Quickly Set Up a Mail Server on Debian 9 Stretch with Modoboa

Setting up a mail server on Linux from scratch is a pain in the neck. This tutorial is going to show you how to quickly set up your own email server on Debian 9 Stretch with Modoboa, saving you lots of time and headaches. Modoboa is a free and open-source mail hosting and management platform designed to work with Postfix SMTP server and Dovecot IMAP/POP3 server.

Modoboa is written in Python, released under the terms of ISC license. At the time of writing, the latest version is v1.14.0, released on July 5, 2019. Main features of Modoboa are as follows:

  • Modoboa by default uses Nginx web server to serve the webmail client and web-based admin panel.
  • Compatible with Postfix and Dovecot.
  • Supports MySQL/MariaDB, and PostgreSQL database.
  • Easily create unlimited mailboxes and unlimited mail domains in a web-based admin panel.
  • Easily create email alias in the web-based admin panel.
  • The webmail client provides an easy-to-use message filter to help you organize messages to different folders.
  • It can help you protect your domain reputation by monitoring email blacklists and generating DMARC reports, so your emails have a better chance to land in the inbox instead of the spam folder.
  • Includes amavis frontend to block spam and detect viruses in email.
  • Calendar and address book.
  • Integration with Let’s Encrypt to get a valid SSL/TLS certificate.
  • Includes AutoMX to allow end-users to easily configure mail account in a desktop or mobile mail client.

Note: The Modoboa installer is currently not compatible with Debian 10 Buster.

Step 1: Choose the Right Hosting Provider and Buy a Domain Name

To set up a complete email server with Modoboa, you need a server with at least 2GB RAM, because after the installation, your server will use more than 1GB of RAM. This tutorial is done on a $8.99/month Hostwinds VPS (virtual private server). I recommend Hostwinds because it does not block port 25, so you can send unlimited emails (transactional email and newsletters) without spending money on SMTP relay. Hostwinds doesn’t have any SMTP limits. You can send a million emails per day.

Other VPS providers like DigitalOcean blocks port 25. DigitalOcean would not unblock port 25, so you will need to set up SMTP relay to bypass blocking, which can cost you additional money. If you use Vultr VPS, then port 25 is blocked by default. They can unblock it if you open a support ticket, but they may block it again at any time if they decide your email sending activity is not allowed. Vultr actually may re-block it if you use their servers to send newsletters.

Go to Hostwinds website to create an account. Choose the 2GB unmanaged Linux VPS plan.

hostwinds mail server

Once you created an account, Hostwinds will send you an email with the server SSH login details. To log into your server, you use an SSH client. If you are using Linux or MacOS on your computer, then simply open up a terminal window and run the following command to log into your server. Replace 12.34.56.78 with your server’s IP address.

ssh [email protected]

You will be asked to enter the password. If you are using Windows, please read the following article on how to use SSH client.

It is recommended that you follow the instructions below on a clean install of Debian 9 OS.

You also need a domain name. I registered my domain name from NameCheap because the price is low and they give whois privacy protection free for life.

Step 2: Creating MX Record and A Record in DNS

The MX record specifies which host or hosts handle emails for a particular domain name. For example, the host that handles emails for linuxbabe.com is mail.linuxbabe.com. If someone with a Gmail account sends an email to [email protected], then Gmail server will query the MX record of linuxbabe.com. When it finds out that mail.linuxbabe.com is responsible for accepting email, it then query the A record of mail.linuxbabe.com to get the IP address, thus the email can be delivered.

You can log in to your domain registrar’s website (such as NameCheap) to create DNS records.

In your DNS manager, create a MX record for your domain name. Enter @ in the Name field to represent the main domain name, then enter mail.your-domain.com in the Value field.

modoboa web interface

Note: The hostname for MX record can not be an alias to another name. Also, It’s highly recommended that you use hostnames, rather than bare IP addresses for MX record.

Your DNS manager may require you to enter a preference value (aka priority value). It can be any number between 0 and 65,356. A small number has higher priority than a big number. You can enter 0 for your email server, or accept the default value.

After creating MX record, you also need to create an A record for mail.your-domain.com , so that it can be resolved to an IP address. If your server uses IPv6 address, be sure to add AAAA record.

If you use Cloudflare DNS service, you should not enable the CDN feature when creating A record for your mail server. Cloudflare does not support SMTP proxy.

