How to Quickly Set up a Mail Server on Ubuntu 18.04 with Modoboa

This tutorial is going to show you how to quickly set up your own email server on Ubuntu 18.04 with Modoboa, which is a free and open-source mail hosting and management platform designed to work with Postfix SMTP server and Dovecot IMAP/POP3 server.

Modoboa is written in Python, released under the terms of ISC license. The latest version is v1.14.0, released on July 5, 2019. Main features of Modoboa are as follows:

  • Modoboa by default uses Nginx web server to serve the webmail client and web-based admin panel.
  • Compatible with Postfix and Dovecot.
  • Support MySQL/MariaDB, or PostgreSQL database.
  • Easily create unlimited mailboxes and unlimited mail domains in a web-based admin panel.
  • Easily create email alias in the web-based admin panel.
  • The webmail client provides an easy-to-use message filter to help you organize messages to different folders.
  • It can help you protect your domain reputation by monitoring email blacklists and generating DMARC reports, so your emails have a better chance to land in the inbox instead of the spam folder.
  • Includes amavis frontend to block spam and detect viruses in email.
  • Calendar and address book.
  • Integration with Let’s Encrypt.
  • Includes AutoMX to allow end-users to easily configure mail account in a desktop or mobile mail client.

Step 1: Choose the Right Hosting Provider and Buy a Domain Name

To set up a complete email server with Modoboa, you need a server with at least 2GB RAM, because after the installation, your server will use more than 1GB of RAM. This tutorial is done on a $8.99/month Hostwinds VPS (virtual private server). I recommend Hostwinds because it does not block port 25, so you can send unlimited emails (transactional email and newsletters) without spending money on SMTP relay. Hostwinds doesn’t have any SMTP limits. You can send a million emails per day.

Other VPS providers like DigitalOcean blocks port 25. DigitalOcean would not unblock port 25, so you will need to set up SMTP relay to bypass blocking, which can cost you additional money. If you use Vultr VPS, then port 25 is blocked by default. They can unblock it if you open a support ticket, but they may block it again at any time if they decide your email sending activity is not allowed. Vultr actually may re-block it if you use their servers to send newsletters.

Go to Hostwinds website to create an account. Choose the 2GB unmanaged Linux VPS plan.

hostwinds mail server

Once you created an account, Hostwinds will send you an email with the server SSH login details. To log into your server, you use an SSH client. If you are using Linux or MacOS on your computer, then simply open up a terminal window and run the following command to log into your server. Replace 12.34.56.78 with your server’s IP address.

ssh root@12.34.56.78

You will be asked to enter the password. If you are using Windows, please read the following article on how to use SSH client.

It is highly recommended that you follow the instructions below on a clean install of Ubuntu 18.04 system. Installing a piece of complex server software like Modoboa on a non-LTS Ubuntu is discouraged as you will probably encounter problems when upgrading your OS every 9 months. The software author doesn’t have time to support every Ubuntu release. It is far better for your mail server to stay stable for 2 or 5 years.

You also need a domain name. I registered my domain name from NameCheap because the price is low and they give whois privacy protection free for life.

Step 2: Creating DNS MX Record

The MX record specifies which host or hosts handle emails for a particular domain name. For example, the host that handles emails for linuxbabe.com is mail.linuxbabe.com. If someone with a Gmail account sends an email to somebody@linuxbabe.com, then Gmail server will query the MX record of linuxbabe.com. When it finds out that mail.linuxbabe.com is responsible for accepting email, it then query the A record of mail.linuxbabe.com to get the IP address, thus the email can be delivered.

In your DNS manager, create a MX record for your domain name. Enter @ in the Name field to represent the main domain name, then enter mail.your-domain.com in the Value field.

modoboa web interface

Note: The hostname for MX record can not be an alias to another name. Also, It’s highly recommended that you use hostnames, rather than bare IP addresses for MX record.

Your DNS manager may require you to enter a preference value (aka priority value). It can be any number between 0 and 65,356. A small number has higher priority than a big number. You can enter 0 for your email server, or accept the default value.

After creating MX record, you also need to create an A record for mail.your-domain.com , so that it can be resolved to an IP address. If your server uses IPv6 address, be sure to add AAAA record.

If you uses Cloudflare DNS service, you should not enable the CDN feature when creating A record for your mail server.

Step 3: Set up Mail Server on Ubuntu 18.04 with Modoboa Installer

Log into your server via SSH, then run the following commands to update software packages.

sudo apt update

sudo apt upgrade

Download modoboa installer from Github.

git clone https://github.com/modoboa/modoboa-installer

Modoboa is written in Python. Run the following command to install the necessary Python software.

sudo apt-get install python3-virtualenv python3-pip

Then navigate to the modoboa-installer directory and create a configuration file. Replace example.com with your own domain name.

cd modoboa-installer

sudo ./run.py --stop-after-configfile-check example.com

modoboa mail server

Edit the configuration file installer.cfg with a command line text editor like nano.

sudo nano installer.cfg

To obtain a valid TLS certificate from Let’s Encrypt for your mail server, in [certificate] section, change the value of type from self-signed to letsencrypt.

type = letsencrypt

And change the email address from admin@example.com to your real email address, which will be used for account recovery and important notifications. You will not be able to obtain and install Let’s Encrypt certificate if you use the default email address.

modoboa installer

By default, Modoboa installer will install PostgreSQL database server, as indicated by the following lines in the config file.

[database]
engine = postgres
host = 127.0.0.1
install = true

If you would like to use MariaDB database server, then change the engine from postgres to mysql.  (Modoboa will install MariaDB instead of MySQL.)

modoboa mariadb database

Save and close the file. (To save a file in Nano text editor, press Ctrl+O, then press Enter to confirm. To exit, press Ctrl+X.)

Next, you should use a fully-qualified domain name (FQDN) as the hostname for your mail server, such as mail.example.com. Run the following command to set the hostname.

sudo hostnamectl set-hostname mail.example.com

Now we need to verify if the DNS records are propagated to the Internet. Depending on the domain registrar you use, your DNS record might be propagated instantly, or it might take up to 24 hours to propagate. You can go to https://dnsmap.io, enter your mail server’s hostname (mail.example.com) to check DNS propagation.

If your DNS record is propagated, run the following command to start the installation.

sudo ./run.py --interactive example.com

install modoboa ubuntu

The installation process can take a while. It took 10 minutes on my Hostwinds server. If you see an error during the installation, you can use the --debug option to see more detailed output.

sudo ./run.py --interactive --debug example.com

After Modoboa finishes the installation, you can log into the admin panel with username admin and password password.

modoboa mail server ubuntu 18.04

Once you are logged in, you should go to Admin -> Settings -> Profile to change the password.

modoboa install

Step 4: Adding Mailboxes in Modoboa Admin Panel

Go to Domains tab and click Add button to add a new domain.

modoboa review

Then enter your main domain name in the Name field. It is highly recommended that you enable DKIM signing, which can help with your domain reputation. In Key selector field, you can enter a random word like modoboa.  Choose 2048 as the key length.

adding domain name in modoboa

In the next screen, you can choose to create an admin account for your domain. The SMTP protocol requires that a mail server should have a postmaster@example.com address.

modoboa postmaster account

Click the Submit button and your domain name will be added in Modoboa.

To add email addresses, go to Domains tab and click your domain name.

add mailboxes in modoboa

Then click mailboxes.

adding email addresses in modoboa

Click Add button and choose Account.

modoboa alias

Then choose Simple user as the role. Enter an email address in Username field and enter a password.

qucikly set up an email server modoboa

In the next screen, you can optionally create an alias for this email address.

create alias in modoboa

After clicking the submit button, the email address is created.

Step 5: Sending Test Emails

To login to the webmail, you need to log out the admin account first and then enter the user credentials.

modoboa login

Once you are logged into Modoboa webmail, you can send a test email from your private email server to your other email address and vice versa.

modoboa webmail

Inbound emails will be delayed for a few minutes, because by default Modoboa enables greylisting, which tells other sending SMTP server to try again in a few minutes. This is useful to block spam. The following message in /var/log/mail.log indicates greylisting is enabled.

postfix/postscreen[20995]: NOQUEUE: reject: RCPT from [34.209.113.130]:36980: 450 4.3.2 Service currently unavailable;

However, greylisting can be rather annoying. You can disable it by editing the Postfix main configuration file.

sudo nano /etc/postfix/main.cf

Find the following lines at the end of the file and comment them out. (Add a # character at the beginning of each line.)

postscreen_pipelining_enable = yes
postscreen_pipelining_action = enforce

postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_action = enforce

postscreen_bare_newline_enable = yes
postscreen_bare_newline_action = enforce

Save and close the file. Then restart Postfix for the changes to take effect.

sudo systemctl restart postfix

Now you should be able to receive emails without waiting several minutes.

