將郵件系統的核心——隱私與控制權——交還到您自己手中,同時藉由 Roundcube 這個強大而美觀的前端,提供了毫不遜色於商業服務的卓越使用體驗。如果您是一位追求極致隱私、熱愛客製化,並希望能完全掌控自己數位通訊的專業人士,那麼投入時間建置您專屬的 Roundcube 郵件服務,絕對是一項值得的投資。
第一步:更新作業系統套件
root@ubuntulab3:~# sudo apt update && sudo apt -y upgrade
第二步:安裝Apache Server
root@ubuntulab3:~# apt install -y apache2
第三步:安裝MariaDB
坑:若直接安裝MySQL,會發生密碼無限輪迴的情形,所以後面改用MariaDB比較穩定。
root@ubuntulab3:~# apt install -y mariadb-server mariadb-client
root@ubuntulab3:~# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we’ll need the current password for the root user. If you’ve just installed MariaDB, and haven’t set the root password yet, you should just press enter here.
Enter current password for root (enter for none): OK, successfully used password, moving on…
Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer ‘n’.
Switch to unix_socket authentication [Y/n] n … skipping.
You already have your root account protected, so you can safely answer ‘n’.
Change the root password? [Y/n] n … skipping.
By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment.
Remove anonymous users? [Y/n] Y … Success!
Normally, root should only be allowed to connect from ‘localhost’. This ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y … Success!
By default, MariaDB comes with a database named ‘test’ that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database… … Success!
- Removing privileges on test database… … Success!
Reloading the privilege tables will ensure that all changes made so far will take effect immediately.
Reload privilege tables now? [Y/n] Y … Success!
Cleaning up…
All done! If you’ve completed all of the above steps, your MariaDB installation should now be secure.
Thanks for using MariaDB!
第四步:建立資料庫測試
root@ubuntulab3:~# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 37
Server version: 10.6.7-MariaDB-2ubuntu1 Ubuntu 22.04
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
MariaDB [(none)]> CREATE database test_database;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> SHOW DATABASES;
+——————–+ | Database | +——————–+ | information_schema | | mysql | | performance_schema | | sys | | test_database | +——————–+ 5 rows in set (0.000 sec)
MariaDB [(none)]> CREATE USER ‘test_user’@’localhost’ IDENTIFIED BY ‘EXAMPLE_PASSWORD’;
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON test_database.* TO ‘test_user’@’localhost’;
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> EXIT;
Bye
第五步:安裝PHP Package
root@ubuntulab3:~# apt install -y php
root@ubuntulab3:~# apt install -y php-{common,mysql,xml,xmlrpc,curl,gd,imagick,cli,dev,imap,mbstring,opcache,soap,zip,intl}
root@ubuntulab3:~# systemctl restart apache2
root@ubuntulab3:~# systemctl status apache2
● apache2.service – The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-06-03 03:49:29 UTC; 6s ago Docs: https://httpd.apache.org/docs/2.4/ Process: 38778 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS) Main PID: 38782 (apache2) Tasks: 6 (limit: 4538) Memory: 17.9M CPU: 93ms CGroup: /system.slice/apache2.service ├─38782 /usr/sbin/apache2 -k start ├─38783 /usr/sbin/apache2 -k start ├─38784 /usr/sbin/apache2 -k start ├─38785 /usr/sbin/apache2 -k start ├─38786 /usr/sbin/apache2 -k start └─38787 /usr/sbin/apache2 -k start
Jun 03 03:49:29 ubuntulab3 systemd[1]: Starting The Apache HTTP Server…
Jun 03 03:49:29 ubuntulab3 apachectl[38781]: AH00558: apache2: Could not reliably determine the server’s fully qualifie>Jun 03 03:49:29 ubuntulab3 systemd[1]: Started The Apache HTTP Server.