Step 3: Set up Mail Server on Debian 9 Stretch with Modoboa Installer

Log into your server via SSH, then run the following command to update existing software packages.

sudo apt update

sudo apt upgrade

Debian 9 by default ships with Exim SMTP server. Since Modoboa will use Postfix SMTP server, we need to remove Exim.

sudo apt remove exim4 exim4-base exim4-daemon-light

Download modoboa installer from Github.

sudo apt install git

git clone https://github.com/modoboa/modoboa-installer

Modoboa is written in Python. Run the following command to install the necessary Python software.

sudo apt-get install python-virtualenv python-pip

Then navigate to the modoboa-installer directory and create a configuration file. Replace example.com with your own domain name.

cd modoboa-installer

sudo ./run.py --stop-after-configfile-check example.com

modoboa-mail-server-debian-9-stretch

Edit the configuration file installer.cfg with a command line text editor like nano.

sudo nano installer.cfg

To obtain a valid TLS certificate from Let’s Encrypt for your mail server, in [certificate] section, change the value of type from self-signed to letsencrypt.

type = letsencrypt

And change the email address from [email protected] to your real email address, which will be used for account recovery and important notifications.

modoboa installer

By default, Modoboa installer will install PostgreSQL database server, as indicated by the following lines in the config file.

[database]
engine = postgres
host = 127.0.0.1
install = true

If you would like to use MariaDB database server, then change the engine from postgres to mysql.  (Modoboa will install MariaDB instead of MySQL.)

modoboa mariadb database

To save the file in Nano text editor, press Ctrl+O, then press Enter to confirm. Press Ctrl+X to exit.

Now we need to verify if the DNS records are propagated to the Internet. Depending on the domain registrar you use, your DNS record might be propagated instantly, or it might take up to 24 hours to propagate. You can go to https://dnsmap.io, enter your mail server’s hostname (mail.example.com) to check DNS propagation.

If your DNS record are propagated,  run the following command to start the installation.

sudo ./run.py --interactive example.com

install modoboa debian 9 stretch

The installation process can take a while. It took 10 minutes on my Hostwinds server. If you experience an error during the installation, you can use the --debug option to see more detailed output.

sudo ./run.py --interactive --debug example.com

After Modoboa finishes installation, you can log into the admin panel with username admin and password password.

modoboa-mail-server-debian 9

Once you are logged in, you should go to Admin -> Settings -> Profile to change the password.

modoboa install

Step 4: Adding Mailboxes in Modoboa Admin Panel

Please note that the default admin account isn’t an email account. It can only be used to administer the mail server. To send emails, you need to add mailboxes with the admin account.

Go to Domains tab and click Add button to add a new domain.

modoboa review

Then enter your main domain name in the Name field. It is highly recommended that you enable DKIM signing, which can help with your domain reputation. In Key selector filed, you can enter a random word like modoboa.  Choose 2048 for the key length.

adding domain name in modoboa

In the next screen, you can choose to create an admin account for this particular domain name. The SMTP protocol requires that a mail server should have a [email protected] address.

modoboa postmaster account

Click the Submit button and your domain name will be added in Modoboa.

To add email addresses, go to Domains tab and click your domain name.

add mailboxes in modoboa

Then click mailboxes.

adding email addresses in modoboa

Click Add button and choose Account.

modoboa alias

Then choose Simple user as the role. Enter an email address in Username field and enter a password.

qucikly set up an email server modoboa

In the next screen, you can optionally create an alias for this email address.

create alias in modoboa

After clicking the submit button, the email address is created.

Step 5: Sending Test Emails

To login to the webmail, you need to log out the admin account first and then enter the user credentials.

modoboa login

Once you are logged into Modoboa webmail, you can send a test email from your private email server to your other email address and vice versa.

modoboa webmail

Inbound emails will be delayed for a few minutes, because by default Modoboa enables greylisting, which tells other sending SMTP server to try again in a few minutes. This is useful to block spam. The following message in /var/log/mail.log indicates greylisting is enabled.

postfix/postscreen[20995]: NOQUEUE: reject: RCPT from [34.209.113.130]:36980: 450 4.3.2 Service currently unavailable;

Step 6: Checking If Port 25 (outbound) is blocked

Your ISP or hosting provider won’t block incoming connection to port 25 of your server, which means you can receive emails from other mail servers. However, many ISP/hosting providers block outgoing connection to port 25 of other mail servers, which means you can’t send emails.

