How to Easily Set Up a Mail Server on Rocket Linux with iRedMail

0
28

Configuring and setting up mail server on Linux from scratch is really difficult especially if you want to install all components one by one, but there is a quick and full-featured option by using IRedMail.

IRedMail ?

Iredmail is a free and open source solution to build mail server, this tool configure and install all components on your system, also this tool allow us to create unlimited mail domains and unlimited mailboxes.

iRedMail - Open Source Mail Server Solution - 24x7

The following is a list of all components installed automatically by IRedMail:

  • Postfix SMTP server
  • Dovecot IMAP server
  • Nginx web server to serve the admin panel and webmail
  • OpenLDAP, MySQL/MariaDB, or PostgreSQL for storing user information
  • Amavised-new for DKIM signing and verification
  • SpamAssassin for anti-spam
  • ClamAV for anti-virus
  • Roundcube webmail
  • SOGo groupware, providing webmail, calendar (CalDAV), contacts (CardDAV), tasks and ActiveSync services.
  • Fail2ban for protecting SSH
  • mlmmj mailing list manager
  • Netdata server monitoring
  • iRedAPD Postfix policy server for greylisting

1. Prerequisites before installing IRedMail

Firstly you need to have you own server (VPS or dedicated server) with a least 4GB of RAM. secondly you will need also to have domain name.

Use putty to log into your server with your credentials :

ssh connection to server

2. Create a DNS MX record

A DNS MX(Mail exchange) record is used to indicate how email message should be routed to the SMTP. In other words is the record responsible for accepting email message on behalf of a domain name. so you have to add a new MX record in your DNS configuration like below:

Add MX record in domain configuration
Note: The hostname for MX record can not be an alias to another name. Also, It’s highly recommended that you use hostnames, rather than bare IP addresses for MX record.

3. Setting up Hostname on your server

In this Step you have to log again into your server using ssh, then run the following commands to update and upgrade your Linux server.

sudo yum update
sudo yum upgrade

After that, you need to set a fully qualified domain name (FQDN) for your server with the following command:

sudo hostnamectl set-hostname mail.domain-name.com
# to verify the config: 
hostnamectl

Then you need to edit the /etc/hosts file to add the domain name entry to file

127.0.0.1   mail.domain-name.com localhost localhost.localdomain

You can verify changes by using the command :

hostname -f

4. Setting up Mail server using docker container of iRedMail

In this Step you will to need install Docker on your server, if this already done you can directly go to step 4.2

4.1 Install docker

Docker is the best container manager, we will use it to deploy IRedMail container. Firstly add Docker repository to Rocky Linux depos:

sudo dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

Update your system:

sudo dnf update

You have to run the command below to install docker components :

sudo dnf install -y docker-ce docker-ce-cli containerd.io

Check installed version of docker:

docker --version
Installed docker version

Enable and start docker daemon:

sudo systemctl enable docker
sudo systemctl start  docker
sudo systemctl status docker
Check docker status

4.2 Setting up docker container

In this step we will create directory structure for our docker container, this structure is used to synchronize data between host and the container.

sudo mkdir -p /containers/iredmail
cd /containers/iredmail
sudo mkdir -p data/{backup-mysql,clamav,custom,imapsieve_copy,mailboxes,mlmmj,mlmmj-archive,mysql,sa_rules,ssl,postfix_queue}

W will create configuration file before starting docker container, you will need to create a new file which name is iredmail-docker.conf this file will contain environment variables with there values, you need to create this file in path /containers/iredmail

cd /containers/iredmail
> iredmail-docker.conf
echo MYSQL_ROOT_PASSWORD=<your-password> >> iredmail-docker.conf
echo HOSTNAME=mail.domain-name.com >> iredmail-docker.conf
echo FIRST_MAIL_DOMAIN=domain-name.com >> iredmail-docker.conf
echo FIRST_MAIL_DOMAIN_ADMIN_PASSWORD=<choose-your-password> >> iredmail-docker.conf
echo MLMMJADMIN_API_TOKEN=$(openssl rand -base64 32) >> iredmail-docker.conf
echo ROUNDCUBE_DES_KEY=$(openssl rand -base64 24) >> iredmail-docker.conf


You need to change domain-name.com with you real domain name 

4.3 Run the container

Finally, you need to run the following command to start the container

docker run -d \
    --rm \
    --name iredmail \
    --env-file iredmail-docker.conf \
    --hostname mail.domain-name.com \
    -p 980:80 \
    -p 9443:443 \
    -p 110:110 \
    -p 995:995 \
    -p 143:143 \
    -p 993:993 \
    -p 25:25 \
    -p 465:465 \
    -p 587:587 \
    -v /containers/iredmail/data/backup-mysql:/var/vmail/backup/mysql \
-v /containers/iredmail/data/mailboxes:/var/vmail/vmail1 \
-v /containers/iredmail/data/mlmmj:/var/vmail/mlmmj \
-v /containers/iredmail/data/mlmmj_archive:/var/vmail/mlmmj-archive \
-v /containers/iredmail/data/imapsieve_copy:/var/vmail/imapsieve_copy \
-v /containers/iredmail/data/custom:/opt/iredmail/custom \
-v /containers/iredmail/data/ssl:/opt/iredmail/ssl \
-v /containers/iredmail/data/mysql:/var/lib/mysql \
-v /containers/iredmail/data/clamav:/var/lib/clamav \
-v /containers/iredmail/data/sa_rules:/var/lib/spamassassin \
-v /containers/iredmail/data/postfix_queue:/var/spool/postfix \
    iredmail/mariadb:stable

Check if the container is running:

Check if docker container is running

5. Access to your iredmail web interface and RoundCube web app

If you have nginx web server installed on your server you can add a new configuration file to directly access to your iredmail web interface.

Since we have used port number 980 for docker nginx container, we will use upstrem configuration (proxy).

Add a new file for your domain; like mail.domain-name.com

upstream backend_iredmail{
    server 127.0.0.1:9443;
}

server {
    server_name mail.domain-name.com; # managed by Certbot


    # cache some static data in memory for 60mins
    location / {
        include proxy_params;
        proxy_set_header X-Forwarded-Host $host;
        proxy_pass https://backend_iredmail;
    }


    #listen [::]:443 ipv6only=on; # managed by Certbot
    #listen 443 ssl http2 ; # managed by Certbot
    listen       443 ssl http2 ;
    listen       [::]:443  ssl http2;


    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


    access_log /var/log/nginx/mail.domain-name.com.access.log;
    error_log /var/log/nginx/mail.domain-name.com.error.log;

    # gzip
    gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
    gzip on;

    ssl_certificate /etc/letsencrypt/live/mail.domain-name.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mail.domain-name.com/privkey.pem; # managed by Certbot
}
...

Restart your nginx to reload configuration

sudo systemctl restart nginx
Web interface for RoundCube
Iredmail admin web application

May be you need to migrate from your CentOS server to Rocky Linux

Annex

What’s DKIM Signature and how it works ?

Explained: What is DKIM? DomainKeys Identified Mail - dmarcian

What’s DMARC policy and how it works ?

Email Authentication Protocols: SPF, DKIM, DMARC & BIMI - Email On Acid
Schema from EMAIL-ACID (https://www.emailona)

Click to rate this post!
[Total: 1 Average: 5]

LEAVE A REPLY

Please enter your comment!
Please enter your name here