Adding Swap Space

ClamAV is used to scan viruses in email messages. ClamAV can use a fair amount of RAM. If there’s not enough RAM on your server, ClamAV won’t work properly, which will prevent your mail server from sending emails. You can add a swap file to your server to increase the total RAM on your server. (Note that using swap space on the server will degrade server performance. If you want better performance, you should upgrade the physical RAM instead of using swap space.)

To add swap space on the server, first, use the fallocate command to create a file. For example, create a file named swapfile with 1G capacity in root file system:

sudo fallocate -l 1G /swapfile

Then make sure only root can read and write to it.

sudo chmod 600 /swapfile

Format it to swap:

sudo mkswap /swapfile

Output:

Setting up swapspace version 1, size = 1024 MiB (1073737728 bytes)
no label, UUID=0aab5886-4dfb-40d4-920d-fb1115c67433

Enable the swap file

sudo swapon /swapfile

To mount the swap space at system boot time, edit the /etc/fstab file.

sudo nano /etc/fstab

Add the following line at the bottom of this file.

/swapfile    swap    swap     defaults    0   0

Save and close the file. Then reload systemd.

sudo systemctl daemon-reload

Step 6: Checking If Port 25 (outbound) is blocked

Your ISP or hosting provider won’t block incoming connection to port 25 of your server, which means you can receive emails from other mail servers. However, many ISP/hosting providers block outgoing connection to port 25 of other mail servers, which means you can’t send emails.

If your email didn’t arrive at your other email address such as Gmail, then run the following command on your mail server to check if port 25 (outbound) is blocked.

telnet gmail-smtp-in.l.google.com 25

If it’s not blocked, you would see messages like below, which indicates a connection is successfully established. (Hint: Type in quit and press Enter to close the connection.)

Trying 74.125.68.26...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP y22si1641751pll.208 - gsmtp

If port 25 (outbound) is blocked, you would see something like:

Trying 2607:f8b0:400e:c06::1a...
Trying 74.125.195.27...
telnet: Unable to connect to remote host: Connection timed out

In this case, your Postfix can’t send emails to other SMTP servers. Ask your ISP/hosting provider to open it for you. If they refuse your request, you need to set up SMTP relay to bypass port 25 blocking.

Still Can’t Send Email?

If port 25 (outbound) is not blocked, but you still can’t send emails from your own mail server to your other email address like Gmail, then you should check the mail log (/var/log/mail.log).

sudo nano /var/log/mail.log

For example, some folks might see the following lines in the file.

host gmail-smtp-in.l.google.com[2404:6800:4003:c03::1b] said: 550-5.7.1 [2a0d:7c40:3000:b8b::2] Our system has detected that 550-5.7.1 this message does not meet IPv6 sending guidelines regarding PTR 550-5.7.1 records and authentication. Please review 550-5.7.1 https://support.google.com/mail/?p=IPv6AuthError for more information

This means your mail server is using IPv6 to send the email, but you didn’t set up IPv6 records. You should go to your DNS manager, set AAAA record for mail.your-domain.com, then you should set PTR record for your IPv6 address, which is discussed in step 8.

Step 7: Using Mail Clients on Your Computer or Mobile Device

Fire up your desktop email client such as Mozilla Thunderbird and add a mail account.

  • In the incoming server section, select IMAP protocol, enter mail.your-domain.com as the server name, choose port 143 and STARTTLS. Choose normal password as the authentication method.
  • In the outgoing section, select SMTP protocol, enter mail.your-domain.com as the server name, choose port 587 and STARTTLS. Choose normal password as the authentication method.

ubuntu postfix dovecot letsencrypt https

You can also use IMAP on port 993 with SSL/TLS encryption.

Step 8: Improving Email Deliverability

To prevent your emails from being flagged as spam, you should set PTR, SPF, DKIM and DMARC records.

PTR record

A pointer record, or PTR record, maps an IP address to a FQDN (fully qualified domain name). It’s the counterpart to the A record and is used for reverse DNS lookup, which can help with blocking spammers. Many SMTP servers reject emails if no PTR record is found for the sending server.

To check the PTR record for an IP address, run this command:

dig -x IP-address +short

or

host IP-address

PTR record isn’t managed by your domain registrar. It’s managed by the organization that gives you an IP address. Because you get IP address from your hosting provider or ISP, not from your domain registrar, so you must set PTR record for your IP in the control panel of your hosting provider or ask your ISP.  Its value should be your mail server’s hostname: mail.your-domain.com. If your server uses IPv6 address, be sure to add a PTR record for your IPv6 address as well.

To edit the reverse DNS record for your Hostwinds VPS, log into Hostwinds client area, select Domains -> Manage rDNS, Then you can edit the reverse DNS record for both IPv4 and IPv6 address.

mail server reverse DNS record

SPF Record

SPF (Sender Policy Framework) record specifies which hosts or IP address are allowed to send emails on behalf of a domain. You should allow only your own email server or your ISP’s server to send emails for your domain. In your DNS management interface, create a new TXT record like below.

modoboa spf record

Explanation:

  • TXT indicates this is a TXT record.
  • Enter @ in the name field to represent the main domain name.
  • v=spf1 indicates this is a SPF record and the version is SPF1.
  • mx means all hosts listed in the MX records are allowed to send emails for your domain and all other hosts are disallowed.
  • ~all indicates that emails from your domain should only come from hosts specified in the SPF record. Emails that are from other hosts will be flagged as forged.

To check if your SPF record is propagated to the public Internet, you can use the dig utility on your Linux machine like below:

dig your-domain.com txt

The txt option tells dig that we only want to query TXT records.

DKIM Record

DKIM (DomainKeys Identified Mail) uses a private key to digitally sign emails sent from your domain. Receiving SMTP servers verify the signature by using the public key, which is published in the DNS DKIM record.

When we were adding domain name in Moboboa admin panel earlier, we enabled DKIM signing, so the signing part is taken care of. The only thing left to do is creating DKIM record in DNS manager. First go to Modoboa admin panel and select your domain name. In the DNS section, click Show key button.

modoboa dkim signing

The public key will be revealed. There are two formats. We only need the Bind/named format.

modoboa dkim public key

Go to your DNS manager, create a TXT record, enter modoboa._domainkey in the Name field. (Recall that we used modoboa as the selector when adding domain name in the admin panel.) Copy everything in the parentheses and paste into the value field. Delete all double quotes. Your DNS manager may require you to delete other invalid characters, such as carriage return.

modoboa dkim format

For those who are interested, Modoboa uses OpenDKIM to generate private key for your domainkey and verify signatures of inbound emails.

DMARC Record

DMARC stands for Domain-based Message Authentication, Reporting and Conformance. DMARC can help receiving email servers to identify legitimate emails and prevent your domain name from being used by email spoofing.

To create a DMARC record, go to your DNS manager and add a TXT record. In the name field, enter _dmarc. In the value field, enter the following:

v=DMARC1; p=none; pct=100; rua=mailto:dmarc-reports@your-domain.com

create dmarc record txt

The above DMARC record is a safe starting point. To see the full explanation of DMARC, please check the following article.

Step 7: Testing Email Score and Placement

After creating PTR, SPF, DKIM record, go to https://www.mail-tester.com. You will see a unique email address. Send an email from your domain to this address and then check your score. As you can see, I got a perfect score.

imporve email server reputation

Mail-tester.com can only show you a sender score. There’s another service called GlockApps that allow you to check if your email is placed in the recipient’s inbox or spam folder, or rejected outright. It supports many popular email providers like Gmail, Outlook, Hotmail, YahooMail, iCloud mail, etc

glockapps email placement test

What if Your Emails Are Still Being Marked as Spam?

I have more tips for you in this article: How to stop your emails from being marked as spam. Although it will take some time and effort, your emails will eventually be placed in the inbox after applying these tips.

What if Your Email is Rejected by Microsoft Mailbox?

Microsoft seems to be using an internal blacklist that blocks many legitimate IP addresses. If your emails are rejected by Outlook or Hotmail, you need to submit the sender information form. After that, your email will be accepted by Outlook/Hotmail.

Auto-Renew Let’s Encrypt TLS Certificate

Modoboa installed the latest version of Let’s Encrypt client (certbot) as /opt/certbot-auto. You can find the location of certbot binary by executing the following command.

sudo find / -name "*certbot*"

Let’s Encrypt TLS certificate is valid for 90 days. To automatically renew the certificate, edit root user’s crontab file.

sudo crontab -e

Add the following line at the end of this file.

