Skip to content

kenetik/mail-server-tut

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 

Repository files navigation

Free Perfect Email Server - Detailed Tutorial

This tutorial covers all the detailed steps for creating your own custom free email server using a Virtual Private Server running Ubuntu 12.10 x64 with iRedMail 0.8.4, iRedAdmin, PostgreSQL, Roundcubemail, Awstats, Apache and SSL Certificates.

I used Digital Ocean SSD VPS for this tutorial. (Included in this tutorial is a coupon for 2 months of free service.)

If you already have a perfectly configured server, you can skip to: 'Install iRedMail'.

README.md on GitHub ###Create a Droplet (aka VPS) ####I highly recommend using Digital Ocean SSD VPS for this setup. If you are creating a new account, use the coupon SSDPOWER for 2 months of free service. After creating a new account, click Create Droplet
* Screen Shot of Creating a Droplet via Digial Ocean

  1. Assign hostname (for this tutorial I will be using mail.yourdomain.com) From my tests 2GB/2CPUS/40GBSSD configuration works the best, but for trial and error we will use the smallest configuration. Screen Shot of Assigning Hostname

  2. Select Region - This is based on your location, or potenial users location. I chose San Francisco

  3. Change your server's password

    • Login to your server using a SSH Client (PuTTY/Terminal/Digital Ocean's Console Access) with the details given from the email. In your SSH Client type the following command: 
      • ssh root@yourip
    • You will be prompted about a RSA key fingerprint. Type 'yes' as the prompt.
  • Enter the random password generated during droplet creation. You should now be logged into your server and see something similar to this: + Screenshot of Successful Server Login
    • It is very important to now change the password to something secure of your choice. At the command prompt type the following command:
  1. Reboot your server by typing the following command:

Now your in! Let's start configuring!

###Setup 2GB of Swap Memory This helps with server stability and is optional but highly recommended.

  1. Login back into your server and type the following command: 
    • dd if=/dev/zero of=/swap bs=1024 count=2097152
mkswap /swap && chown root. /swap && chmod 0600 /swap && swapon /swap
echo /swap swap swap defaults 0 0 >> /etc/fstab
echo vm.swappiness = 0 >> /etc/sysctl.conf && sysctl -p
  2. Check to make sure your swap file is active by typing the following command:

Swap (virtual ram) is setup!

###Set your domain's DNS via Digital Ocean's Control Panel Please ensure that your domain's dns are forwarding to your server if you are not using Digital Ocean

  1. Add a domain to your account by visiting Digital Ocean's Domain Control Panel | Screen Shot of DCP
    1. Click the [Add Domain] button
    2. Input your domain, droplet's ip address, and select your droplet.
    3. Click the [Create Domain] button. You should see 'Domain was successfully created'.
    4. Click the [Add Record] button
      • Select MX as the Record Type
      • In Hostname input:
        • mail.yourdomain.com. Ensure the trailing . after your domain.
      • In Priority
      • You also want to add a CNAME record for 'mail', '@'. This may seem a little redundant, but it ensures SSL Certification ease later.
        • 10
      • Click the [CREATE] button

DNS is set!

###Ensure VPS is Updated Again, if this is a pre-configured VPS and you now everything is good to go, you may skip this step, but is still recommended

  1. From your SSH Client use the following command:
    • apt-get update
    • apt-get upgrade
      • Depending on how many items need to be updated, you will see something similar to the following screenshot and be prompted to continue. Type Y, and your server will begin updating.
      • Screen Shot of Update Process

Your up to date!

###Set your Fully Qualified Domain Name (FQDN) If its already set, it would be a good idea to confirm it

  1. Edit the hosts file by typing the following command:
  2. Change the default line to:
    • 127.0.0.1 mail.yourdomain.com mail localhost
    • You can verify this by rebooting, and typing:
      • hostname -f

Your FDQN is now set!

###Install iRedMail This is the magic software and step for all users

  1. From the command prompt type the following command: 
    •   wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-0.8.4.tar.bz2
  tar jxvf iRedMail-0.8.4.tar.bz2
  rm iRedMail-0.8.4.tar.bz2
  mv iRedMail-0.8.4 iRedMail
  cd iRedMail
  bash iRedMail.sh```
    • Your server will begin installing requirements.
  2. Once you see the screen 'Welcome and thank you for your use':
  3. iRedMail will prompt for firewall rules:
    • Select 'N'
    • iRedMail is now installed, take note of the url's given
    • Open iRedMail.tips for configuration specifics by typing the following command:
      • nano /tmp/iRedMail/iRedMail.tips (Save this information incase you don't receive the email)
    • Now reboot and log back in!

