nginx: setup a webmail for every domain (wildcard domain?)

Question

I would like to setup a webmail mail. subdomain for every domain I have on my server, using nginx.

It seems to work on https://mail.mydomain.com but I can also access the webmail by visiting the server's IP address (https://x.x.x.x), which is not wanted.

Here is my conf file for the webmail:

###
# Webmail (Rainloop)
###
server {
    listen 80;
    server_name mail*.;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name mail*.;

    ssl_certificate     /etc/ssl/nginx/server.crt;
    ssl_certificate_key /etc/ssl/nginx/server.key;
    ssl_protocols       SSLv3 TLSv1;
    ssl_ciphers         HIGH:!aNULL:!MD5;

    access_log /var/log/nginx/app-webmail.access.log;
    error_log /var/log/nginx/app-webmail.error.log;

    location / {
        root /var/www/rainloop;
        index index.html index.htm index.php;

        location ~ [^/]\.php(/|$) {
            include fcgi.conf;
            fastcgi_pass unix:/var/run/php-fcgi.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }

        location ^~ /data {
            deny all;
        }
    }
}

Any idea?

score 2 · Answer 1 · answered Apr 03 '15 at 19:11

2

According to Nginx documentation, it is possible to use this kind of wildcards in server names.

server {
    listen       80;
    server_name  mail.*;
    ...
}

However, you are having mail*. instead of mail.* there, which is really a different thing.

answered Apr 03 '15 at 19:11

Esa Jokinen

43,252
2
75
122

Oops. My bad. I had in mind that wildcard; just a typing error. – flks Apr 06 '15 at 20:53

score 0 · Accepted Answer · edited May 23 '17 at 12:41

Based on this answer the default Nginx config has been changed as follows:

/etc/nginx/nginx.conf

server {
    listen       80;
    server_name  <ip_address_nginx_server>;
    root         /usr/share/nginx/html;

    #charset koi8-r;

    #access_log  /var/log/nginx/host.access.log  main;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
    }

    # redirect server error pages to the static page /40x.html
    #
    error_page  404              /404.html;
    location = /40x.html {
    }

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
    }

    return 403;
}

server {
    listen       80  default_server;
    server_name  mydomain.com;
    }
}

Once the Nginx server has been restarted and one navigates to ip_address_nginx_server a 403 is returned, while http://example.com is accessible.

nginx: setup a webmail for every domain (wildcard domain?)

2 Answers2