@daily /opt/certbot-auto renew -q && systemctl reload nginx postfix dovecot

Save and close the file. This tells Cron to run the certbot renew command every day. If the certificate has 30 days left, certbot will renew it. It’s necessary to reload Nginx web server, Postfix SMTP server and Dovecot IMAP server so they can pick up the new certificate.

Enabling SMTPS Port 465

If you are going to use Microsoft Outlook client, then you need to enable SMTPS port 465 in Postfix SMTP server.

Troubleshooting

First, please use a VPS with at least 2GB RAM. Running Modoboa on a 1GB RAM VPS will cause the database, SpamAssassin, or ClamAV to be killed because of out-of-memory problem. If you really want to use a 1GB RAM VPS, you are going to lose incoming emails and have other undesirable outcomes.

If the Modoboa web interface isn’t accessible, like a 502 gateway error, you should check the Nginx logs in /var/log/nginx/ directory to find clues. You may also want to check the mail log /var/log/mail.log.

Check if the various services are running.

systemctl status postfix

systemctl status dovecot

systemctl status nginx

systemctl status mariadb

systemctl status clamav-daemon

systemctl status amavis

systemctl status uwsgi 

systemctl status supervisor

If you enabled the firewall, you should open the following ports in the firewall.

HTTP port:  80
HTTPS port: 443
SMTP port:  25
Submission port: 587 (and 465 if you are going to use Microsoft Outlook mail client)
IMAP port:  143 and 993

If you would like to use the UFW firewall, check my guide here: Getting started with UFW firewall on Debian and Ubuntu.

I found that the clamav-daemon service has a tendency to stop without clear reason even when there’s enough RAM. This will delay emails for 1 minute. We can configure it to automatically restart if it stops via the systemd service unit. Copy the original service unit file to the /etc/systemd/system/ directory.

sudo cp /lib/systemd/system/clamav-daemon.service /etc/systemd/system/clamav-daemon.service

Then edit the service unit file.

sudo nano /etc/systemd/system/clamav-daemon.service

Add the following two lines in the [service] section.

Restart=always
RestartSec=3

Like this:

[Service]
ExecStart=/usr/sbin/clamd --foreground=true
# Reload the database
ExecReload=/bin/kill -USR2 $MAINPID
StandardOutput=syslog
Restart=always
RestartSec=3

Save and close the file. Then reload systemd and restart clamav-daemon.service.

sudo systemctl daemon-reload
sudo systemctl restart clamav-daemon

(Optional) Set Up Autodiscover and AutoConfig to Automate Mail Client Configuration

Autodiscover and AutoConfig make it easy to configure a desktop or mobile mail client. The end-user just needs to enter a name, email address and password to set up his/her mail account, without having to enter the SMTP or IMAP server details. Autodiscover is supported by Microsoft Outlook mail client and AutoConfig is supported by Mozilla Thunderbird mail client.

Modoboa uses AutoMX to implement this feature on your mail server. All we need to do now is add CNAME records in DNS. In your DNS manager, create two CNAME records.

autoconfig.yourdomain.com       CNAME         mail.yourdomain.com
autodiscover.yourdomain.com     CNAME         mail.yourdomain.com

Go to the Domains tab in your Modoboa admin panel, if the autoconfig is in green, that means your CNAME records are correct. (Modoboa checks DNS records for your mail server every 30 minutes, so you might need to wait some time for autoconfig to turn green.)

modoboa automx

Once the CNAME records are propagated to the Internet, you don’t have to enter the SMTP or IMAP server details when setting up a mail account in Microsoft Outlook and Mozilla Thunderbird.

Host Multiple Domains in Modoboa

See the following article:

Setting Up Backup Mail Server

Your primary mail server could be down sometimes. If you host your mail server in a data center, then the downtime is very minimal, so you shouldn’t be worried about losing inbound emails. If you host your mail server at home, the downtime can’t be predicted so it’s a good practice for you to run a backup mail server in a data center to prevent losing inbound emails. The backup mail server needs just 512MB RAM to run. Please check the full detail in the following article.

I hope this tutorial helped you set up a mail server on Ubuntu 18.04 with Modoboa. As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks. Take care 🙂

Rate this tutorial
[Total: 20 Average: 5]

249 Responses to “How to Quickly Set up a Mail Server on Ubuntu 18.04 with Modoboa

  • Mysterion
    2 years ago

    Thanks! Worked like a charm!

  • I mentioned this in the article, but I want to say it again: The best practice to run Modoboa is using a clean fresh OS.

    Generally speaking, if there’s a script that will install lots of software, it’s a good practice to install it on a clean freash OS. Otherwise, the install script might mess up the existing configurations of your software, making it unusable. Or maybe a component of the softwar stack needs to bind to a port, but it’s already been taken by an existing process on the server, resulting in installation failure.

    Unless you are very knowledgeable about every piece of software on the server and can spead lots of time debugging, it’s not recommended to install Modoboa on a server that has other applications running.

    I have seen many folks who didn’t follow this advice bork the applications on their servers.

  • Hi
    could i disable antispam/antivirus checking for incoming mails?
    in my case i have antispam/antivirus gateway ,so idont need that mail server will check too
    thanks

    • Amavis and ClamAV use about 1.3GB RAM. If your server doesn’t have enough RAM, you might not be able to receive emails. If you don’t need AntiVirus on your mail server, you can disable Amavis and ClamAV. This will save you 1.3GB RAM.

      Edit Postfix master configuration file.

      sudo nano /etc/postfix/master.cf

      Find the following lines in this file and comment them out.

      -o smtpd_proxy_filter=inet:[127.0.0.1]:10024
      -o smtpd_proxy_options=speed_adjust
      
      -o milter_macro_daemon_name=ORIGINATING
      -o smtpd_proxy_filter=inet:[127.0.0.1]:10026
      

      Save and close the file. Then restart Postfix.

      sudo systemctl restart postfix

      Now you can stop Amavis and ClamAV.

      sudo systemctl stop amavis clamav-daemon

      And disable auto-start at boot time.

      sudo systemctl disable amavis clamav-daemon
  • Thank you for very clear and concise tutorials! This is a very complex topic and you have a way of making it much more accessible. I would like to create a mail server on a virtual machine that I will create running 18.04 and I recently found your tutorial that I have been studying on using iRedMail on 16.04 (which I am sure would work on 18.04). What is your opinion on the comparison between Modoboa & iRedMail?

    • Yes, iRedMail works on Ubuntu 18.04 too.

      Both Modoboa and iRedMail make it easy to set up your own email server and host multiple mail domains on a single server.

      Modoboa is more easy to set up, because it has predefined configurations in the installer.cfg file and it integrates with Let’s Encrypt. So you have less work to do compared to iRedMail. If you are lazy, choose Modoboa.

      Other than that, they are very similar.

  • That is very helpful, thank you!

    • Camilo Montoya
      2 years ago

      Hello, I am really happy to find your tutorials, I already setup my own mail server following this tutorial, now I am sending emails without been flag as Spam and receiving emails from other accounts created on the same domain, thanks to you, I am just having some issues to receive emails from other servers like gmail. I tried to followed the tutorial step by step 3 times and I couldn’t. Do you have any idea how to identify the problem?

      • Check the /var/log/mail.log file. You will see logs of inbound and outbound emails. Find Gmail related lines in the file. If you can’t gmail.com, then Gmail can’t reach your mail server, which means either your MX record is incorrect, or there’s a firewall preventing access to port 25 on your mail server. If you host mail server at your home, be sure to set up port forwarding in your router.

  • Leopold
    2 years ago

    Thanks for your great efforts.
    Did you ever experience issues establishing SSL with imap?

  • Leopold
    2 years ago

    Correct – but there seems to be an cert issue regarding imap. So that I have to manually trust it in a mail client. Ever seen this one before and solved it without a reinstallation?

  • Leopold
    2 years ago

    I tested Modoboa on two servers node – and your guide runs smooth on a fresh install.

    But that’s the thing.
    I tried to establish Let’s encrypt on an install that was setup on open ssl.
    Somehow 993 would still not be trusted though SMTP runs fine.

    I just was keen if you did find a way around the fresh install.

    • Sorry, but I don’t quite understand your situation.

      Are you saying Let’s Encrypt certificate is not trusted by mail client? Or you didn’t choose Let’s Encrypt in the installer.cfg file and now you want to install Let’s Encrypt certificate?

