# Introduction

Before we start we will have to make a few clarifications. For the installation and the configurations below we use two domain names, one for the mail server:

mail.example.com

which will be used to access the mail server (mail boxes, configurations of the mail server, etc.) and one for the domain name:

example.com

which will be used for the email accounts (for example: contacts@example.com).

It is important to understand that the mail server must have a domain name which corresponds to it (in our case this is mail.example.com) but it can have multiple domain names for the email accounts (like: contacts@example.com, contacts@anotherexample.com, contacts@alsoanotherexample.com, etc.). In our case, we will use only one domain name for the email accounts.

Feel free to change them to your own domains or sub domains, but keep in mind something very important, all domains must be registered and verified, otherwise you take the risk your server or IP address to be blocked.

Also, the domain name mail.example.com used for the mail server must be configured to point to the IP address of the machine which is going to be used as a mail server and where you will install "EasyMail". Example configuration:

Type: A Record
Name: @
IP address: IP_ADDRESS_OF_THE_MAIL_SERVER

All commands below must be run as root or another user with root privileges.

# Dependencies

Below are listed the dependencies which will be installed automatically during the installation of “EasyMail”:

  • Dovecot
  • Postfix
  • Roundcube
  • SpamAssassin
  • Nginx
  • MySQL 5.6
  • PHP 5.6

If any of those services is already installed on your machine, "EasyMail" will stop the installation. You must be sure that you have cleaned up your machine properly before you start. The reason for this is very simple, different services have different versions and dependencies. Starting from scratch is the best way to be sure that the installation will go well and you won't enter some "dependency hell".

# Server Requirements

  • Dedicated machine or Virtual private server (VPS) and parametres not lower than:
    • RAM (or RAM + SWAP) >= 1GB
    • HDD/SSD 10 GB.
  • A new fresh installation of Debian or Ubuntu 14.04, or any type of machine with Docker.

# Prepare Docker (optional)

There are cases when we may want to build the mail server on Docker. To do so, follow the steps below.

Install Docker if you still don't have it on your machine. For further information check Docker installation.

We will use a docker image of Ubuntu 14.04. Go to the terminal of your machine and execute the following command (read below first):

docker run -it -p=110:110 -p=25:25 -p=995:995 -p=80:80 -p=443:443 -p=587:587 -p=993:993 -p=143:143 -p=465:465 -h "mail.example.com" --name="easymail" -v /etc/ssl/certs/:/etc/ssl/certs/ ubuntu:14.04 /bin/sh -c "if [ -f /run.sh ]; then bash /run.sh; fi; exec /bin/bash"

Further explanations are required. The command above will build a new container (named “easymail”) with a new fresh installation of Ubuntu 14.04 and mapping for the following ports: 110, 25, 995, 80, 443, 587, 993 and 143.

For the proper work of the mail server, it is important each of those ports to be freed and not occupied by the services running on your physical machine. Each of them is used for:

110 - POP3
25 - SMTP (Non-Exctypted) used by Postfix
995 - POP3 with SSL
80 - web service Nginx
443 - web service Nginx with SSL
587 - SMTP (StartTLS)
993 - IMAP (SSL)
143 - IMAP (StartTLS)
465 - SMTP (SSL)

If any of the ports above is already occupied you will have to use another one or to free them. For example, if you have a web services installed on your physical machine, you most probably use ports 80 and 443, so you will have to use different ports in order to finish the installation above. For example you can use 8080 instead of 80 and 44380 instead of 443. The command above will change:

docker run -it -p=110:110 -p=25:25 -p=995:995 -p=8080:80 -p=44380:443  -p=587:587 -p=993:993 -p=143:143 -p=465:465 -h "mail.example.com" --name="easymail" -v /etc/ssl/certs/:/etc/ssl/certs/ ubuntu:14.04 /bin/sh -c "if [ -f /run.sh ]; then bash /run.sh; fi; exec /bin/bash"

During the installation described below we will use ports 443 and 80 but bear in mind that the ports may vary depending on your particular case.

As you may have noticed, during the installation of the container we have mapped the directory: /etc/ssl/certs/. This is the directory which contains the SSL certificates for the domain name of the mail server - mail.example.com. We can use the SSL certificates to encrypt the communication with the mail server or we can skip this option. This is entirely an optional step.