If your email didn’t arrive at your other email address such as Gmail, then run the following command on your mail server to check if port 25 (outbound) is blocked.

telnet gmail-smtp-in.l.google.com 25

If it’s not blocked, you would see messages like below, which indicates a connection is successfully established. (Hint: Type in quit and press Enter to close the connection.)

Trying 74.125.68.26...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP y22si1641751pll.208 - gsmtp

If port 25 (outbound) is blocked, you would see something like:

Trying 2607:f8b0:400e:c06::1a...
Trying 74.125.195.27...
telnet: Unable to connect to remote host: Connection timed out

In this case, your Postfix can’t send emails to other SMTP servers. Ask your ISP/hosting provider to open it for you. If they refuse your request, you need to set up SMTP relay to bypass port 25 blocking.

Step 7: Using Mail Clients on Your Computer or Mobile Device

Fire up your desktop email client such as Mozilla Thunderbird and add a mail account.

  • In the incoming server section, select IMAP protocol, enter mail.your-domain.com as the server name, choose port 143 and STARTTLS. Choose normal password as the authentication method.
  • In the outgoing section, select SMTP protocol, enter mail.your-domain.com as the server name, choose port 587 and STARTTLS. Choose normal password as the authentication method.

modoboa-mail-server-desktop-mail-client-configuration-automx

You can also use IMAP on port 993 with SSL/TLS encryption.

Step 8: Improving Your Email Server Reputation

To prevent your emails from being flagged as spam, you should set PTR, SPF, DKIM and DMARC records.

PTR record

A pointer record, or PTR record, maps an IP address to an FQDN (fully qualified domain name). It’s the counterpart to the A record and is used for reverse DNS lookup, which can help with blocking spammers. Many SMTP servers reject emails if no PTR record is found for the sending server.

To check the PTR record for an IP address, run this command:

dig -x IP-address +short

or

host IP-address

Because you get IP address from your hosting provider or ISP, not from your domain registrar, so you must set PTR record for your IP in the control panel of your hosting provider or ask your ISP.  Its value should be your mail server’s hostname: mail.your-domain.com. If your server uses IPv6 address, be sure to add a PTR record for your IPv6 address as well.

To edit the reverse DNS record for your Hostwinds VPS, log into Hostwinds client area, select Domains -> Manage rDNS, Then you can edit the reverse DNS record for both IPv4 and IPv6 address.

mail server reverse DNS record

SPF Record

SPF (Sender Policy Framework) record specifies which hosts or IP address are allowed to send emails on behalf of a domain. You should allow only your own email server or your ISP’s server to send emails for your domain. In your DNS management interface, create a new TXT record like below.

modoboa spf record

Explanation:

  • TXT indicates this is a TXT record.
  • Enter @ in the name field to represent the main domain name.
  • v=spf1 indicates this is a SPF record and the version is SPF1.
  • mx means all hosts listed in the MX records are allowed to send emails for your domain and all other hosts are disallowed.
  • ~all indicates that emails from your domain should only come from hosts specified in the SPF record. Emails that are from other hosts will be flagged as forged.

To check if your SPF record is propagated to the public Internet, you can use the dig utility on your Linux machine like below:

dig your-domain.com txt

The txt option tells dig that we only want to query TXT records.

DKIM Record

DKIM (DomainKeys Identified Mail) uses a private key to digitally sign emails sent from your domain. Receiving SMTP servers verify the signature by using the public key, which is published in the DNS DKIM record.

When we were adding domain name in Moboboa admin panel earlier, we enabled DKIM signing, so the signing part is taken care of. The only thing left to do is creating DKIM record in DNS manager. First go to Modoboa admin panel as the admin user and select your domain name. In the DNS section, click Show key button.

modoboa dkim signing

The public key will be revealed. There are two formats. We only need the Bind/named format.

modoboa dkim public key

Go to your DNS manager, create a TXT record, enter modoboa._domainkey in the Name field. (Recall that we used modoboa as the selector when adding domain name in the admin panel.) Copy everything in the parentheses and paste into the value field. Delete all double quotes. Your DNS manager may require you to delete other invalid characters, such as carriage return.

modoboa dkim format

For those who are interested, Modoboa uses OpenDKIM to generate private key for your domainkey and verify signatures of inbound emails.