  • Leopold
    2 years ago

    The later: I didn’t choose Let’s Encrypt in the installer.cfg file and now I want to install Let’s Encrypt certificate.

    • Please run the following command to install Let’s Encrypt client software (certbot).

      sudo add-apt-repository ppa:certbot/certbot
      sudo apt update
      sudo apt install certbot python3-certbot-nginx

      Then obtain and install a TLS certificate with the following command.

      sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email your-account@example.com -d mail.your-domain.com

      Then edit Postfix configuration file.

      sudo nano /etc/postfix/main.cf

      Find the following two directives.

      smtpd_tls_cert_file=
      smtpd_tls_key_file=

      Add your certificate and private key.

      smtpd_tls_cert_file=/etc/letsencrypt/live/mail.your-domain.com/fullchain.pem
      smtpd_tls_key_file=/etc/letsencrypt/live/mail.your-domain.com/privkey.pem

      Save and close the file. Then edit Dovecot TLS configuration file.

       sudo nano /etc/dovecot/conf.d/10-ssl.conf

      Find the following two directives.

      ssl_cert = 
      ssl_key = 

      Add your certificate and private key.

      ssl_cert = </etc/letsencrypt/live/mail.your-domain.com/fullchain.pem
      ssl_key = </etc/letsencrypt/live/mail.your-domain.com/privkey.pem

      Save and close the file. Now reload Nginx, Postfix and Dovecot.

      sudo systemctl reload nginx postfix dovecot
      • Saving debug log to /var/log/letsencrypt/letsencrypt.log
        Plugins selected: Authenticator nginx, Installer nginx

        Traceback (most recent call last):
        File “/usr/lib/python3/dist-packages/certbot/crypto_util.py”, line 334, in _load_cert_or_req
        return load_func(typ, cert_or_req_str)
        File “/usr/lib/python3/dist-packages/OpenSSL/crypto.py”, line 1824, in load_certificate
        _raise_current_error()
        File “/usr/lib/python3/dist-packages/OpenSSL/_util.py”, line 54, in exception_from_error_queue
        raise exception_type(errors)
        OpenSSL.crypto.Error: [(‘PEM routines’, ‘get_header_and_data’, ‘short header’)]
        An unexpected error occurred:
        OpenSSL.crypto.Error: [(‘PEM routines’, ‘get_header_and_data’, ‘short header’)]

        • Update your software

          sudo apt update; sudo apt upgrade -y

          Reboot your server.

          sudo shutdown -r now

          Then run the certbot command again.

  • Leopold
    2 years ago

    That did it! – I somehow had dovecot pointing to the wrong directory.
    Thanks for your efforts Xiao Guo-An!

  • ihasaface
    2 years ago

    I followed step by step, but when it first asks me to go to mail.mydomain.com to login to modoboa, I only get a server not found error. Please help.

    • Perhaps a firewall is preventing access to port 80 or 443.

      • Ihasaface
        2 years ago

        No firewall, but I have ports 80 and 443 forwareded to my website server, on another IP address.

    • That’s the problem. The mail server needs its own web server and should be accessible from port 80 and 443.

    • Looks like you are setting up the mail server on your home network?

      • Ihasaface
        2 years ago

        Correct, I have a dedicated server which I already have a website actively hosted on, and I’m trying to get email going as well, with no success.

    • You need to set up a rule in your router that forward request to the IP address of the mail server if the request is meant for mail.your-domain.com.

      • Ihasaface
        2 years ago

        I already have ports 80 and 443 sent to my website server- can I somehow forward them to both servers?

    • If your router doesn’t have this capability, you can set up a reverse proxy on your website server. HAProxy is an open-source reverse proxy software that can redirect HTTP/HTTPS requests to different IP addresses by inspecting the domain name in HTTP header. Your router configuration stay the same.

      • ihasaface
        2 years ago

        So I did this install on the same server as my website, and I still can’t get past the part where I’m supposed to be able to get to a URL.

    • What does the browser say?

  • Ihasaface
    2 years ago

    Says the site cannot be reached

  • Ihasaface
    2 years ago

    I did and it is there… I do not understand this. Maybe I need to contact GoDaddy?

    • Yes, contact GoDaddy.

      • Ihasaface
        2 years ago

        Will do, thank you so much for your time. I’ll probably end up buying bugging you again after I talk to them!

    • Note that you need to create A record for both lexingtonitsolutions.com and mail.lexingtonitsolutions.com.

      • ihasaface
        2 years ago

        Looks like the A record is squared away, but it only brings me to my homepage for the website, while maintaining the mail.lexingtonitsolutions.com URL.

    • I see your lexingtonitsolutions.com website is using Apache web server. Modoboa installs Nginx web server, so the Nginx web server fails to start if Apache is already running on your server.

      One solution is to use Nginx instead of Apache for your lexingtonitsolutions.com website. It’s easy to create a Nginx virtual host for your WordPress site. Please see step 4 of this article: How to Install WordPress on Ubuntu 17.10 with Nginx, MariaDB, PHP7.1 (LEMP). When creating the virtual host file, just replace the domain name, the web root directory and the PHP socket file name.

      After that, stop Apache and restart Nginx.

      sudo systemctl stop apache2
      sudo systemctl disable apach2
      sudo systemctl start nginx

      You also need to enable HTTPS on the WordPress website. See this article: How to Properly Enable HTTPS on Nginx with Let’s Encrypt on Ubuntu 16.04/17.10

      • Ihasaface
        2 years ago

        I’d really rather not risk moving my website to the new server application… Is there any way to get an email server going with Apache?

        • You know you mentioned exactly nowhere that your method is not compatible with apache.

    • Yes, there are other ways.

      1.) Use Apache instead of Nginx as a reverse proxy to the back end Modoboa web app.
      2.) Use HAProxy as a reverse proxy to your WordPress site and the Modoboa web app.

      The details of which warrants another article.

  • ihasaface
    2 years ago

    Me again!
    So I started a fresh VM, forwarded all the ports to it, and was successful to the point of making my email address, and being able to successfully send an email. However, I cannot receive any. When I send an email from my gmail account, i receive the error:

    550 5.1.1 Recipient address rejected: undeliverable address: unknown user: “info”

    I’m so close! What is this, been at it for hours.

  • Starting…
    Overwrite the existing SSL certificate? (y/N) y
    Generating new self-signed certificate
    Installing amavis
    Amavis is not installed

    my installation stops on first package Amavis ? why is that

    • If you see an error during the installation, you can run the command again with the --debug option to see more detailed output.

      sudo ./run.py --interactive --debug example.com
  • Krishna
    2 years ago

    Hi friend

    How to connect my domain to mail server in namecheap ?
    I have domain name in NameCheap and i have cloudflare account!

    • If you register domain name at NameCheap and uses Cloudflare’s DNS service, you need to create MX and other DNS records at Cloudflare, but remember you should not enable the CDN feature for your mail server.

      • Krishna
        2 years ago

        Hi,

        Already, I completed the above mail configuration.
        but mail server, not working for outgoing and incoming mails.

        what wrong in my server ? please tell me

    • After you send an email from your mail server, please check the mail log (/var/log/mail.log) and after you send an email from another email address to your mail server, also check the mail log. You can know what’s going wrong from the log.

      • Krishna
        2 years ago

        Hi Xiao Guo An,

        I see mail log in my server,

        My mail log says :

        Sometimes Connection refused,
        Sometimes Connection closed,
        Sometimes : (delivery temporarily suspended: connect to alt4.gmail-smtp-in.l.google.com[64.233.185.26]:25: Connection timed out)
        Sometimes Connection timed out.

        And

        i am using mail server ports : 587, 993.

        Port 25 is Blocked (i am already asked to ISP, my ISP not allowd 25 unblocking).

        In Modoboa admin panel all DNS records indicates are Green.
        MX, DNSBL, SPF, DKIM DMARC, autoconfig are in Green Highlight.

        what is the problem exactly in my website : mail.s46.win?

    • If your ISP refuses to unblock port 25, you should set up SMTP relay to send outgoing email. See this article: https://www.linuxbabe.com/mail-server/postfix-smtp-relay

      In order to receive email from outside, you need to open port 25 on your firewall. If your mail server is at your home, then you also need to configure port forwarding for port 25.

      Your ISP usually blocks outbound connection on port 25, but allows inbound connection on port 25.

      • Krishna
        2 years ago

        Hi Xiao Guo An,

        thank for your answers!

        Can i use port 26 instead of port 25 in my modoboa mail server ?