…skipping…
Invalid mark letter (press RETURN)
root@ubuntulab3:~# nano /var/www/html/info.php
<?php
phpinfo();?>
root@ubuntulab3:~# nano /var/www/html/database_test.php
<?php
$conn = new mysqli(‘localhost’, ‘test_user’, ‘EXAMPLE_PASSWORD’, ‘test_database’);
if ($conn->connect_error) { die(“Database connection failed: “ . $conn->connect_error); }
echo “Database connection was successful”;
root@ubuntulab3:~# root@ubuntulab3:~# sudo snap install core
core 16-2.55.5 from Canonical✓ installed
root@ubuntulab3:~# nano /etc/apache2/sites-available/000-default.conf
ServerAdmin mark@mail.lab.nkust.edu.tw ServerName www.lab.nkust.edu.tw DocumentRoot /var/www/html
root@ubuntulab3:~# root@ubuntulab3:~# systemctl reload apache2
root@ubuntulab3:~# systemctl restart apache2
root@ubuntulab3:~# systemctl restart apache2
root@ubuntulab3:~# apache2ctl configtest
AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1. Set the ‘ServerName’ directive globally to suppress this message Syntax OK
root@ubuntulab3:~# ll /etc/apache2/conf-available/
total 28 drwxr-xr-x 2 root root 4096 Jun 3 03:44 ./ drwxr-xr-x 8 root root 4096 Jun 3 03:44 ../ -rw-r–r– 1 root root 315 Mar 23 02:00 charset.conf -rw-r–r– 1 root root 3224 Mar 23 02:00 localized-error-pages.conf -rw-r–r– 1 root root 189 Mar 23 02:00 other-vhosts-access-log.conf -rw-r–r– 1 root root 2174 Mar 23 02:00 security.conf -rw-r–r– 1 root root 455 Mar 23 02:00 serve-cgi-bin.conf
第六步:自簽CA
root@ubuntulab3:~# nano /etc/apache2/conf-available/servername.conf
root@ubuntulab3:~# a2enconf servername
Enabling conf servername. To activate the new configuration, you need to run: systemctl reload apache2
root@ubuntulab3:~# a2enconf servername
Conf servername already enabled
root@ubuntulab3:~# systemctl reload apache2
root@ubuntulab3:~# apache2ctl configtest
Syntax OK
root@ubuntulab3:~# a2enmod ssl
Considering dependency setenvif for ssl: Module setenvif already enabled Considering dependency mime for ssl: Module mime already enabled Considering dependency socache_shmcb for ssl: Enabling module socache_shmcb. Enabling module ssl. See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates. To activate the new configuration, you need to run: systemctl restart apache2
root@ubuntulab3:~# systemctl restart apache2
root@ubuntulab3:~# openssl genrsa -des3 -out server.key 2048
Enter PEM pass phrase: Verifying – Enter PEM pass phrase:
root@ubuntulab3:~# ll total 40 drwx—— 5 root root 4096 Jun 3 03:54 ./ drwxr-xr-x 19 root root 4096 Jun 3 03:35 ../ -rw-r–r– 1 root root 3106 Oct 15 2021 .bashrc -rw——- 1 root root 20 Jun 3 03:49 .lesshst drwxr-xr-x 3 root root 4096 Jun 3 03:49 .local/ -rw——- 1 root root 267 Jun 3 03:47 .mysql_history -rw-r–r– 1 root root 161 Jul 9 2019 .profile -rw——- 1 root root 1854 Jun 3 03:54 server.key drwx—— 3 root root 4096 Jun 3 03:36 snap/ drwx—— 2 root root 4096 Jun 3 03:36 .ssh/
root@ubuntulab3:~# openssl rsa -in server.key -out server.key.insecure
Enter pass phrase for server.key: writing RSA key
root@ubuntulab3:~# ll
total 44 drwx—— 5 root root 4096 Jun 3 03:54 ./ drwxr-xr-x 19 root root 4096 Jun 3 03:35 ../ -rw-r–r– 1 root root 3106 Oct 15 2021 .bashrc -rw——- 1 root root 20 Jun 3 03:49 .lesshst drwxr-xr-x 3 root root 4096 Jun 3 03:49 .local/ -rw——- 1 root root 267 Jun 3 03:47 .mysql_history -rw-r–r– 1 root root 161 Jul 9 2019 .profile -rw——- 1 root root 1854 Jun 3 03:54 server.key -rw——- 1 root root 1704 Jun 3 03:54 server.key.insecure drwx—— 3 root root 4096 Jun 3 03:36 snap/ drwx—— 2 root root 4096 Jun 3 03:36 .ssh/
root@ubuntulab3:~# mv server.key server.key.secure
root@ubuntulab3:~# mv server.key.insecure server.key
root@ubuntulab3:~# ll
total 44 drwx—— 5 root root 4096 Jun 3 03:55 ./ drwxr-xr-x 19 root root 4096 Jun 3 03:35 ../ -rw-r–r– 1 root root 3106 Oct 15 2021 .bashrc -rw——- 1 root root 20 Jun 3 03:49 .lesshst drwxr-xr-x 3 root root 4096 Jun 3 03:49 .local/ -rw——- 1 root root 267 Jun 3 03:47 .mysql_history -rw-r–r– 1 root root 161 Jul 9 2019 .profile -rw——- 1 root root 1704 Jun 3 03:54 server.key -rw——- 1 root root 1854 Jun 3 03:54 server.key.secure drwx—— 3 root root 4096 Jun 3 03:36 snap/ drwx—— 2 root root 4096 Jun 3 03:36 .ssh/