When the creation of the container completes, you will be let inside the Docker container. Continue with the installation of “EasyMail”.

# Installing EasyMail

Execute the following:

apt-get update && apt-get install nano wget -y

Download “EasyMail” and start the script install.sh:

wget https://github.com/runeasymail/easymail/archive/v0.5.tar.gz -O easymail.tgz && mkdir easymail && cd easymail && tar -xvzf ../easymail.tgz --strip 1 && bash install.sh

During the installation you will be asked a few questions. Below you will find answers which are applicable only for the current example.

Type hostname: mail.example.com
Type admin's email password: iu34urc389fu349
Do you want to install your own ssl certificates? [n/Y]

The admin's email address mentioned during the installation is admin@mail.example.com.

For the installation of your own SSL certificate, if you choose “y”, you will be asked two additional questions addressed to the SSL certificates (this step requires the ssl directory to be mapped during the creation of the docker container):

[SSL] CA Bundle file path: /etc/ssl/certs/CERTIFICATE-NAME.crt
[SSL] Private key file path: /etc/ssl/certs/CERTIFICATE-NAME.key

After the configuration of the SSL certificates:

Is this installation is on Docker? [N/y] y

Now be patient. The installation will take a few minutes.

In the end of the installation of "EasyMail", the installation script will generate data for the DKIM record (you will need this later) and a few random passwords for the MySQL database (used to store email accounts, configurations, etc.). The DKIM record and the MySQL passwords will be displayed on the screen of your terminal when the installation ends. Write them down because you will need them!

If you have missed to write down your DKIM record, use these commands to find it:

cd /etc/opendkim/keys

In this directory you will find another sub-directory corresponding to your domain. Go inside:

cd mail.example.com

Print the content of mail.txt

cat mail.txt

Copy the content. This is your DKIM record.

If you have missed to write down the passwords for the MySQL database, follow the additional steps below in order to restart them:

  • Stop MySQL:
sudo /etc/init.d/mysql stop
  • Next we need to start MySQL in safe mode - that is to say, we will start MySQL but skip the user privileges table.
sudo mysqld_safe --skip-grant-tables &
  • Log in to MySQL:
mysql -uroot
  • Next, instruct MySQL which database to use:
use mysql;
  • Enter the new password for the root user as follows:
update user set password=PASSWORD("mynewpassword") where User='root';
  • and finally, flush the privileges:
flush privileges;
  • Quit and restart MySQL:
quit

sudo /etc/init.d/mysql stop
sudo /etc/init.d/mysql start

When you finish the installation, "EasyMail" will automatically start all services (MySQL, Nginx, php5-fpm, Postfix, Dovecot, Spamassassin and OpenDKIM).

# Configuration

The next important step is to add MX, CNAME and SPF records and to finish the configuration of DKIM for the domain name used for the email accounts (in our case this is example.com). The SPF record and DKIM are optional but advisable.

MX record

Steps:

  • Go to the domain register of your domain names.
  • Add a new MX record for the domain you want to use for you emails. Example:
Hostname: example.com
Priority: 0

CNAME records

The configuration of the CNAME is required if we want to configure our email address with a Desktop mail client. Steps:

  • Go to the domain register of your domain names.
  • Add the following two CNAME records for the domain name of the maill server. Example:
Name: autoconfig 
Hostname: mail.example.com.

and

Name: autodiscover
Hostname: mail.example.com.

With the help of these CNAMES, the mail server is able to generate the following XMLs:

http://autoconfig.mail.example.com:80/mail/config-v1.1.xml

http://autodiscover.mail.example.com:80/autodiscover/autodiscover.xml

They are used by the desktop mail clients for automatic configuration with your mail server. You can also use the information within the XML for other manual setups.

Please take into account that we can access the XML documents through port 80 but this port may vary depending on the configurations of your web service.

SPF record

It is up to you, how you will set up the SPF record but for the sake of clarity we will present a short example.

If you want to know more about how to add SPF records and the different configuration options just google for "add SPF record" or read this tutorial SPF Record.