    • In order to delivery email, your mail server needs to hit the port 25 on the recipient’s mail server. They are listening on port 25 to receive incoming email. If your ISP blocks outbound port 25, you need to set up SMTP relay. The SMTP relay server need to hit port 25 on the recipient’s email server as well.

      In order to receive email, your mail server needs to listen on port 25 because SMTP clients expect you to listen on port 25.

      It’s SMTP standard. You can’t ask recipient’s mail server to change the listening port from 25 to another port. And if you change the listening port from 25 to another port on your own mail server, you won’t receive emails from others.

  • does smtp not work if it is not on smarttls? why I tried configuring an email in a panel my more the same only has tls protocol or ssl does not have starttls 🙁

    • The submission port 587 uses STARTTLS. If this doesn’t work, you can use port 465 with SSL/TLS for submission.

    • Krishna
      2 years ago

      Hi,

      Thanks for your answers,

      How to use modoboa mail server for incoming and outgoing mails properly without port 25 ?

      If i use smtp relay its is limited per day 200 mails.

      Already i have namecheap hosting but its not sent more than 200 mails per day (this is my opinion only).

      I have 5000 customers, i need to send 5000 mails. I need a private server i choose my home server with ubuntu.

      I want how to use modobia mail server
      without 25 port or smtp relay.

      I am requested to my iso to unblock but, he is not convinced.

      I am using 587 and 993

      Please help me.

      • Hi Krishna,

        Diego is in a different situation than yours. Port 587 is a submission port for mail clients
        to submit emails to your mail server.

        After your mail server accepts mail submissions from mail clients, the mail server needs to use port 25 to send the email to the recipient’s mail server. If port 25 is blocked, you need to set up SMTP relay.

        In a nutshell, you have to use port 25 or smtp relay. There’s no other way. The SMTP relay service I mentioned allows you to send 200 emails per day for free. After that, you need to upgrade to a premium account to send more emails.

        If you don’t like paying an SMTP relay service, you can use VPS hosting that doesn’t block port 25, like Hostwinds.

      • If you want to set up a production website, I would recommend you to host it in a data center, instead of hosting it at your home.

        To secure your website, first, you need to harden SSH server: 5 steps to harden SSH server on Ubuntu

        Then set up UFW firewall: Getting Started with UFW Firewall on Debian, Ubuntu, Linux Mint Server

        Next, set up a web application firewall like mod_security with Apache/Nginx.

        • Krishna
          2 years ago

          Dear admin, I have already public ip address to host multiple websites,

          Why not use our home desktop pc ubuntu 16.04 as server for my website production.

          I know how to install lamp in ubuntu home pc, and
          I don’t have ssh server, and I dont want use ssh server for my website.

          Home server pc is easy for editing and writing and backup for my website content and all data.

          So. Why not use our home desktop as server for my websites?

      • If you host website on your home PC,

        1.) The latency between visitors and your website is higher.

        2.) You have to prepare for Internet/Power outage. You need to buy UPS (Uninterruptible Power Supply).

        3.) You need to make sure your other applications’ traffic don’t use up all your Internet bandwidth.

        4.) Running Home PC 24 x 7 will decrease the life expectancy of PC hardware.

        Conclusion: Hosting websites on home PC is for hobbyists. Just pay $10 per month to get professional hosting service.

  • mac@instance-4:~$ sudo nginx -t
    nginx: [emerg]BIO_new_file("/etc/letsencrypt/live/mail.linuxbabe.ml/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/mail.linuxbabe.ml/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
    nginx: configuration file /etc/nginx/nginx.conf test failed
    • Currently there’s an issue with certbot-auto creating a Python virtual environment. It will be fixed by Let’s Encrypt soon.

      For now, you need to reinstall Modoboa with a self-signed certificate. It’s a good idea to reinstall the OS as well.

      After modoboa is installed, please check this comment to obtain and install Let’s Encrypt certificate manually.

    • If the modoboa reinstallation fails, then reinstall the OS.

  • Abishek
    2 years ago

    I see the “Welcome to nginx page” when i enter my server’s ip address in the browser. Am i missing anything like nginx configuration?

    • This is normal. When you enter the public IP address in browser, the default Nginx virtual host will show up.

      • Abishek D
        2 years ago

        Thanks for your response. I’m facing issue while installing ssl certificates. I tried this command “sudo certbot –nginx –agree-tos –redirect –hsts –staple-ocsp –email name@example.com -d mail.example.com”. And heres the error:-

        Saving debug log to /var/log/letsencrypt/letsencrypt.log
        Plugins selected: Authenticator nginx, Installer nginx
        Obtaining a new certificate
        Performing the following challenges:
        http-01 challenge for mail.example.com
        Waiting for verification...
        Cleaning up challenges
        Failed authorization procedure. mail.example.com (http-01): urn:ietf:params:acme:error:dns :: DNS problem: SERVFAIL looking up A for mail.example.com
        
        IMPORTANT NOTES:
         - The following errors were reported by the server:
        
           Domain: mail.example.in
           Type:   None
           Detail: DNS problem: SERVFAIL looking up A for mail.example.cpm
         
      • Abishek D
        2 years ago

        And i already have an A record with hostname mail.example.com pointing to the ip address.

    • “SERVFAIL” indicates something is wrong with your name server. Run the following command to query the A record.

      dig A +short mail.example.com

      You might need to wait sometime for the DNS record to propagate to the Internet.

      • Abishek D
        2 years ago

        This command outputs the ip address of my server.

        • The whois record of your domain name says you are using DigitalOcean name server, but I couldn’t find your name server by using the following command:

          dig NS blackweb.in
        • On my computer, the dig command failed to find the A record of your domain name, also I couldn’t find the NS record of your domain name. As I said before, there’s something wrong with your name server.

        • If you choose not to use the name servers of your domain registrar, you need to specify the new name servers at your domain registrar’s website.

      • Abishek D
        2 years ago

        I tried reinstalling modoboa with letsencrypt and then mail.example.com stopped working!. So i tried “sudo certbot –nginx –agree-tos –redirect –hsts –staple-ocsp –email your-account@example.com -d mail.example.com” but the following error occurs:-

         Saving debug log to /var/log/letsencrypt/letsencrypt.log
        Error while running nginx -c /etc/nginx/nginx.conf -t.
        
        nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/mail.blackweb.in/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/mail.blackweb.in/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
        nginx: configuration file /etc/nginx/nginx.conf test failed
        
        The nginx plugin is not working; there may be problems with your existing configuration.
        The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] BIO_new_file("/etc/letsencrypt/live/mail.blackweb.in/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(\'/etc/letsencrypt/live/mail.blackweb.in/fullchain.pem\',\'r\') error:2006D080:BIO routines:BIO_new_file:no such file)\nnginx: configuration file /etc/nginx/nginx.conf test failed\n',)
        
      • Abishek D
        2 years ago

        I used the manual approach but still fails to install ssl certificate as per your steps mentioned above.

        Obtaining a new certificate
        Performing the following challenges:
        http-01 challenge for mail.blackweb.in
        Waiting for verification...
        Cleaning up challenges
        Failed authorization procedure. mail.blackweb.in (http-01): urn:ietf:params:acme:error:dns :: DNS problem: SERVFAIL looking up A for mail.blackweb.in
        
        IMPORTANT NOTES:
         - The following errors were reported by the server:
        
           Domain: mail.blackweb.in
           Type:   None
           Detail: DNS problem: SERVFAIL looking up A for mail.blackweb.in
         - Your account credentials have been saved in your Certbot
           configuration directory at /etc/letsencrypt. You should make a
           secure backup of this folder now. This configuration directory will
           also contain certificates and private keys obtained by Certbot so
           making regular backups of this folder is ideal.
        

        This is my ip 68.183.244.134 Could you please check?

        • As I said before, there’s something wrong with your name server (aka DNS server). The Internet can’t find the authoritative DNS server of your domain name. You may need to ask your domain registrar to troubleshoot this problem.

      • Abishek D
        2 years ago

        I have checked with godaddy about DNS and they say the A records have been updated successfully. they ask me to check if any ports are blocked on the server. So does the port have anything to do with querying A record?

        • No. Your mail server has nothing to do with DNS record update. However, It will take some time for the DNS change to propagate to the Internet.

        • I have a feeling that your DNS server is still not working.

        • Abishek D
          2 years ago

          @xiao Thankyou for responding with patience. However i fixed the issue now. I thing it’s because of the DNSSEC feature enabled on my godaddy control panel(which i disabled), but not sure if that is the only cause. It would be interesting to know how to enable DNSSEC in Modoboa though! Thanks again.