root@ubuntulab3:~# openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.’, the field will be left blank. —– Country Name (2 letter code) [AU]:TW State or Province Name (full name) [Some-State]:Kaohsiung Locality Name (eg, city) []:Yanchao Organization Name (eg, company) [Internet Widgits Pty Ltd]:NKUST Organizational Unit Name (eg, section) []:MIS Common Name (e.g. server FQDN or YOUR name) []:www.lab.nkust.edu.tw Email Address []:mark@mail.lab.nkust.edu.tw
Please enter the following ‘extra’ attributes to be sent with your certificate request A challenge password []:!Mk23161611 An optional company name []:NKUST
root@ubuntulab3:~# ll
total 48 drwx—— 5 root root 4096 Jun 3 03:56 ./ drwxr-xr-x 19 root root 4096 Jun 3 03:35 ../ -rw-r–r– 1 root root 3106 Oct 15 2021 .bashrc -rw——- 1 root root 20 Jun 3 03:49 .lesshst drwxr-xr-x 3 root root 4096 Jun 3 03:49 .local/ -rw——- 1 root root 267 Jun 3 03:47 .mysql_history -rw-r–r– 1 root root 161 Jul 9 2019 .profile -rw-r–r– 1 root root 1143 Jun 3 03:56 server.csr -rw——- 1 root root 1704 Jun 3 03:54 server.key -rw——- 1 root root 1854 Jun 3 03:54 server.key.secure drwx—— 3 root root 4096 Jun 3 03:36 snap/ drwx—— 2 root root 4096 Jun 3 03:36 .ssh/
root@ubuntulab3:~# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Certificate request self-signature ok subject=C = TW, ST = Kaohsiung, L = Yanchao, O = NKUST, OU = MIS, CN = www.lab.nkust.edu.tw, emailAddress = mark@mail.lab.nkust.edu.tw
root@ubuntulab3:~# ll
total 52 drwx—— 5 root root 4096 Jun 3 03:56 ./ drwxr-xr-x 19 root root 4096 Jun 3 03:35 ../ -rw-r–r– 1 root root 3106 Oct 15 2021 .bashrc -rw——- 1 root root 20 Jun 3 03:49 .lesshst drwxr-xr-x 3 root root 4096 Jun 3 03:49 .local/ -rw——- 1 root root 267 Jun 3 03:47 .mysql_history -rw-r–r– 1 root root 161 Jul 9 2019 .profile -rw-r–r– 1 root root 1359 Jun 3 03:56 server.crt -rw-r–r– 1 root root 1143 Jun 3 03:56 server.csr -rw——- 1 root root 1704 Jun 3 03:54 server.key -rw——- 1 root root 1854 Jun 3 03:54 server.key.secure drwx—— 3 root root 4096 Jun 3 03:36 snap/ drwx—— 2 root root 4096 Jun 3 03:36 .ssh/
root@ubuntulab3:~# cp server.crt /etc/ssl/certs
root@ubuntulab3:~# ll /etc/ssl/certs/server.crt
-rw-r–r– 1 root root 1359 Jun 3 03:56 /etc/ssl/certs/server.crt
root@ubuntulab3:~# cp server.key /etc/ssl/private
root@ubuntulab3:~# ll /etc/ssl/private/server.key -rw——- 1 root root 1704 Jun 3 03:57 /etc/ssl/private/server.key
root@ubuntulab3:~# nano /etc/apache2/sites-available/default-ssl.conf
ServerAdmin mark@mail.lab.nkust.edu.tw
ServerName lab.nkust.edu.tw
Alias /mail /usr/share/roundcube
DocumentRoot /var/www/html
root@ubuntulab3:~# root@ubuntulab3:~#
root@ubuntulab3:~# nano /etc/apache2/sites-available/default-ssl.conf
ServerAdmin mark@mail.lab.nkust.edu.tw
DocumentRoot /var/www/html/
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
root@ubuntulab3:~# root@ubuntulab3:~# a2ensite default-ssl.conf
Enabling site default-ssl. To activate the new configuration, you need to run: systemctl reload apache2
root@ubuntulab3:~# systemctl reload apache2
root@ubuntulab3:~# systemctl restart apache2
root@ubuntulab3:~# apache2ctl configtest
Syntax OK
root@ubuntulab3:~# root@ubuntulab3:~# mkdir /etc/ssl/CA
root@ubuntulab3:~# mkdir /etc/ssl/newcerts
root@ubuntulab3:~# ll /etc/ssl/CA/
total 8 drwxr-xr-x 2 root root 4096 Jun 3 04:00 ./ drwxr-xr-x 6 root root 4096 Jun 3 04:00 ../
root@ubuntulab3:~# sh -c “echo ‘01’ > /etc/ssl/CA/serial”
root@ubuntulab3:~# ll /etc/ssl/CA/
total 12 drwxr-xr-x 2 root root 4096 Jun 3 04:01 ./ drwxr-xr-x 6 root root 4096 Jun 3 04:00 ../ -rw-r–r– 1 root root 3 Jun 3 04:01 serial
root@ubuntulab3:~# cat /etc/ssl/CA/serial 01
root@ubuntulab3:~# touch /etc/ssl/CA/index.txt
root@ubuntulab3:~# ll /etc/ssl/CA/
total 12 drwxr-xr-x 2 root root 4096 Jun 3 04:01 ./ drwxr-xr-x 6 root root 4096 Jun 3 04:00 ../ -rw-r–r– 1 root root 0 Jun 3 04:01 index.txt -rw-r–r– 1 root root 3 Jun 3 04:01 serial
root@ubuntulab3:~# cat /etc/ssl/CA/index.txt
root@ubuntulab3:~# nano /etc/ssl/openssl.cnf
[ CA_default ]
dir = /etc/ssl # Where everything is kept certs = dir/certs # Where the issued certs are kept crl_dir =dir/crl # Where the issued crl are kept database = dir/CA/index.txt # database index file. #unique_subject = no # Set to ‘no’ to allow creation of # several certs with same subject. new_certs_dir =dir/newcerts # default place for new certs.
