Installing and configuring iRedMail

Below is an example of installing iRedMail on Ubuntu/Debian.
On the test I will install iRedMail on Ubuntu 18.04 LTS.

First, let’s see the host name (suppose something like mx.example.com is displayed):

hostname -f

We will edit it if necessary first in /etc/hostname (here should be mx):

sudo nano /etc/hostname

And in the file /etc/hosts we will write down possible aliases of the mail domain:

sudo nano /etc/hosts

For example:

127.0.0.1 mx.example.com mx example.com localhost

Update the list of package sources and install the extension for unpacking archives:

sudo apt update
sudo apt upgrade
sudo apt install bzip2

We will reboot the server to apply hostname and possible updates:

sudo reboot

Switch to the root of the user (the current directory will be /root/):

sudo -i

Download iRedMail from the official site https://www.iredmail.org/download.html, for example, with the command:

wget https://github.com/iredmail/iRedMail/archive/1.1.tar.gz

Unpack the downloaded archive and go to the unpacked directory with iRedMail:

tar -xvzf 1.1.tar.gz
cd iRedMail-1.1

Now run the installer:

bash iRedMail.sh

During installation, you need to answer a few questions:
1) Welcome window, click “Yes”.
2) Specify a folder for storing letters, standard /var/vmail.
3) Specify a web server, for example Nginx (confirm the selection with the space bar)
4) Choose a mail account store, for example MySQL.
5) Create and enter the root password for MySQL. If the MySQL server is already installed, then you will need to manually create users and databases as written in the iRedMail.tips report file after installation.
6) Indicate the first mail domain. In the future, they can be added via iRedAdmin.
7) Create and enter the administrator password of the first mail domain.
8) Select additional required components (e.g. Roundcubemail, iRedAdmin, Fail2ban).
Then we agree by pressing “y” and wait for the installation process to complete.
In the end, we agree with the iptables rules setup and after the installation is complete we will reboot the system.
Done.

Standard web addresses for access to installed components:
Webmail https://hostname/mail/
iRedAdmin https://hostname/iredadmin/
phpMyAdmin https://hostname/phpmyadmin/
phpLDAPadmin https://hostname/phpldapadmin/
Awstats https://hostname/awstats/awstats.pl?config=web (or ?config=smtp)

Letters stored for example in /var/vmail/ have write and read rights only for the owner, owned by the user and the vmail:vmail group, so when transferring them to another server, you need to take this into account and set the command:

mv /backup/var/vmail/vmail1/ixnfo.com/u/usa-2019.02.20.22.59.19/Maildir/cur/*  /var/vmail/vmail1/ixnfo.com/u/usa-2020.03.24.04.27.33/Maildir/cur/
sudo chown vmail:vmail -R /var/vmail/vmail1/

Created jobs in cron during installation can be viewed with the following commands:

sudo crontab -e -u root
sudo crontab -e -u amavis

View Queue:

postqueue -p

I recommend restricting access to iredadmin by IP address via the /etc/nginx/templates/iredadmin.tmpl file.

If necessary, you can disable the greylisting plugin, since a lot of error messages did not reach the highly visited server because of it: Troubleshooting “Recipient address rejected: Intentional policy rejection, please try again later”

After installation, you can check the security of the mail server with some services:
https://www.immuniweb.com/ssl/
https://mxtoolbox.com/spf.aspx
https://mxtoolbox.com/DMARC.aspx

See also my articles:

Leave a comment

Leave a Reply

Discover more from IT Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading