Free Perfect Mail Server - Detailed Tutorial

By kenetik
in Essential Guides

 Share

Recommended Posts

Proficient

kenetik

Posted
Posted

Free Perfect Email Server - Detailed Tutorial

This tutorial covers all the details steps for creating your own custom email server using a Virtual Private Server running Ubuntu 12.10 x64 with iRedMail 0.8.4, iRedAdmin, PostgreSQL, Roundcubemail, Awstats, Apache and SSL Certificates.

I used Digital Ocean SSD VPS for this tutorial. (Included in this tutorial is a coupon for 2 months of free service.)

If you already have a perfectly configured server, you can skip to: 'Install iRedMail'.

README.md on GitHub | HTML Formatted Version

Create a Droplet (aka VPS)

I highly recommend using Digital Ocean SSD VPS for this setup. If you are creating a new account, use the coupon SSDPOWER for 2 months of free service.

After creating a new account, click Create Droplet

* Screen Shot of Creating a Droplet via Digial Ocean


  • Assign hostname (for this tutorial I will be using mail.yourdomain.com) From my tests 2GB/2CPUS/40GBSSD configuration works the best, but for trial and error we will use the smallest configuration. Screen Shot of Assigning Hostname

  • Select Region - This is based on your location, or potenial users location. I chose San Francisco

    [*]Change your server's password

    • Login to your server using a SSH Client (PuTTY/Terminal/Digital Ocean's Console Access) with the details given from the email. In your SSH Client type the following command:
      • ssh root@yourip

      [*]You will be prompted about a RSA key fingerprint. Type 'yes' as the prompt.

      [*]It is very important to now change the password to something secure of your choice. At the command prompt type the following command:

    [*]Reboot your server by typing the following command:

Now your in! Let's start configuring!

Setup 2GB of Swap Memory

This helps with server stability and is optional but highly recommended.

  • Login back into your server and type the following command:
    • dd if=/dev/zero of=/swap bs=1024 count=2097152
      mkswap /swap && chown root. /swap && chmod 0600 /swap && swapon /swap
      echo /swap swap swap defaults >> /etc/fstab
      echo vm.swappiness = >> /etc/sysctl.conf && sysctl -p

    [*]Check to make sure your swap file is active by typing the following command:

Swap (virtual ram) is setup!

Set your domain's DNS via Digital Ocean's Control Panel

Please ensure that your domain's dns are forwarding to your server if you are not using Digital Ocean

  • Add a domain to your account by visiting Digital Ocean's Domain Control Panel | Screen Shot of DCP
    • Click the [Add Domain] button
    • Input your domain, droplet's ip address, and select your droplet.

      [*]Click the [Create Domain] button. You should see 'Domain was successfully created'.

      [*]Click the [Add Record] button

      • Select MX as the Record Type
      • In Hostname input:
        • mail.yourdomain.com. Ensure the trailing . after your domain.

        [*]In Priority

        [*]You also want to add a CNAME record for 'mail', '@'. This may seem a little redundant, but it ensures SSL Certification ease later.

        • 10

        [*]Click the [CREATE] button

DNS is set!

Ensure VPS is Updated

Again, if this is a pre-configured VPS and you now everything is good to go, you may skip this step, but is still recommended

  • From your SSH Client use the following command:
    • apt-get update

      [*]apt-get upgrade

      • Depending on how many items need to be updated, you will see something similar to the following screenshot and be prompted to continue. Type Y, and your server will begin updating.
      • Screen Shot of Update Process

Your up to date!

Set your Fully Qualified Domain Name (FQDN)

If its already set, it would be a good idea to confirm it

  • Edit the hosts file by typing the following command:

    [*]Change the default line to:

    • 127.0.0.1 mail.yourdomain.com mail localhost
    • You can verify this by rebooting, and typing:
      • hostname -f

Your FDQN is now set!

Install iRedMail

This is the magic software and step for all users

  • From the command prompt type the following command:
    • cd /tmp wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-0.8.4.tar.bz2 tar jxvf iRedMail-0.8.4.tar.bz2 rm iRedMail-0.8.4.tar.bz2 mv iRedMail-0.8.4 iRedMail cd iRedMail bash iRedMail.sh
    • Your server will begin installing requirements.