certificate = dir/certs/cacert.pem # The CA certificate serial =dir/CA/serial # The current serial number crlnumber = dir/crlnumber # the current crl number # must be commented out to leave a V1 CRL crl =dir/crl.pem # The current CRL private_key = $dir/private/cakey.pem# The private key
x509_extensions = usr_cert # The extensions to add to the cert
root@ubuntulab3:~# root@ubuntulab3:~# openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
..+.+…..+.+………..+…+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.+………+……..+……….+……..+…+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.+…….+…..+.+..+.+…..+….+..+………+……+.+…..+…….+..+…+……….+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++…+.+…..+……+…….+…..+……….+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++..+………….+……+………+…..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Enter PEM pass phrase: Verifying – Enter PEM pass phrase: —– You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.’, the field will be left blank. —– Country Name (2 letter code) [AU]:TW State or Province Name (full name) [Some-State]:Kaohsiung Locality Name (eg, city) []:Yanchao Organization Name (eg, company) [Internet Widgits Pty Ltd]:NKUST Organizational Unit Name (eg, section) []:MIS Common Name (e.g. server FQDN or YOUR name) []:www.lab.nkust.edu.tw Email Address []:mark@mail.lab.nkust.edu.tw
root@ubuntulab3:~# ll
total 60 drwx—— 5 root root 4096 Jun 3 04:03 ./ drwxr-xr-x 19 root root 4096 Jun 3 03:35 ../ -rw-r–r– 1 root root 3106 Oct 15 2021 .bashrc -rw-r–r– 1 root root 1480 Jun 3 04:03 cacert.pem -rw——- 1 root root 1854 Jun 3 04:03 cakey.pem -rw——- 1 root root 20 Jun 3 03:49 .lesshst drwxr-xr-x 3 root root 4096 Jun 3 03:49 .local/ -rw——- 1 root root 267 Jun 3 03:47 .mysql_history -rw-r–r– 1 root root 161 Jul 9 2019 .profile -rw-r–r– 1 root root 1359 Jun 3 03:56 server.crt -rw-r–r– 1 root root 1143 Jun 3 03:56 server.csr -rw——- 1 root root 1704 Jun 3 03:54 server.key -rw——- 1 root root 1854 Jun 3 03:54 server.key.secure drwx—— 3 root root 4096 Jun 3 03:36 snap/ drwx—— 2 root root 4096 Jun 3 03:36 .ssh/
root@ubuntulab3:~# mv cakey.pem /etc/ssl/private/
root@ubuntulab3:~# ll /etc/ssl/private/cakey.pem
-rw——- 1 root root 1854 Jun 3 04:03 /etc/ssl/private/cakey.pem
root@ubuntulab3:~# mv cacert.pem /etc/ssl/certs/
root@ubuntulab3:~# ll /etc/ssl/certs/cacert.pem
-rw-r–r– 1 root root 1480 Jun 3 04:03 /etc/ssl/certs/cacert.pem
root@ubuntulab3:~# ll
total 52 drwx—— 5 root root 4096 Jun 3 04:03 ./ drwxr-xr-x 19 root root 4096 Jun 3 03:35 ../ -rw-r–r– 1 root root 3106 Oct 15 2021 .bashrc -rw——- 1 root root 20 Jun 3 03:49 .lesshst drwxr-xr-x 3 root root 4096 Jun 3 03:49 .local/ -rw——- 1 root root 267 Jun 3 03:47 .mysql_history -rw-r–r– 1 root root 161 Jul 9 2019 .profile -rw-r–r– 1 root root 1359 Jun 3 03:56 server.crt -rw-r–r– 1 root root 1143 Jun 3 03:56 server.csr -rw——- 1 root root 1704 Jun 3 03:54 server.key -rw——- 1 root root 1854 Jun 3 03:54 server.key.secure drwx—— 3 root root 4096 Jun 3 03:36 snap/ drwx—— 2 root root 4096 Jun 3 03:36 .ssh/
