Programster's Blog

Tutorials focusing on Linux, programming, and open-source

Deploying Own Mail Server With Mail-in-a-Box

Mail-in-a-Box is a solution to make it much easier to run your own mail server for both sending, and receiving emails. I wouldn't say its so easy that a complete novice could deploy a mailserver, but have to say that after having spent hours configuring Dovecot and Postfix myself, this is a fantastic solution that is a lot easier.

I was always put off from deploying it, because the instructions tell you to make it your nameserver so that it can manage the records. Luckily you don't need to do this, as you can find out the records it needs, and plug them into your own DNS provider. This tutorial assumes you are going to do just that.

Steps

Deploy a minimal Ubuntu 18.04 server. I recommend using DigitalOcean because their small $5 per month instance will do the job, and they don't block outgoing mail, unlike some other providers. They are what I used.

Copy, paste, and run the following script on the server and run it as root:

You may wish to "fix" pasting in vim inUbuntu 18.04 first.

The script is from the curl command that I saw on their instructions. I just think this is slightly safer than piping a URL into bash.

#!/bin/bash
#########################################################
# This script is intended to be run like this:
#
#   curl https://mailinabox.email/setup.sh | sudo bash
#
#########################################################

if [ -z "$TAG" ]; then
    # If a version to install isn't explicitly given as an environment
    # variable, then install the latest version. But the latest version
    # depends on the operating system. Existing Ubuntu 14.04 users need
    # to be able to upgrade to the latest version supporting Ubuntu 14.04,
    # in part because an upgrade is required before jumping to Ubuntu 18.04.
    # New users on Ubuntu 18.04 need to get the latest version number too.
    #
    # Also, the system status checks read this script for TAG = (without the
    # space, but if we put it in a comment it would confuse the status checks!)
    # to get the latest version, so the first such line must be the one that we
    # want to display in status checks.
    if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' `" == "Ubuntu 18.04 LTS" ]; then
        # This machine is running Ubuntu 18.04.
        TAG=v0.43

    elif [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' `" == "Ubuntu 14.04 LTS" ]; then
        # This machine is running Ubuntu 14.04.
        echo "You are installing the last version of Mail-in-a-Box that will"
        echo "support Ubuntu 14.04. If this is a new installation of Mail-in-a-Box,"
        echo "stop now and switch to a machine running Ubuntu 18.04. If you are"
        echo "upgrading an existing Mail-in-a-Box --- great. After upgrading this"
        echo "box, please visit https://mailinabox.email for notes on how to upgrade"
        echo "to Ubuntu 18.04."
        echo ""
        TAG=v0.30

    else
        echo "This script must be run on a system running Ubuntu 18.04 or Ubuntu 14.04."
        exit
    fi
fi

# Are we running as root?
if [[ $EUID -ne 0 ]]; then
    echo "This script must be run as root. Did you leave out sudo?"
    exit
fi

# Clone the Mail-in-a-Box repository if it doesn't exist.
if [ ! -d $HOME/mailinabox ]; then
    if [ ! -f /usr/bin/git ]; then
        echo Installing git . . .
        apt-get -q -q update
        DEBIAN_FRONTEND=noninteractive apt-get -q -q install -y git < /dev/null
        echo
    fi

    echo Downloading Mail-in-a-Box $TAG. . .
    git clone \
        -b $TAG --depth 1 \
        https://github.com/mail-in-a-box/mailinabox \
        $HOME/mailinabox \
        < /dev/null 2> /dev/null

    echo
fi

# Change directory to it.
cd $HOME/mailinabox

# Update it.
if [ "$TAG" != `git describe` ]; then
    echo Updating Mail-in-a-Box to $TAG . . .
    git fetch --depth 1 --force --prune origin tag $TAG
    if ! git checkout -q $TAG; then
        echo "Update failed. Did you modify something in `pwd`?"
        exit
    fi
    echo
fi

# Start setup script.
setup/start.sh

Whilst the script is running, I saw that it adds swap to the system by creating a swapfile.

At one point it will ask you to configure your timezone. Be sure to enter the correct details.

Here is some of the output that shows you all the things it is installing.

Installing nsd (DNS server)...
Generating DNSSEC signing keys...
Installing Postfix (SMTP server)...
Installing Dovecot (IMAP server)...
Creating new user database: /home/user-data/mail/users.sqlite
Installing OpenDKIM/OpenDMARC...
Installing SpamAssassin...
Installing Nginx (web server)...
Installing Roundcube (webmail)...
Installing Nextcloud (contacts/calendar)...

Upgrading to Nextcloud version 15.0.8

Nextcloud is already latest version
Installing Z-Push (Exchange/ActiveSync server)...
Installing Mail-in-a-Box system management daemon...
Installing Munin (system monitoring)...

You will be prompted to enter a password. Remember this for later as you will need it at the first login screen later!

Eventually, you will be given output similar to:

Your Mail-in-a-Box is running.

Please log in to the control panel for further instructions at:

https://178.xxx.32.xxx/admin

You will be alerted that the website has an invalid certificate. Check that
the certificate fingerprint matches:

XX:A2:XX:E4:DD:19:FF:XX:02:32:3B:XX:1D:58:XX:BF:8C:59:XX:F1:1B:E4:XX:2C:E8:F1:XX:CD:3E:38:30:XX

Then you can confirm the security exception and continue.

In your browser, navigate to the URL that was given (the IP of the box you are setting up). When you go there, you will be shown a warning message about the invalid certificate for that IP. That's okay. Click Advanced...

... and then click Accept the Risk and Continue.

You will be prompted for a login. Use the email address that you were asked you were setting up for, and the password you were asked for a second ago.

Setting Nameserver Records

You will probably see a bunch of warnings about Nameserver glue records are incorrect., and This domain must resolve to your box's IP address. Don't worry about these for now as we are going to resolve them by updating the DNS records with our own DNS provider.

Go to System > External DNS

You will see a bunch of DNS records. Add them all to your own DNS provider for everything to work.

Fix for Sendmail Issue

I have a server configured with postfix for sending emails through using the php mail() function because the PHPbb forum does not support STARTTLS SMTP authentication.

To get this to work, I had to hard-code the sendmail path in the apache php.ini file with -f dffdfd@domain.co.uk for it to work. Otherwise it would think the from address was www-data@mydomain.com because the webserver was running as the www-data user locally.

References

Last updated: 13th October 2019
First published: 13th October 2019