  • Hi, will this work with the latest version of EasyEngine which is Version 4? Please let me know if you have tested with EasyEngine. Thank you.

  • Michael
    2 years ago

    Hi,

    I’m planning to set this up Modoboa on hostwinds VPS.
    I’m also planning to set up a PHP website in the same VPS. Will that be ok or does the website need to be in a separate VPS.
    I plan to use Modoboa for a single domain. Is this overkill? Should I just install postfix and dovecot from scratch if I’ll only use one domain?

    Thanks in advance for your feedback,
    Michael.

    • Modoboa and PHP website can run on the same VPS, but if your website needs to be put behind a CDN like Cloudflare, I suggest you set up the website on a different IP address.

      If the mail server is only used by you and you are familiar with Postifx/Dovecot, Modoboa is an overkill. If there are many people using the mail server, or I need to set up multiple domains, I will choose Modoboa.

  • Excellent, i followed step by step and wow, my own email server is up and running with multiple domains and email accounts. Thank you.

  • There isnt any webmail option in my dashboard although i installed web mail package from here https://github.com/modoboa/modoboa-webmail

    after installation I shows internal serve error

    Can you tell me what could go wrong and how to restart python process?

    • The Modoboa installer will install webmail alongside other mail components. Why do you want to install the webmail separately?

      • Because when i logged-in there was no webmail option

        it was something like this image here

        https://3.bp.blogspot.com/-fivtShvnh6M/Wr5DTG3YG2I/AAAAAAAABLs/BNEgch1LK20lctdAR4X2j_1jEfbDGZmiwCLcBGAs/s1600/modoboa%2Badmin%2Bweb%2Binterface.JPG

        Hopefully you can test and update your post

  • See yourself in official demo It would be awesome if you write additional post or simply update this one
    although how to use it to send mail via smtp

    • The default admin account isn’t an email account. It’s used to manage the mail server only. You need to create an email account (for example: vibg@your-domain.com) and use that to login, then you will see the webmail.

      • Wow its working awesome Thanks

        Can you tell me how can i use it for smtp?

    • That depends on what software you use to connect to the Modoboa mail server. Most web applications allows you to use your own mail server. You just need to enter your email address and password in that web application. The port for SMTP relay is 587.

      • I will connect it to mastodon I used sendmail earlier but in new server its not working and i am not able to fix it

    • Use sendmail option if Mastodon and Modoboa are installed on the same server. If they are on different servers, you should configure SMTP relay. Check the Mastodon dodumentation. Scroll down to the end of that page.

  • Abishek D
    2 years ago

    Hi, when I compose email and send, it literally takes over 15 seconds to send. How to resolve this? Additionally, when I test email server with mxtoolbox tool it shows SMTP Connection Time- 7.343 seconds – Warning on Connection time and SMTP Transaction Time-10.003 seconds – Not good! on Transaction Time.

    • I think its the server mine doesnt any type of issue

      • Abishek D
        2 years ago

        Is it normal?

        • I am using digital ocean and its working without an issue Email sent in almost instant. it could be because of server which company server you are using

        • Abishek D
          2 years ago

          i’m also using digital ocean server

      • Andre Sanz
        12 months ago

        may be a memory issue. When i loaded Modoboa on a small VM (1GB RAM) CLAMV cound not tart, and the “button” hung while the system failed/retries thr CLAMV process… then eventually sent. Check your /var/log/syslog for more details and grep for clamv

  • saksham D
    2 years ago

    I installed modoboa but whenever i send a mail google postmaster shows no dkim configured and even in the inbox only mailed by option is shown, not signed by domain.

    do I have to add open-dkim manually

    • Make sure you enable DKIM signing when adding a domain in Modoboa admin panel, and the DKIM record is correctly set in DNS.

      And can you show the DKIM header in Gmail? (Click “show original” button in the Gmail inbox to show email headers.)

  • After installation using letsencrypt, nginx fails to start.

  • Hi, I’m trying to access the given radicale contact url but I get this error : The requested resource could not be found.
    URL : https://DOMAIN/radicale/USER@DOMAIN/contacts
    Any idea ?

    Note : Access to calendar works

    Regards

  • Dennis Smeltink
    2 years ago

    Where can i find that edit dns recoored/mx

    • You can create DNS record at your domain registrar’s website 🙂

      • Dennis Smeltink
        2 years ago

        we are hosting are own server/domain and after install of modoboa i cant reach the default modoboa inlog page any help?

    • If you run your own DNS server, then create DNS record on your DNS server. Also make sure your firewall doesn’t block port 80 and 443 on the mail server.

  • Abishek D
    1 year ago

    Is it possible to use aws certificate manager to issue certificate to mododao mail server domain? What are the steps?

  • I went through this but skipped the DKIM bit. Now want to add DKIM and have found this (https://modoboa.readthedocs.io/en/latest/manual_installation/opendkim.html) as a way to do it. My problem si I cannot find the modoboa databse. No sign of it in mysql and I can’t (obviously) see any other engines. ANy ideas as to where to go next?

  • I am not able to send email from modoboa mailbox. It doesn’t even end up in spam. This is the recent log when I try to send an email >however I am able to receive an email from Gmail.

      dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=14306, secured, session=
    Jun 11 16:59:28 ip-172-31-62-168 postfix/postscreen[14454]: CONNECT from [127.0.0.1]:55618 to [127.0.0.1]:25
    Jun 11 16:59:28 ip-172-31-62-168 postfix/postscreen[14454]: WHITELISTED [127.0.0.1]:55618
    Jun 11 16:59:28 ip-172-31-62-168 postfix/smtpd[14455]: connect from localhost[127.0.0.1]
    Jun 11 16:59:28 ip-172-31-62-168 postfix/smtpd[14455]: NOQUEUE: client=localhost[127.0.0.1]
    Jun 11 16:59:28 ip-172-31-62-168 amavis[10092]: (10092-10) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: Connection $
    Jun 11 16:59:29 ip-172-31-62-168 amavis[10092]: (10092-10) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: Connection $
    Jun 11 16:59:29 ip-172-31-62-168 amavis[10092]: (10092-10) (!)ClamAV-clamd: All attempts (1) failed connecting to /var/run/clamav/clamd.ctl, retrying (2)
    Jun 11 16:59:35 ip-172-31-62-168 amavis[10092]: (10092-10) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: Connection $
    Jun 11 16:59:35 ip-172-31-62-168 amavis[10092]: (10092-10) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed c$
    Jun 11 16:59:35 ip-172-31-62-168 amavis[10092]: (10092-10) (!)WARN: all primary virus scanners failed, considering backups
    Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14476]: connect from localhost[127.0.0.1]
    Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14476]: 5EC4485DE0: client=localhost[127.0.0.1], orig_client=localhost[127.0.0.1]
    Jun 11 17:00:01 ip-172-31-62-168 postfix/cleanup[14477]: 5EC4485DE0: message-id=
    Jun 11 17:00:01 ip-172-31-62-168 opendkim[16384]: 5EC4485DE0: DKIM-Signature field added (s=modoboa, d=blackweb.in)
    Jun 11 17:00:01 ip-172-31-62-168 postfix/qmgr[6185]: 5EC4485DE0: from=, size=1046, nrcpt=1 (queue active)
    Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14476]: disconnect from localhost[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 quit=1 commands=6
    Jun 11 17:00:01 ip-172-31-62-168 amavis[10092]: (10092-10) Passed CLEAN {RelayedOpenRelay}, [127.0.0.1]:55618  -> , Message-ID: <20190611165928.1$
    Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14455]: proxy-accept: END-OF-MESSAGE: 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 5EC4485DE0; from=<abishek@blackweb.$
    Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14455]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
    Jun 11 17:00:31 ip-172-31-62-168 postfix/smtp[14479]: connect to gmail-smtp-in.l.google.com[74.125.195.27]:25: Connection timed out
    Jun 11 17:01:01 ip-172-31-62-168 postfix/smtp[14479]: connect to alt1.gmail-smtp-in.l.google.com[209.85.234.26]:25: Connection timed out
    Jun 11 17:01:31 ip-172-31-62-168 postfix/smtp[14479]: connect to alt2.gmail-smtp-in.l.google.com[64.233.176.27]:25: Connection timed out
    
    • “Connection timed out” indicates that your hosting provider blocked port 25. You can a VPS hosting that doesn’t block port 25 like Hostwinds, or set up SMTP relay to bypass port 25 blocking.

      You can also run the following command to check if port 25 if blocked.

      telnet mail.linuxbabe.com 25

      If telnet is trying to connect forever, then port 25 is blocked on your server.