root@ubuntulab3:~# openssl ca -in server.csr -config /etc/ssl/openssl.cnf Using configuration from /etc/ssl/openssl.cnf Enter pass phrase for /etc/ssl/private/cakey.pem: Check that the request matches the signature Signature ok Certificate Details: Serial Number: 1 (0x1) Validity Not Before: Jun 3 04:04:36 2022 GMT Not After : Jun 3 04:04:36 2023 GMT Subject: countryName = TW stateOrProvinceName = Kaohsiung organizationName = NKUST organizationalUnitName = MIS commonName = www.lab.nkust.edu.tw emailAddress = mark@mail.lab.nkust.edu.tw X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Subject Key Identifier: B0:CF:3E:AF:5F:79:00:A4:5C:05:6C:1C:AA:E8:CC:A4:8B:F1:D5:BF X509v3 Authority Key Identifier: 82:F3:67:15:2A:7B:8D:E0:84:80:9E:58:AA:20:F9:B9:BE:FF:FE:30 Certificate is to be certified until Jun 3 04:04:36 2023 GMT (365 days) Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha256WithRSAEncryption Issuer: C=TW, ST=Kaohsiung, L=Yanchao, O=NKUST, OU=MIS, CN=www.lab.nkust.edu.tw/emailAddress=mark@mail.lab.nkust.edu.tw Validity Not Before: Jun 3 04:04:36 2022 GMT Not After : Jun 3 04:04:36 2023 GMT Subject: C=TW, ST=Kaohsiung, O=NKUST, OU=MIS, CN=www.lab.nkust.edu.tw/emailAddress=mark@mail.lab.nkust.edu.tw Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:85:24:9e:47:5c:74:ca:47:76:45:f6:31:f6:22: 64:8e:10:13:92:30:c7:9b:83:d4:61:39:1e:ed:65: 43:91:3b:58:53:85:8b:42:8e:da:e0:e4:b1:69:5a: 2f:da:9f:ab:17:ae:7b:cb:fb:d5:5e:cb:8b:0a:81: 29:fe:57:13:60:56:53:72:23:78:88:e5:c0:7d:f3: 6f:b2:83:bc:29:d9:32:00:41:ac:b4:44:cd:6f:b5: ac:7b:61:48:55:be:00:6c:e0:14:66:80:dc:9a:43: a0:76:a4:58:33:8f:37:d5:41:78:a8:45:e6:84:19: 3b:04:8b:1a:d2:34:15:53:77:52:52:2e:41:c1:85: dd:87:0f:2e:10:db:ef:1a:fe:a2:20:e7:64:6d:c9: 0f:86:4a:cc:1d:c1:70:bb:f0:98:80:7e:ea:e2:14: fc:d9:96:4e:b7:f9:50:be:a2:c1:94:0f:0a:bb:f1: 9e:9d:de:ba:6f:e3:3f:9c:27:41:e3:f4:8b:6f:62: e9:f8:43:84:61:55:e9:d9:1d:bc:9f:c0:2d:6a:29: 60:07:7f:46:aa:f6:6b:1c:6f:73:bc:e5:7a:5a:16: 5c:af:36:2a:b2:64:77:ba:69:a3:27:e6:2f:2a:c8: ca:08:27:4c:04:e3:ee:5e:96:d5:2c:a7:00:71:f8: 81:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Subject Key Identifier: B0:CF:3E:AF:5F:79:00:A4:5C:05:6C:1C:AA:E8:CC:A4:8B:F1:D5:BF X509v3 Authority Key Identifier: 82:F3:67:15:2A:7B:8D:E0:84:80:9E:58:AA:20:F9:B9:BE:FF:FE:30 Signature Algorithm: sha256WithRSAEncryption Signature Value: 55:3b:7f:4d:e0:1c:08:5a:84:19:df:2c:7e:c4:42:c3:a1:5b: ae:3c:0b:dd:16:d5:3e:e7:6b:0c:ca:d6:44:a3:8d:2b:0d:32: a4:12:e4:eb:de:cc:32:ce:2b:08:15:c4:49:77:0c:7b:4a:ce: 06:9c:fb:b1:65:6d:c9:1f:1a:72:bf:7d:c7:13:20:64:a5:12: c3:d5:48:e2:d6:e2:96:43:c4:29:2b:14:a8:98:d7:97:2e:d7: 56:08:05:d1:3d:13:f7:23:d3:c7:67:04:46:86:6f:b7:a2:55: 87:4e:06:51:9b:09:d5:5e:a8:56:c9:af:4a:e2:bf:12:82:08: 59:cb:00:e3:5e:e8:bb:fe:af:43:62:e9:b9:1c:24:61:f6:ea: 59:6b:d1:87:eb:2f:83:94:ac:bf:cd:5b:42:57:fa:30:75:e2: 49:aa:c0:20:bb:a6:2b:e4:ce:9b:45:7f:fa:21:f9:87:fa:b3: a4:1e:ce:cb:05:5b:80:95:18:e3:97:1e:cf:74:eb:b2:b8:61: f8:2b:ea:44:1d:03:25:f0:db:48:2c:b8:25:ff:b3:b8:1a:6c: 86:24:77:21:c1:5a:07:dc:76:0d:ed:96:56:9d:6b:2a:a2:6f: 27:b5:92:87:44:ff:e9:87:44:75:7d:aa:50:e6:75:be:9e:4a: d8:a7:bb:04 —–BEGIN CERTIFICATE—– MIID7jCCAtagAwIBAgIBATANBgkqhkiG9w0BAQsFADCBmzELMAkGA1UEBhMCVFcx EjAQBgNVBAgMCUthb2hzaXVuZzEQMA4GA1UEBwwHWWFuY2hhbzEOMAwGA1UECgwF TktVU1QxDDAKBgNVBAsMA01JUzEdMBsGA1UEAwwUd3d3LmxhYi5ua3VzdC5lZHUu dHcxKTAnBgkqhkiG9w0BCQEWGm1hcmtAbWFpbC5sYWIubmt1c3QuZWR1LnR3MB4X DTIyMDYwMzA0MDQzNloXDTIzMDYwMzA0MDQzNlowgYkxCzAJBgNVBAYTAlRXMRIw EAYDVQQIDAlLYW9oc2l1bmcxDjAMBgNVBAoMBU5LVVNUMQwwCgYDVQQLDANNSVMx HTAbBgNVBAMMFHd3dy5sYWIubmt1c3QuZWR1LnR3MSkwJwYJKoZIhvcNAQkBFhpt YXJrQG1haWwubGFiLm5rdXN0LmVkdS50dzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAIUknkdcdMpHdkX2MfYiZI4QE5Iwx5uD1GE5Hu1lQ5E7WFOFi0KO 