Example:

  • Go to the domain register of your domain names.
  • Add the following TXT record to the domain name used for the email accounts (in our case this is example.com):
Name:  @
Text: "v=spf1 a:mail.example.com ~all"

Everyone who receives an email from an email account with domain name example.com (for example: contact@example.com) can check the SPF record of this domain and to see that it authorizes only the server with IP address recorded in the DNS A record of the mail server mail.example.com, to send emails. If somebody else tries to send emails on behalf of example.com from a different server, this server most probably will go to the spam filters and permanently blocked.

DKIM configuration

Go to the domain register of your domain names and for the domain name used for your email accounts add the following TXT record (DKIM record):

Name:  mail._domainkey
Text: "YOUR-DKIM-KEY"

Example (do not use the example key below, it's only an illustration and will not work on your server):

Name:  mail._domainkey
Text: "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdEvPNpKchxLz2tsRbAxXHiLQ7nPWNxW1I9/D+nTYOlPBqQ8YFwYooUjzTxHsge+s9vCOhofvVoMztppB98VHcfb+AuXcM/6uYYUDnauI6S6Tm/Akqdj/H0cwo6zLcnm698X9ZyPBJbcoJSzqQaXNz7+Mh/O7SK0ZV5xyclln5NQIDAQAB"

SSL certificate

During the installation of "EasyMail" you have been asked to provide the path to the SSL certificates. If you want to change the certificates, simply replace them and restart your web service.

# RoundCube

“EasyMail” comes with a nice mail client “RoundCube”. In order to access it go to your web browser and type the following:

mail.example.com:443

or

IP_ADDRESS_OF_THE_MAIL_SERVER:443

Of course, you will need an email account to log in. Continue reading for further information how to add email accounts.

When you access your email account with RoundCube, you can change your password from “Settings” -> “Password”.

# Add email accounts

All email accounts are stored in the MySQL database. To add a new email account you will have to access the MySQL database (remember, you will need the MySQL password). We will do that through the terminal.

  • Log in to your physical machine and access the terminal of the Ubuntu container if you use Docker.
  • Log in to MySQL:
mysql -u root -p
  • List the databases:
mysql> show databases;

The database used by “EasyMail” is “mailserver”.

mysql> use mailserver;
  • List all tables.
mysql> show tables;

You will find four tables:

recipient_bcc
virtual_aliases
virtual_domains
virtual_users

The name of the tables are chosen in accordance with Postfix standards for email management. Better understanding of Postfix email management will give you more clear idea of how to work with these tables. The table “virtual_users” contains all email accounts. We can list them:

mysql> select * from virtual_users;

or we can add a new record.

mysql> insert into virtual_users values(ID, DOMAIN_ID, "PASSWORD", "EMAIL_ACCOUNT");

Please bear in mind that the password field is encrypted with openssl_encrypt enctyption.

mysql> quit;

# Additional

Autostart the service after reboot

"EasyMail" is configured to start all required services automatically if the machine reboots. This will save you some time because you don't have to start the services by yourself. We will review how this works.

  • Go to:
cd /
  • List all files in the directory:
ln -ls
  • You will see the file "run.sh". Open it:
nano run.sh

The file contains the following code:

service mysql start
service nginx start
service php5-fpm start
/etc/init.d/postfix start
/usr/sbin/dovecot
service spamassassin start
service opendkim start

These are the services which will be starter automatically if the machine reboots. That's all you need to know, "EasyMail" takes care for the rest.

Forward emails

If you want to forward all incomming emails to another email:

  • Go to the terminal.
  • Access mysql database.
  • Add a new record to table “recipient_bcc”.

If you want to forward emails to Gmail, another option is to use Gmail SMTP client.

Transactional emails

The good thing about the current mail server is that it can be used to send transactional emails. For the configuration with an external client we can use:

Host: mail.example.com
Username: contact@example.com
SMTP Secure: tls
Port: 587

Example for Laravel:

MAIL_DRIVER=smtp
MAIL_HOST=mail.example.com
MAIL_PORT=587
MAIL_USERNAME=contact@example.com
MAIL_PASSWORD=
MAIL_ENCRYPTION=tls