  • Yes, Its taking forever.

     Trying 74.207.252.70...
    Trying 2400:6180:0:d1::524:6001...
    telnet: Unable to connect to remote host: Network is unreachable
    

    How to fix this?
    Should i update new AWS security group?

    • As far as I know, AWS security group doesn’t block outbound connection by default. If the port 25 is blocked outbound by your ISP, you can set up SMTP relay to solve this problem.

      • I checked on https://ping.eu/port-chk/ and port 25 seems to be open.

        • Daniel Parlitu
          1 year ago

          AWS restricts SMTP services on EC2 by default. You need to request a throttle removal:

          https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/

        • Jhonas urban
          4 months ago

          Hello thanks for the great tutorial i used few times works perfectly. But last time the setup i did had a problem with mail spoofing some guy tries to send emails via the server and had some success and vps provider block port 25. Can you give me some advice how i can secure postfix to be allowed to send emails for example from group of IPs like home ip work ip mobile ip. Or some other advice how to prevent this cause i get 10/10 score ot mailtester and mxtools shows everything is ok but this guy still was able to send some emails via the modoboa smtp. Thank you in advanced

    • Your ISP won’t block incoming connection to port 25 of your server. They are likely to block outgoing connection to port 25 of other email servers.

  • Okay, maybe I’ll try restarting the clamAV service once. By the way what is the command in ubuntu to restart service?

    • sudo systemctl restart clamav-daemon

      • So AWS has an email sending form that removes the outbound blockage. However, my emails are being sent to spam now. I have checked the domains section DNS status> the DNSBL is marked red also the autoconfig is marked red. Could this be the reason why my emails are being sent to spam? Any fix?

    • I recommend using mxtoolbox.com and dnsbl.info to check if your IP address is blacklisted. The current Modoboa installation includes the bad.psky.me DNSBL provider, which you should ignore.

      Autoconfig is used to help users to automatically configure mail accounts in mail clients (Mozilla thunderbird, Microsoft Outlook, etc). It has nothing to do with email deliverability.

      The fact is even if you get a 10/10 score at mail-tester.com, your email can still be flagged as spam. You should read this article: How to stop your emails being marked as spam.

  • Hi All,

    I tried to setup the modobia but getting bad request when i tried to login via web. Can anyone please help

  • How can I add quota restriction on users?

    And what Self hosted email server would you recommend for a startup Webhosting company that also provides business emails:)

    Have looked into iredmail, modoboa, mail-in-a-box, mailcow.
    Any recommendations?

    • You can set quota when you create an email address in Modoboa admin panel.

      You mean what software can allow a web hosting company to provide business email for clients? Sorry, I don’t know. I don’t run a web hosting company. Maybe CPanel?

      iRedmail, Modoboa, Mail-in-a-box, mailcow are not meant for that purpose. They are for people/organizations to set up their own email server on machines where they have root access.

      • OK, i managed to change the qoutas. Thanks for that:)

        Basically, i just wanted to know what premade email hosting software you would recommend for a small webhosting business. I don’t have Cpanel, but since i have my own Server, i can install iRedmail, Modoboa, Mail-in-a-box or mailcow. Whichever one you recommend, i will use 🙂

      • And also, how can i update modoboa?

    • I only used iRedMail and Modoboa and I slightly prefer Modoboa because at least I can easily create alias in the admin panel without paying for a pro license.

    • I will write an article on how to upgrade Modoboa and notify you.

  • Hello:

    Thank you for this.

    If you have time, please do an article on how to Upgrade Modoboa as installed from this article. The Upgrade documentation on the Modoboa site is not written very well, and is confusing.

    Thanks!

  • Adavidoaiei Dumitru-Cornel
    1 year ago

    Doesn’t work on Ubuntu 19.04

    Package ripole is not available, but is referred to by another package.
    This may mean that the package is missing, has been obsoleted, or
    is only available from another source

    Package zoo is not available, but is referred to by another package.
    This may mean that the package is missing, has been obsoleted, or
    is only available from another source

    E: Package ‘ripole’ has no installation candidate
    E: Package ‘zoo’ has no installation candidate

    • Use Ubuntu LTS to run complex server software. Modoboa doesn’t support Ubuntu 19.04. In addition, you don’t want to upgrade Ubuntu every 9 months to break your mail server.

  • I have an existing webserver running apache, mariadb, and php.
    Can this be setup using apache?

    • Yes, you can.

      First, stop Apache on your server.

      sudo systemctl stop apache2

      Then follow this tutorial to install Modoboa.

      Next, stop and disable Nginx.

      sudo systemctl stop nginx
      sudo systemctl disable nginx

      Start Apache.

      sudo systemctl start apache2

      Then search on Google to find out how to set up Apache virtual host with Modoboa.

      • Thank you for your quick response and your guidance.

        • Tarik
          2 months ago

          You are herooooooooooooooooooooooo regarding this nginx in apache2 man thank you.

  • Hi, I forgot the admin password
    Is there anyway to reset it?

    Thank you

    • You need to log into the PostgreSQL database server and find the table that contains the admin account. Then you can change the admin password using SQL commands.

  • Dave Tosten
    1 year ago

    Hello bro, i tried installing and everything was fine. but it wont come up when i tried to access the site. it said page not found.

    1. my domain is .business and not .com
    2. do i need to to set my nameserver?
    3. i am using google domain.
    thanks

    • Make sure you create MX record for example.business and create A record for mail.example.business in Google’s DNS record editor.

      If you can’t access the admin panel, go to /var/log/nginx/ directory to check out the error log, which can tell you why it’s not working.

  • Hi, thanks for the tutorial, is really good!

    Everything works fine for me, I have one issue:

    I have to wait 60 seconds for an email to be sent from an email client or external application like Laravel, it is exactly 60 seconds.

    How do I solve this? Thanks in advance.

    • The clamav-daemon service has a tendency to stop without clear reason even when there’s enough RAM. This will delay emails for 1 minute. We can configure it to automatically restart if it stops via the systemd service unit. Copy the original service unit file to the /etc/systemd/system/ directory.

      sudo cp /lib/systemd/system/clamav-daemon.service /etc/systemd/system/clamav-daemon.service

      Then edit the service unit file.

      sudo nano /etc/systemd/system/clamav-daemon.service

      Add the following two lines in the [service] section.

      Restart=always
      RestartSec=3

      Like this:

      [Service]
      ExecStart=/usr/sbin/clamd --foreground=true
      # Reload the database
      ExecReload=/bin/kill -USR2 $MAINPID
      StandardOutput=syslog
      Restart=always
      RestartSec=3

      Save and close the file. Then reload systemd and restart clamav-daemon.service.

      sudo systemctl daemon-reload
      sudo systemctl restart clamav-daemon
  • Glaudston
    1 year ago

    I’m having problems getting to work on Ubuntu 19.04

    Starting…
    Generating new certificate using letsencrypt
    Installing amavis
    Amavis is not installed

    Then it stops, I all ran with –debug flag and got this:
    https://github.com/modoboa/modoboa-installer/issues/277

    Can you shed a light? I can arrange server access if needed, I would hate to reinstall my OS and configure all my domains again :/, hope the debug flag was helpful. Is there any other error logs I can check to further try to debug this?

    Thanks!

    • The following two lines

      E: Package 'ripole' has no installation candidate
      E: Package 'zoo' has no installation candidate

      indicates Ubuntu 19.04 repository doesn’t contain the ripole and zoo package.

      It is recommended that you follow this tutorial on a clean install of Ubuntu 18.04 system. Installing a piece of complex server software like Modoboa on a non-LTS Ubuntu is discouraged as you will probably encounter problems when upgrading your OS every 9 months. The software author doesn’t have time to support every Ubuntu release. It is far better for your mail server to stay stable for 2 or 5 years.

      • Glaudston
        1 year ago

        Thank you, after posting this I read some where that is was not compatible :/.. Wish I new before setting up my server. Thanks for the lesson..

        It’s all working now under Ubuntu 18.04 LTS

        Just a quick note: In your tutorial above it says to use lets-encrypt, but that seems to be failing and had a hard time to fix it, most probably because I don’t really know what I’m doing. I recommend installing w/ self-signed certs and than doing changes above as you have posted here >> https://www.linuxbabe.com/mail-server/email-server-ubuntu-18-04-modoboa#comment-5168

        Thank you for the help!

  • Fata El
    1 year ago

    Worked! but..
    i’ve sent an email successfully to my google account, but unfortunately, when I reply the email from Gmail, google return an error like
    “Your message wasn’t delivered to fata@luarsekolah.com because the address couldn’t be found, or is unable to receive mail.”