2uDksWlaL9qfqxeue8v71V7LiwqBKf5XE2BWU3IjeIjlwH3zb7KDvCnZMgBBrLRE zW+1rHthSFW+AGzgFGaA3JpDoHakWDOPN9VBeKhF5oQZOwSLGtI0FVN3UlIuQcGF 3YcPLhDb7xr+oiDnZG3JD4ZKzB3BcLvwmIB+6uIU/NmWTrf5UL6iwZQPCrvxnp3e um/jP5wnQeP0i29i6fhDhGFV6dkdvJ/ALWopYAd/Rqr2axxvc7zleloWXK82KrJk d7ppoyfmLyrIyggnTATj7l6W1SynAHH4gc8CAwEAAaNNMEswCQYDVR0TBAIwADAd BgNVHQ4EFgQUsM8+r195AKRcBWwcqujMpIvx1b8wHwYDVR0jBBgwFoAUgvNnFSp7 jeCEgJ5YqiD5ub7//jAwDQYJKoZIhvcNAQELBQADggEBAFU7f03gHAhahBnfLH7E QsOhW648C90W1T7nawzK1kSjjSsNMqQS5OvezDLOKwgVxEl3DHtKzgac+7Flbckf GnK/fccTIGSlEsPVSOLW4pZDxCkrFKiY15cu11YIBdE9E/cj08dnBEaGb7eiVYdO BlGbCdVeqFbJr0rivxKCCFnLAONe6Lv+r0Ni6bkcJGH26llr0YfrL4OUrL/NW0JX +jB14kmqwCC7pivkzptFf/oh+Yf6s6QezssFW4CVGOOXHs9067K4Yfgr6kQdAyXw 20gsuCX/s7gabIYkdyHBWgfcdg3tlladayqibye1kodE/+mHRHV9qlDmdb6eStin uwQ= —–END CERTIFICATE—– Data Base Updated root@ubuntulab3:~# ll /etc/ssl/newcerts/ total 16 drwxr-xr-x 2 root root 4096 Jun 3 04:04 ./ drwxr-xr-x 6 root root 4096 Jun 3 04:02 ../ -rw-r–r– 1 root root 4557 Jun 3 04:04 01.pem root@ubuntulab3:~# nano www.lab.nkust.edu.tw.crt
root@ubuntulab3:~# root@ubuntulab3:~# ll
total 56 drwx—— 5 root root 4096 Jun 3 04:05 ./ drwxr-xr-x 19 root root 4096 Jun 3 03:35 ../ -rw-r–r– 1 root root 3106 Oct 15 2021 .bashrc -rw——- 1 root root 20 Jun 3 03:49 .lesshst drwxr-xr-x 3 root root 4096 Jun 3 03:49 .local/ -rw——- 1 root root 267 Jun 3 03:47 .mysql_history -rw-r–r– 1 root root 161 Jul 9 2019 .profile -rw-r–r– 1 root root 1359 Jun 3 03:56 server.crt -rw-r–r– 1 root root 1143 Jun 3 03:56 server.csr -rw——- 1 root root 1704 Jun 3 03:54 server.key -rw——- 1 root root 1854 Jun 3 03:54 server.key.secure drwx—— 3 root root 4096 Jun 3 03:36 snap/ drwx—— 2 root root 4096 Jun 3 03:36 .ssh/ -rw-r–r– 1 root root 1425 Jun 3 04:05 www.lab.nkust.edu.tw.crt
root@ubuntulab3:~# mv www.lab.nkust.edu.tw.crt /etc/ssl/certs/
root@ubuntulab3:~# ll /etc/ssl/certs/www.lab.nkust.edu.tw.crt
-rw-r–r– 1 root root 1425 Jun 3 04:05 /etc/ssl/certs/www.lab.nkust.edu.tw.crt
root@ubuntulab3:~# ll /etc/ssl/certs/cacert.pem -rw-r–r– 1 root root 1480 Jun 3 04:03 /etc/ssl/certs/cacert.pem
root@ubuntulab3:~# nano /etc/apache2/sites-available/default-ssl.conf
SSLCACertificatePath /etc/ssl/certs/
SSLCACertificateFile /etc/ssl/certs/cacert.pem
root@ubuntulab3:~# root@ubuntulab3:~# snap install core snap “core” is already installed, see ‘snap help refresh’
root@ubuntulab3:~# snap refresh core snap “core” has no updates available
root@ubuntulab3:~# apt-get remove certbot Reading package lists… Done Building dependency tree… Done Reading state information… Done Package ‘certbot’ is not installed, so not removed 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@ubuntulab3:~# snap install –classic certbot certbot 1.27.0 from Certbot Project (certbot-eff✓) installed
root@ubuntulab3:~# ln -s /snap/bin/certbot /usr/bin/certbot
root@ubuntulab3:~# certbot –apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to cancel): mark@mail.lab.nkust.edu.tw
Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server. Do you agree?
(Y)es/(N)o: Y
Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let’s Encrypt project and the non-profit organization that develops Certbot? We’d like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom.
(Y)es/(N)o: Y Account registered.
Which names would you like to activate HTTPS for?