DMARC Record

DMARC stands for Domain-based Message Authentication, Reporting and Conformance. DMARC can help receiving email servers to identify legitimate emails and prevent your domain name from being used by email spoofing.

To create a DMARC record, go to your DNS manager and add a TXT record. In the name field, enter _dmarc. In the value field, enter the following:

v=DMARC1; p=none; pct=100; rua=mailto:[email protected]

create dmarc record txt

The above DMARC record is a safe starting point. To see the full explanation of DMARC, please check the following article.

Step 9: Testing Email Score and Placement

After creating PTR, SPF, DKIM record, go to https://www.mail-tester.com. You will see a unique email address. Send an email from your domain to this address and then check your score. As you can see, I got a perfect score.

imporve email server reputation

Mail-tester.com can only show you a sender score. There’s another service called GlockApps that allow you to check if your email is placed in the recipient’s inbox or spam folder, or rejected outright. It supports many popular email providers like Gmail, Outlook, Hotmail, YahooMail, iCloud mail, etc

glockapps email placement test

What if Your Emails Are Still Being Marked as Spam?

I have more tips for you in this article: How to stop your emails from being marked as spam. Although it requires some time and effort, your emails will eventually be placed in inbox after applying these tips.

What if Your Email is Rejected by Microsoft Mailbox?

Microsoft seems to be using an internal blacklist that blocks many legitimate IP addresses. If your emails are rejected by Outlook or Hotmail, you need to submit the sender information form. After that, your email will be accepted by Outlook/Hotmail.

Auto-Renew Let’s Encrypt TLS Certificate

Modoboa installed the latest version of Let’s Encrypt client (certbot) as /opt/certbot-auto. Let’s Encrypt TLS certificate is valid for 90 days. To automatically renew the certificate, edit root user’s crontab file.

sudo crontab -e

Add the following line at the end of this file.

@daily /opt/certbot-auto renew -q && systemctl reload nginx postfix dovecot

Save and close the file. This tells Cron to run the certbot renew command every day. If the certificate has 30 days left, certbot will renew it. It’s necessary to reload Nginx web server, Postfix SMTP server and Dovecot IMAP server so they can pick up the new certificate.

Enabling SMTPS Port 465

If you are going to use Microsoft Outlook client, then you need to enable SMTPS port 465 in Postfix SMTP server.

(Optional) Set Up Autodiscover and AutoConfig to Automate Mail Client Configuration

Autodiscover and AutoConfig make it easy to configure a desktop or mobile mail client. The end user just need to enter a name, email address and password to set up his/her mail account, without having to enter the SMTP or IMAP server details. Autodiscover is supported by Microsoft Outlook mail client and AutoConfig is supported by Mozilla Thunderbird mail client.

Modoboa uses AutoMX to implement this feature on your mail server. All we need to do now is add CNAME records in DNS. In your DNS manager, create two CNAME records.

autoconfig.yourdomain.com       CNAME         mail.yourdomain.com
autodiscover.yourdomain.com     CNAME         mail.yourdomain.com

Go to the Domains tab in your Modoboa admin panel, if the autoconfig is in green, that means your CNAME records are correct. (Modoboa checks DNS records for your mail server every 30 minutes, so you might need to wait some time for autoconfig to turn green.)

modoboa automx

Once the CNAME records are propagated to Internet, you don’t have to enter the SMTP or IMAP server details when setting up mail account in Microsoft Outlook and Mozilla Thunderbird.

Host Multiple Domains in Modoboa

See the following article:

Wrapping Up

I hope this tutorial helped you set up a mail server on Debian 9 Stretch with Modoboa. As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks. Take care 🙂

Rate this tutorial
[Total: 5 Average: 4.8]

48 Responses to “Quickly Set Up a Mail Server on Debian 9 Stretch with Modoboa

  • John Long
    4 months ago

    Please i am getting error with my domain. DNS and A record.

    do i need a nameserver for my domain or do i need to host the domain first? please help

    • You can use your domain’s registrar’s name server and you can create DNS record at your domain registar’s website.

      You don’t need to host a website before setting up mail server.