You've just installed iRedMail! Feel accomplished yet?

###Create a Secure SSL Certificate For tutorial purposes we will use InstantSLL for a free certificate

  1. Create a Certificate Signing Request by typing the following command:

    •  cd /etc/ssl
 openssl req -out mail.yourdomain.com.csr -new -newkey rsa:2048 -nodes -keyout mail.yourdomain.com.key
    • You will be prompted for information about your certificate, fill them out as requested. The 'extra' attributes are not required (Do not give a challenge password)

  2. Open your Certificate Signing Request by typing the following command:

    • nano mail.yourdomain.com.csr

  3. Copy all of the information located here, into the CSR Box from InstantSSL.

    • Select Apache-ModSSL from the server software drop-down, uncheck Opt in? Then click 'Next >'
    • Screen Shot of CSR Box @ InstantSSL
    • After InstantSLL validates your request (more steps) you will receive a .zip containing two files. [ mail_yourdomain_com.ca-bundle and mail_yourdomain_com.crt] (Screen Shot of the files) To rush the validation, you can log into the comodo account you created and download the .zip of certificate files from your account panel.

  4. Place both of these files in /etc/ssl on your server

    • After unzipping the document, open each file with your favorite text editor.
    • Copy and paste the information in each file into the same file name on your server.

  5. Modify Apache's default-ssl to reflect these SSL Certificates

    • Type the following command nano /etc/apache2/sites-available/default-ssl

    • Replace the default information so that the following is set

            SSLCertificateFile /etc/ssl/mail_yourdomain_com.crt
      SSLCertificateKeyFile /etc/ssl/mail.yourdomain.com.key
      SSLCACertificateFile /etc/ssl/mail_yourdomain_com.ca-bundle

    • Please ensure to remove the # before SSLCACertificateFile and do not place the >> in the file, as these are indicators for your benefit

  6. Modify Postfix and Dovecot's configuration files

    • Postfix: nano /etc/postfix/main.cf

      • Screen Shot of Postfix main.cf

      • Under #TLS Parameters change:

          smtpd_tls_cert_file = /etc/ssl/mail_yourdomain_com.crt 
  and 
  smtpd_tls_key_file = /etc/ssl/mail.yourdomain.com.key

    • Dovecot: nano /etc/postfix/main.cf

      • Screen Shot of Dovecot main.cf

      • Under # SSL: Global settings change:

          ssl = required 
  verbose_ssl = yes 
  (this is optional, but added for debug help) and, 
  ssl_cert = </etc/ssl/mail_yourdomain_com.crt 
  ssl_key = </etc/ssl/mail.yourdomain.com.key

      • Use Ctrl+X and Y + Enter to save the adjustments

  7. Reboot by issuing the command reboot

  8. Verify your SSL is working by visiting https://mail.yourdomain.com Depending on which browser/OS you are using, you will see a lock icon next to your URL similar to the screenshot Screen Shot of SSL Secured Page

You have your very own SSL Secured Address!

###Configure iRedAdmin Accounts

  1. Login to iRedAdmin and configure accounts
  2. Change your password!
    • Click Preferences in the top right, then select Password to the right of General
  3. Disable Greylisting! This is my personal preference, it's only given me problems in the past
  4. Create a new email address.

    • Return to https://mail.yourdomain.com and login

    • Select [+Add...] > >User

        Mail Address* [anythingyouwish]@[yourdomain.com]
  New password* [********]
  Confirm new password [********]
  Display Name [not required but suggested]
  Mailbox Quota [0-99999]

You just created your first email account on your new server!

###Using your new email! After all of that, you finally get to use your email server for personal email, or professional!

  1. Webmail Access

    • https://mail.yourdomain.com This is the url for you to be able to access your e-mail from any web-enabled device!
      • Enter the Username and Password you just created
      • You should now be welcomed by a beautiful roundcube webmail user interface.
      • From this point I typically like to test the send/receive functions.
        • Select Compose +, to create a new message to whomever you like.
          • Before sending, open your SSH client with the following command: tail -f mail.log mail.err for debugging!
          • I would also suggest doing the same by sending an email to your new account from another email address.

  2. Mail Client

    • Coming Soon

githalytics.com alpha

About

Setup Free Mail Server Tutorial

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published