1: www.lab.nkust.edu.tw
Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter ‘c’ to cancel): 1 Requesting a certificate for www.lab.nkust.edu.tw
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems: Domain: www.lab.nkust.edu.tw Type: dns Detail: DNS problem: NXDOMAIN looking up A for www.lab.nkust.edu.tw – check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for www.lab.nkust.edu.tw – check that a DNS record exists for this domain
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. root@ubuntulab3:~# systemctl list-timers | grep ‘certbot|ACTIVATES’ NEXT LEFT LAST PASSED UNIT ACTIVATES Fri 2022-06-03 22:21:00 UTC 18h left n/a n/a snap.certbot.renew.timer snap.certbot.renew.service root@ubuntulab3:~# ls -l /etc/cron.d/certbot ls: cannot access ‘/etc/cron.d/certbot’: No such file or directory root@ubuntulab3:~# certbot renew –dry-run Saving debug log to /var/log/letsencrypt/letsencrypt.log
No simulated renewals were attempted.
root@ubuntulab3:~# apt install -y postfix
root@ubuntulab3:~# mv /etc/postfix/main.cf /etc/postfix/main.cf.bk
root@ubuntulab3:~# nano /etc/postfix/main.cf smtpd_banner = myhostnameESMTPmail_name biff = no append_dot_mydomain = no readme_directory = no
TLS parameters
smtp_use_tls = yes #smtp_tls_security_level = may #smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_use_tls = yes #smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache #smtpd_tls_cert_file = /etc/letsencrypt/live/lab.nkust.edu.tw/fullchain.pem #smtpd_tls_key_file = /etc/letsencrypt/live/lab.nkust.edu.tw/privkey.pem smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth
virtual_transport = lmtp:unix:private/dovecot-lmtp virtual_mailbox_domains = /etc/postfix/virtual_mailbox_domains
myhostname = mail.lab.nkust.edu.tw myorigin = /etc/mailname mydestination = localhost.$mydomain, localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.1.0/24 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases
root@ubuntulab3:~# root@ubuntulab3:~# nano /etc/postfix/main.cf root@ubuntulab3:~# root@ubuntulab3:~# service postfix restart root@ubuntulab3:~# service postfix status ● postfix.service – Postfix Mail Transport Agent Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor preset: enabled) Active: active (exited) since Fri 2022-06-03 04:15:50 UTC; 5s ago Docs: man:postfix(1) Process: 40935 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 40935 (code=exited, status=0/SUCCESS) CPU: 2ms
Jun 03 04:15:50 ubuntulab3 systemd[1]: Starting Postfix Mail Transport Agent… Jun 03 04:15:50 ubuntulab3 systemd[1]: Finished Postfix Mail Transport Agent. root@ubuntulab3:~# netstat -tlunp | grep :25 Command ‘netstat’ not found, but can be installed with: apt install net-tools
root@ubuntulab3:~# apt install net-tools
root@ubuntulab3:~# nano /etc/postfix/virtual_mailbox_domains lab.nkust.edu.tw #domain
root@ubuntulab3:~# root@ubuntulab3:~# postmap /etc/postfix/virtual_mailbox_domains
root@ubuntulab3:~# nano /etc/postfix/master.cf
smtp inet n – y – – smtpd submission inet n – y – – smtpd
root@ubuntulab3:~# root@ubuntulab3:~# apt install -y dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd
root@ubuntulab3:~# nano /etc/dovecot/conf.d/10-mail.conf
mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_location = maildir:/var/mail/vhosts/%d/%n
root@ubuntulab3:~# root@ubuntulab3:~# mkdir -p /var/mail/vhosts/lab.nkust.edu.tw
root@ubuntulab3:~# groupadd -g 5000 vmail
root@ubuntulab3:~# useradd -r -g vmail -u 5000 vmail -d /var/mail/vhosts -c “virtual mail user”
root@ubuntulab3:~# chown -R vmail:vmail /var/mail/vhosts/
root@ubuntulab3:~# nano /etc/dovecot/conf.d/10-master.conf
inet_listener imaps { port = 993 ssl = yes }
inet_listener pop3s { port = 995 ssl = yes }
unix_listener lmtp { #mode = 0666 }
unix_listener /var/spool/postfix/private/dovecot-lmtp { mode = 0600 user = postfix group = postfix }
unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix }
Postfix smtp-auth
#unix_listener /var/spool/postfix/private/auth {
mode = 0666
#} #Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix }
root@ubuntulab3:~# root@ubuntulab3:~# nano /etc/dovecot/conf.d/10-auth.conf
root@ubuntulab3:~# root@ubuntulab3:~# nano /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = yes
auth_mechanisms = plain login
#!include auth-system.conf.ext #!include auth-sql.conf.ext #!include auth-ldap.conf.ext !include auth-passwdfile.conf.ext #!include auth-checkpassword.conf.ext #!include auth-static.conf.ext