      • John Long
        4 months ago

        I did everything. the installation was successful. but my domain is not connecting even after creating the DNS and A record. here is my domain name. NETEASEACCOUNTS.COM. I tried to ping the domain name and it said host could not be found. i tried running –debug and i got the below error.

        http-01 challenge for mail.neteaseaccounts.com
        Waiting for verification…
        Challenge failed for domain mail.neteaseaccounts.com
        http-01 challenge for mail.neteaseaccounts.com
        Cleaning up challenges
        Some challenges have failed.

        IMPORTANT NOTES:
        – The following errors were reported by the server:

        Domain: mail.neteaseaccounts.com
        Type: connection
        Detail: dns :: DNS problem: NXDOMAIN looking up A for
        mail.neteaseaccounts.com

        To fix these errors, please make sure that your domain name was
        entered correctly and the DNS A/AAAA record(s) for that domain
        contain(s) the right IP address. Additionally, please check that
        your computer has a publicly routable IP address and that no
        firewalls are preventing the server from communicating with the
        client. If you’re using the webroot plugin, you should also verify
        that you are serving files from the webroot path you provided.
        Can’t open /etc/letsencrypt/renewal/mail.neteaseaccounts.com.conf: No such file or directory.

    • I see you are using NameCheap’s name server, but I didn’t find the MX record for neteaseaccounts.com and the A record for mail.neteaseaccounts.com.

      Create the two records in your NameCheap account.

      Maybe you should wait some time after creating DNS records, because it can take some time for the DNS records to be propagated to the Internet.

    • Use dig command to check your MX record.

      dig MX neteaseaccounts.com

      Check your A record.

      dig A mail.neteaseaccounts.com
    • I see there’s A record for neteaseaccounts.com, but there’s no A record for mail.neteaseaccounts.com.

      • John Long
        4 months ago

        How do i set up a record for mail.neteaseaccounts.com?

        my imput on namecheap is
        @ IP

      • John Long
        4 months ago

        AND I USED https://www.whatsmydns.net/#MX/NETEASEACCOUNTS.COM to check my MX and A record both are pointing to my server.

      • John Long
        4 months ago

        I did everything both the A / MX record and still the login page is not coming up it showing below error on my browser. is there something im doing wrong?

        This site can’t be reached mail.neteaseaccounts.com’s server IP address could not be found.
        Try running Windows Network Diagnostics.
        DNS_PROBE_FINISHED_NXDOMAIN

    • Replace

      @ IP

      with

      mail IP
    • I see there’s A record for mail.neteaseaccounts.com now.

      You should now run the following command to complete the Modoboa installation.

      sudo ./run.py --interactive neteaseaccounts.com
      • John Long
        4 months ago

        Thank you so much. its working now. another question bro. I am trying to build my own mass mailer application that works on windows, a .exe software that send up to 3k mails in less than 2seconds. is there a tutorial you can direct me to. i would really appreciate. thanks again.

      • John Long
        4 months ago

        My smtp on port 587 is not working. i tried using it on third party app but its not connecting and its showing error.

    • I don’t teach people how to install something on Windows. This is a Linux blog.

    • Check if you can login from a desktop mail client.

      • John Long
        4 months ago

        I tried connecting it with desktop mail client mozilla thunderbird and its not connecting. so i need to set anything from the admin?

      • John Long
        4 months ago

        Hi bro, still having issue connecting with thunderbird

    • Maybe you have enabled a firewall, and you need to open port 587. Also open the IMAP port 143 and 993.

      • John Long
        4 months ago

        I can send directly from the web, but not connecting with other mail client. i also tried to ping the smtp but failed to connect as well. please how can i enable the port? is it from my server terminal or my hosting panel?

    • Are you running Modoboa on a clean install of Debian 9 OS?

    • By default, a clean Debian 9 OS does not enable firewall. So you may need to find if there’s any firewall settings in your hosting panel.

      Also, check the mail log (/var/log/mail.log), which may give you some clue.

      • John Long
        4 months ago

        Hi bro this is the error message im getting from the mail.log

        No DNS record found for autodiscover.neteaseaccounts.com

    • Autodiscover and AutoConfig make it easy to configure a desktop or mobile mail client, but it’s not mandatory.

      If you want to enable them, simply create two CNAME records in your DNS manager.

      autoconfig.yourdomain.com    CNAME         mail.yourdomain.com
      autodiscover.yourdomain.com     CNAME         mail.yourdomain.com

      It’s optional.