    [*]Once you see the screen 'Welcome and thank you for your use':

    [*]iRedMail will prompt for firewall rules:

    • Select 'N'
    • iRedMail is now installed, take note of the url's given

      [*]Open iRedMail.tips for configuration specifics by typing the following command:

      • nano /tmp/iRedMail/iRedMail.tips (Save this information incase you don't receive the email)

      [*]Now reboot and log back in!

You've just installed iRedMail! Feel accomplished yet?

Create a Secure SSL Certificate

For tutorial purposes we will use InstantSLL for a free certificate

  • Create a Certificate Signing Request by typing the following command:
    • cd /etc/ssl
      openssl req -out mail.yourdomain.com.csr -new -newkey rsa:2048 -nodes -keyout mail.yourdomain.com.key
    • You will be prompted for information about your certificate, fill them out as requested. The 'extra' attributes are not required (Do not give a challenge password)

    [*]Open your Certificate Signing Request by typing the following command:

    • nano mail.yourdomain.com.csr

    [*]Copy all of the information located here, into the CSR Box from InstantSSL.

    • Select Apache-ModSSL from the server software drop-down, uncheck Opt in? Then click 'Next >'
    • Screen Shot of CSR Box @ InstantSSL
    • After InstantSLL validates your request (more steps) you will receive a .zip containing two files. [ mailyourdomain_com.ca-bundle and mail_yourdomain_com.crt] (Screen Shot of the files) _To rush the validation, you can log into the comodo account you created and download the .zip of certificate files from your account panel.

    [*]Place both of these files in /etc/ssl on your server

    • After unzipping the document, open each file with your favorite text editor.
    • Copy and paste the information in each file into the same file name on your server.

    [*]

    Modify Apache's default-ssl to reflect these SSL Certificates

    • Type the following command nano /etc/apache2/sites-available/default-ssl
    • Replace the default information so that the following is set
      SSLCertificateFile /etc/ssl/mail_yourdomain_com.crt
      SSLCertificateKeyFile /etc/ssl/mail.yourdomain.com.key
      SSLCACertificateFile /etc/ssl/mail_yourdomain_com.ca-bundle
    • Please ensure to remove the # before SSLCACertificateFile and do not place the >> in the file, as these are indicators for your benefit

    [*]

    Modify Postfix and Dovecot's configuration files

    • Postfix: nano /etc/postfix/main.cf
      • Screen Shot of Postfix main.cf
      • Under #TLS Parameters change:
        smtpd_tls_cert_file = /etc/ssl/mail_yourdomain_com.crt
        and
        smtpd_tls_key_file = /etc/ssl/mail.yourdomain.com.key

      [*]Dovecot: nano /etc/postfix/main.cf

      • Screen Shot of Dovecot main.cf
      • Under # SSL: Global settings change:
        ssl = required
        verbose_ssl = yes
        (this is optional, but added for debug help) and,
        ssl_cert = </etc/ssl/mail_yourdomain_com.crt
        ssl_key = </etc/ssl/mail.yourdomain.com.key
      • Use Ctrl+X and Y + Enter to save the adjustments

    [*]

    Reboot by issuing the command reboot

    [*]

    Verify your SSL is working by visiting https://mail.yourdomain.com Depending on which browser/OS you are using, you will see a lock icon next to your URL similar to the screenshot Screen Shot of SSL Secured Page

You have your very own SSL Secured Address!

Configure iRedAdmin Accounts

  • Login to iRedAdmin and configure accounts

    [*]Change your password!

    [*]Disable Greylisting! This is my personal preference, it's only given me problems in the past

    [*]

    Create a new email address.

    • Return to https://mail.yourdomain.com and login
    • Select [+Add...] > >User
      Mail Address* [anythingyouwish]@[yourdomain.com]
      New password* [********]
      Confirm new password [********]
      Display Name [not required but suggested]
      Mailbox Quota [-99999]

You just created your first email account on your new server!

Using your new email!

After all of that, you finally get to use your email server for personal email, or professional!


  • Webmail Access
    • https://mail.yourdomain.com This is the url for you to be able to access your e-mail from any web-enabled device!
      • Enter the Username and Password you just created

        [*]You should now be welcomed by a beautiful roundcube webmail user interface.

        [*]From this point I typically like to test the send/receive functions.

        • Select Compose +, to create a new message to whomever you like.
          • Before sending, open your SSH client with the following command: tail -f mail.log mail.err for debugging!
          • I would also suggest doing the same by sending an email to your new account from another email address.

    [*]

    Mail Client

    • Coming Soon

  • Lighthalzen
  • Like 1
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.