root@ubuntulab3:~# root@ubuntulab3:~# nano /etc/dovecot/conf.d/auth-passwdfile.conf.ext passdb { driver = passwd-file args = scheme=PLAIN username_format=%u /etc/dovecot/dovecot-users }
userdb { driver = static args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
args = username_format=%u /etc/dovecot/users
# Default fields that can be overridden by passwd-file #default_fields = quota_rule=*:storage=1G
# Override fields from passwd-file #override_fields = home=/home/virtual/%u }
root@ubuntulab3:~# root@ubuntulab3:~# nano /etc/dovecot/dovecot-users
admin@lab.nkust.edu.tw:{plain}EXAMPLE_PASSWORD info@lab.nkust.edu.tw:{plain}EXAMPLE_PASSWORD billing@lab.nkust.edu.tw:{plain}EXAMPLE_PASSWORD mark@lab.nkust.edu.tw:{plain}EXAMPLE_PASSWORD
root@ubuntulab3:~# root@ubuntulab3:~# nano /etc/dovecot/conf.d/10-ssl.conf
root@ubuntulab3:~# nano /etc/dovecot/conf.d/10-ssl.conf
ssl = no
root@ubuntulab3:~# service postfix restart
root@ubuntulab3:~# service dovecot restart
root@ubuntulab3:~# service dovecot status ● dovecot.service – Dovecot IMAP/POP3 email server Loaded: loaded (/lib/systemd/system/dovecot.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-06-03 04:26:52 UTC; 3s ago Docs: man:dovecot(1) https://doc.dovecot.org/ Main PID: 45056 (dovecot) Status: “v2.3.16 (7e2e900c1a) running” Tasks: 4 (limit: 4538) Memory: 3.3M CPU: 40ms CGroup: /system.slice/dovecot.service ├─45056 /usr/sbin/dovecot -F ├─45057 dovecot/anvil ├─45058 dovecot/log └─45059 dovecot/config
Jun 03 04:26:52 ubuntulab3 systemd[1]: Starting Dovecot IMAP/POP3 email server… Jun 03 04:26:52 ubuntulab3 dovecot[45056]: master: Dovecot v2.3.16 (7e2e900c1a) starting up >Jun 03 04:26:52 ubuntulab3 systemd[1]: Started Dovecot IMAP/POP3 email server. …skipping…
^C root@ubuntulab3:~# service postfix status
● postfix.service – Postfix Mail Transport Agent Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor preset: enabled) Active: active (exited) since Fri 2022-06-03 04:26:43 UTC; 26s ago Docs: man:postfix(1) Process: 45045 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 45045 (code=exited, status=0/SUCCESS) CPU: 2ms
Jun 03 04:26:43 ubuntulab3 systemd[1]: Starting Postfix Mail Transport Agent… Jun 03 04:26:43 ubuntulab3 systemd[1]: Finished Postfix Mail Transport Agent.
root@ubuntulab3:~# ^C
root@ubuntulab3:~# apt install -y roundcube
root@ubuntulab3:~# nano /etc/apache2/sites-enabled/lab.nkust.edu.tw-le-ssl.conf
root@ubuntulab3:~# cat /etc/apache2/sites-enabled/ cat: /etc/apache2/sites-enabled/: Is a directory
root@ubuntulab3:~# ll /etc/apache2/sites-enabled/ total 8 drwxr-xr-x 2 root root 4096 Jun 3 04:40 ./ drwxr-xr-x 8 root root 4096 Jun 3 04:09 ../ lrwxrwxrwx 1 root root 35 Jun 3 03:44 000-default.conf -> ../sites-available/000-default.conf lrwxrwxrwx 1 root root 35 Jun 3 03:58 default-ssl.conf -> ../sites-available/default-ssl.conf
root@ubuntulab3:~# nano /etc/apache2/sites-enabled/default-ssl.conf ServerAdmin mark@mail.lab.nkust.edu.tw ServerName lab.nkust.edu.tw Alias /mail /usr/share/roundcube DocumentRoot /var/www/html
root@ubuntulab3:~# root@ubuntulab3:~# service apache2 restart
root@ubuntulab3:~# service apache2 status ● apache2.service – The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-06-03 04:42:40 UTC; 4s ago Docs: https://httpd.apache.org/docs/2.4/ Process: 46896 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS) Main PID: 46901 (apache2) Tasks: 6 (limit: 4538) Memory: 17.0M CPU: 463ms CGroup: /system.slice/apache2.service ├─46901 /usr/sbin/apache2 -k start ├─46902 /usr/sbin/apache2 -k start ├─46903 /usr/sbin/apache2 -k start ├─46904 /usr/sbin/apache2 -k start ├─46905 /usr/sbin/apache2 -k start └─46906 /usr/sbin/apache2 -k start
Jun 03 04:42:40 ubuntulab3 systemd[1]: Starting The Apache HTTP Server… Jun 03 04:42:40 ubuntulab3 systemd[1]: Started The Apache HTTP Server.
root@ubuntulab3:~# nmap 192.168.1.104 Command ‘nmap’ not found, but can be installed with: apt install nmap
root@ubuntulab3:~# apt install nmap
root@ubuntulab3:~# nmap 192.168.1.104 Starting Nmap 7.80 ( https://nmap.org ) at 2022-06-03 04:48 UTC Nmap scan report for 192.168.1.104 Host is up (0.0000030s latency). Not shown: 993 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 80/tcp open http 110/tcp open pop3 143/tcp open imap 443/tcp open https 587/tcp open submission
Nmap done: 1 IP address (1 host up) scanned in 13.10 seconds
root@ubuntulab3:~#