      You can use the nmap command from another Linux box to scan your email server’s open port to see if port 587, 143 and 993 is open.

      sudo apt install nmap
      sudo nmap mail.yourdomain.com

      If the ports are open but you still can’t login, you might as well start it over, because running the run.py scipt multiple times can corrupt some files. It’s not a big task to reinstall Debian 9 and Modoboa.

      • John Long
        4 months ago

        Thanks a lot bro. its working now. one more question please. is there any app on linux for sending bulk messages?

    • I’m currently using Mailtrain to send newsletters/bulk emails. You can check out the following article. (It’s written for Ubuntu 18.04, but most of the commands works on Debian 9.)

      How to Install Mailtrain on Ubuntu 18.04 without docker

      • John Long
        4 months ago

        Alright thank. I will check that out. one last thing. which hosting company is the best for sending bulk messages to office 365 users without being blacklist after sending less than 100 messages.

        thanks for your help.

    • I’m using Hostwinds VPS to send newsletters and I don’t see my IP address being blacklisted by Exchange mail servers.

      It’s important that you follow bulk email sending best practices, which you can find on Gmail, Yahoo, outlook’s postmaster guideline.

  • Hello
    How to use ssl cloudflare on the file configuration ?
    Sorry for my English i am french.

    • You can’t use Cloudflare SSL certificate on your mail server, because they can be only used on Cloudflare’s edge servers. By the way, you shouldn’t enable CDN on the mail server hostname (mail.your-domain.com) in Cloudflare.

  • Installed modoboa, message camethat I now can enjoy Modoboa at… but when I try to open the link I get nothing. Website is not available. If I ping mail.mydomain.eu my server responds. I would appreciate any help

  • When I try: service nginx status

    Iget the following:

    nginx -t -c /etc/nginx/nginx.conf
    nginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/mail.sacred-skies.eu/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or d irectory:fopen(‘/etc/letsencrypt/live/mail.sacred-skies.eu/fullchain.pem’,’r’) error:2006D080:BIO routines:BIO_new_file:no such file)
    nginx: configuration file /etc/nginx/nginx.conf test failed
    [email protected]:~/modoboa-installer# nginx -t
    nginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/mail.sacred-skies.eu/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/etc/letsencrypt/live/mail.sacred-skies.eu/fullchain.pem’,’r’) error:2006D080:BIO routines:BIO_new_file:no such file)
    nginx: configuration file /etc/nginx/nginx.conf test failed
    [email protected]:~/modoboa-installer# sudo lsof -i:80
    [email protected]:~/modoboa-installer# service nginx status
    ● nginx.service – A high performance web server and a reverse proxy server
    Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
    Active: failed (Result: exit-code) since Mon 2019-10-07 17:09:25 UTC; 4min 40s ago
    Docs: man:nginx(8)
    Process: 29673 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
    Main PID: 15402 (code=exited, status=0/SUCCESS)

    Oct 07 17:09:25 mail.sacred-skies.eu systemd[1]: Starting A high performance web server and a reverse proxy server…
    Oct 07 17:09:25 mail.sacred-skies.eu nginx[29673]: nginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/mail.sacred-skies.eu/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/etc/letsencrypt
    Oct 07 17:09:25 mail.sacred-skies.eu nginx[29673]: nginx: configuration file /etc/nginx/nginx.conf test failed
    Oct 07 17:09:25 mail.sacred-skies.eu systemd[1]: nginx.service: Control process exited, code=exited status=1
    Oct 07 17:09:25 mail.sacred-skies.eu systemd[1]: Failed to start A high performance web server and a reverse proxy server.
    Oct 07 17:09:25 mail.sacred-skies.eu systemd[1]: nginx.service: Unit entered failed state.
    Oct 07 17:09:25 mail.sacred-skies.eu systemd[1]: nginx.service: Failed with result ‘exit-code’.

  • BlogdeMichel
    1 month ago

    Hello,
    There is no more update? Nothing on the deposit for several months!
    Thank you

  • BlogdeMichel
    1 month ago

    On Motoboa it is stated that my DKIM is found and correct. Yet when I test with mail-tester he m’inque: Your message is not signed with DKIM.
    I missed some things.
    Thank you

  • As in december 2019, could I use Modoboa-installer on Debian 10 Buster?

    • The Modoboa installer hasn’t been updated since July 5, 2019. It’s currently not compatible with Debian 10, because it requires the ripole and zoo packages, which are removed from Debian 10 repository.

      But you can install Modoboa on Debian 9, then upgrade to Debian 10.

  • BlogdeMichel
    2 weeks ago

    Hello, I would not use quarantine and have the span in the span of my webmail. Has anyone already done this? Thank you

  • Nejat Hakan
    1 week ago

    Hello Xiao,

    thank you so much for this short AND effective guide. It works like a charm on Debian 9 stretch.

    Question1: Hardening /Securing
    –> Could you please update your guide and add an hardening section for example for fail2ban and firewall configuration (ufw and iptables) ?
    I was searching in the internet how to make my Modoboa mail server secure but I could not find any guide or howto.
    If you have a link to an existing guide/howto for us, please post it here so we can benefit from securing Modoboa.

    Question2: Debian Buster 10
    –> You wrote in the past, that you have Buster on your to do list. Could you please give us a status?

    Question3: Supporting your engagement
    –> Could you please give us a possibility to donate you some coffees to show you our gratefulness and or to motivate you for new guides like Debian 10 Buster *hearteyes* :-)))))))

    Thank you so much in advance yours
    Nejat Hakan

    • 1.) You can read the following article to learn how to use UFW.
      Getting Started with UFW Firewall on Debian, Ubuntu, Linux Mint Server

      I will write a fail2ban tutorial in the future.

      To secure the Modoboa web application, to best way is probably create a whitelist and allow only your own IP address to access it. I will probably explain this in detail in the future.

      2.) The Modoboa installer hasn’t been updated since July 5, 2019. It’s currently not compatible with Debian 10, because it requires the riprole and zoo packages, which are removed from Debian 10 repository.

      But you can install Modoboa on Debian 9, then upgrade to Debian 10.

      3.) Glad to hear you want to make a donation. Unlike other Linux blogs, my blog doesn’t have any intrusive and unpleasant advertisement. I do need some motivation so I can put more time and energy to write more articles.

      Currently you can go to the donation page to find how you can support this site.

      Inspired by your kind words, I’m planning to set up a web page like Patreon, but it will be self-hosted with my own bitcoin payment processor on the lightning network to reduce transaction fees. It will also support credit card payment.

      • Nejat Hakan
        7 seconds ago

        Hello Xiao,

        thank you verry much for your answers. Not only to me but all the other answers to the other folks too *hearteyes*. Helps me and everyone so much.

        Peace be with you
        SHALOM
        SELAMU ALEYKUM
        *and best greetings in your own mother language as well of course*

        Yours Nejat

  • Carlos
    3 days ago

    Hello and thank you very much for this guide, at the moment it works in Debian 10.
    At the moment I am receiving emails with the text *** UNCHECKED ***.
    It can be fixed?

    Thank you very much

    • If you can copy and paste the email here (redact sensitive information), that would be better for me to understand your situation.

      • Carlos
        2 days ago

        Thanks for answering, the problem was that spamassassin and clamav were not working, I had a 1GB VPS and these applications need 2GB as you indicated at the beginning of the tutorial and I confirm that at the moment it works fine in Debian 10.

        I have two questions please:

        1. Is it safe to make this email server?
        2. I just need to have “green” DNSBL, I see that the problem is common with “spam.dnsbl.sorbs.net” and “b.barracudacentral.org”, how do you solve it?

        Thank you very much for your passivity.

    • As I said 1GB is not enough to run Modoboa mail server, your database, SpamAssassin, or ClamAV could be killed due to out-of-memory problem.

      1.) If Modoboa is not safe, then I wouldn’t write this article.

      2.) You go to the sorbs.net and barracudacentral.org website, then request delisting your IP address.

  • BlogdeMichel
    20 hours ago

    Hello, I already asked the question without answer and I have not found elsewhere.
    I would just like spam mails to be directed to the spam directory of the webmail and not in the quarantine.
    As I do not use the Modoboa webmail (too limited) I do not see spam. Can we do that?
    Thank you

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community (https://community.linuxbabe.com) for questions unrelated to this article.
  • I don't have time to answer every question. Making a donation would incentivize me to spend more time answering questions.