    Is there any configuration to enable the email to receive?

    i’ve followed all of your tutorials

    Thanks sir, love from Indonesia!

    • Your didn’t set your MX record correctly. Use dig to find your MX record.

      dig MX luarsekolah.com +short

      Output:

      5 alt2.aspmx.l.google.com.
      10 alt4.aspmx.l.google.com.
      10 mail.luarsekolah.com.
      10 alt3.aspmx.l.google.com.
      5 alt1.aspmx.l.google.com.
      1 aspmx.l.google.com.
      

      The mail.luarsekolah.com server has the lowest priority. You need to change the priority value from 10 to 0 for the mail.luarsekolah.com server.

      • Fata El
        1 year ago

        well, actually I don’t understand that setting, im just follow the placeholder 😀
        wait i’ll try to change it, thanks for your fast response!

  • Super super tuto !!!

    Merci 😉

  • Hello,
    I’d like to follow this guide to deploy a domestic mail server with Modoboa (in past I followed your guide to use iRedMail), but I don’t want to install and use Postgres on my server. The installer doesn’t support MariaDB (my favourite SQL server) so I’d know if it’s possible to use the installer for install MySQL server and, after installation, move to MariaDB and remove MySQL form server. Can you help me, please?

    • When you edit the installer.cfg file, you can choose which database server to install.

      By default, Modoboa installer will install PostgreSQL database server, as indicated by the following lines in the config file.

      [database]
      engine = postgres
      host = 127.0.0.1
      install = true

      If you would like to use MariaDB database server, then change the engine from postgres to mysql. (Modoboa will install MariaDB instead of MySQL.)

      [database]
      engine = mysql
      host = 127.0.0.1
      install = true
      • Thank you for reply!
        Actually I had already tried to edit in configuration file inserting

        engine = mariadb

        but I got an error for engine not supported, so I changed to

        engine = mysql

        thinking to migrate later from MySQL to MariaDB but it was not necessary because it was installed directly MariaDB… 😉

      • Great tutorial everything worked perfectly so I consindered using IT for Business.

  • Why in DNS state I get red DKIM with No record found? I use Mailjet relay (port 25 blocked) and I configured my DNS, in <> section of my Mailjet account <> is green and I read <>…

  • torvan
    1 year ago

    Hi Guoan – followed your excellent intro for various topics of mail setup. I built up with your 4 of 5 series from Build Your Own Email Server on Ubuntu: Basic Postfix Setup. Then tried to deep with this subject. It seems everything fine but https://mail.mydomain.com is still pointing to nginx default server block not updated to prompt to the Modoboa page. Anywhere I should update to nginx conf file or somewhere else? Thank you for your helps in advance.

    • torvan
      1 year ago

      changed back to 10.3 from 10.4 MariaDB. Red highlighted seemed errors during debug installation process:
      ..
      … 2019-11-12 0:53:28 0 [Note] /usr/sbin/mysqld: ready for connections.
      …Version: ‘10.3.20-MariaDB-1:10.3.20+maria~bionic’ socket: ‘/var/run/mysqld/mysqld.sock’ port: 3306

      after installed, go to mail.mydomain.com, nothing happened and still goes to nginx deafult page of mail.mydomain.com.

      Any clues? Thanks.

    • Hi Torvan,

      If you followed my 5 part email server tutorial series, you should not install Modoboa on the same server. Modoboa is a complete email server solution, which automatically install and configure Postfix, Dovecot, SPF, DKIM, virtual mailboxes and webmail.

  • I tried the same setup all got installed properly I believe. But, if I try to send the mail from a user it give me below error.

    "(451, '4.7.1 id=08155-02 - Temporary MTA failure on relaying, from MTA(smtp:[127.0.0.1]:10025): 451 4.7.1 Service unavailable - try again later')"

    Here is the screen shot of Modaboa Webmail settings https://ibb.co/Jy1jn0G

    If I use SMARTTLS and 587 port for SMTP I’ll get following error.

     (554, '5.7.1 : Client host rejected: Access denied')
    • You don’t need to change the default webmail settings, as shown below. The webmail, SMTP server, and IMAP server are running on the same server. There’s no need to use secure TLS connection when talking to localhost.

      modoboa webmail settings

      • James PJ
        12 months ago

        Thank you for your time. I’ve reinstalled the modoboa and works fine. But, now I want to install the https://github.com/modoboa/modoboa-imap-migration extension. I’ve followed the documentation mentioned in the extension page. However, I’m always getting the error `modoboa-amavis not found`, even if I try from `virtualenv`, but `modoboa-amavis` extension is already installed and running fine. I’m thinking now whether I have to add the extension in installer and run it again. I’m just confused with this.

        Please let me know how can I add an extension.

  • Hi, thanks for your amazing tutorial, can u help analyze my log?
    https://prnt.sc/q5zjzi
    My situations is, I already succeed on sending email, but can’t receive from anywhere and the delay is too long when sending email with attachment.
    Thanks.

    • Your Postgresql is not properly installed. Run the following command to install the client.

      sudo apt install postgresql-client
      • I’m using centos 7, already installed postgresql, should I update it to higher version?

        [root@mail ~]# yum install postgresql-client
        Loaded plugins: fastestmirror
        Loading mirror speeds from cached hostfile
        epel/x86_64/metalink                                     | 9.4 kB     00:00
         * base: mirror.newmediaexpress.com
         * centosplus: mirror.newmediaexpress.com
         * epel: my.fedora.ipserverone.com
         * extras: mirror.newmediaexpress.com
         * updates: mirror.newmediaexpress.com
        base                                                     | 3.6 kB     00:00
        centosplus                                               | 2.9 kB     00:00
        epel                                                     | 5.4 kB     00:00
        extras                                                   | 2.9 kB     00:00
        updates                                                  | 2.9 kB     00:00
        (1/2): epel/x86_64/updateinfo                              | 1.0 MB   00:00
        (2/2): epel/x86_64/primary_db                              | 6.9 MB   00:00
        No package postgresql-client available.
        Error: Nothing to do
        You have new mail in /var/spool/mail/root
        [root@mail ~]# psql -V
        psql (PostgreSQL) 9.2.24
        [root@mail ~]#

        There is no problem when I send and receive email with attachment max size 10mb, but when I try to upload larger file, the upload process is keep running and repeating (back to 0% when reach 100% upload), setting parameters didn’t give an effect at all (https://prnt.sc/q6zol6).

    • I think you should also change the maximum attachment size limit in Postfix.

      If you can send and receive email, there’s no need to upgrade PostgreSQL.

      • Hi, I already follow your guide on changing max attachment size limit in postfix, but there’s no effect.

        [root@mail ~]# postconf | grep message_size_limit
        message_size_limit = 52428800
        You have new mail in /var/spool/mail/root
        [root@mail ~]# postconf | grep mailbox_size_limit
        mailbox_size_limit = 0
        [root@mail ~]#

        I still can’t attach file larger than 10MB. Loading keeps rolling even upload has reach 100%.
        https://prnt.sc/q8leq7

        And I have another problem, I also follow your guide on hosting multiple domain in 1 server, it works, I have 2 domain on my server, (https://prnt.sc/q8lf6h) let’s say there are mail.dom1.com and mail.dom2.com, my question is why user on mail.dom1.com can also login at mail.dom2.com? I want user on domain1 only can login at mail.dom1.com, is it possible?

        Thank you.
        https://prnt.sc/q8lf6h

  • Johnny Benton
    12 months ago

    Hi Xiao,
    I got an error while running debug option doesn’t fix:

    This is the error:

    Job for nginx.service failed because the control process exited with error code.
    See “systemctl status nginx.service” and “journalctl -xe” for details.
    invoke-rc.d: initscript nginx, action “start” failed.
    ● nginx.service – A high performance web server and a reverse proxy server
    Loaded: loaded (/etc/systemd/system/nginx.service; enabled; vendor preset: enabled)
    Drop-In: /etc/systemd/system/nginx.service.d
    └─nofile_limit.conf
    Active: failed (Result: exit-code) since Wed 2019-12-11 17:15:37 UTC; 21ms ago
    Process: 5404 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
    Main PID: 1031 (code=killed, signal=KILL)

    …Failed to start A high performance web server and a reverse proxy server.

  • Johnny Benton
    12 months ago

    Hi Xiao,
    I deleted and created a new droplet. I installed Modoboa successfully, but I can’t reach my site; error: This site can’t be reached took too long to respond.

  • Duy Nguyen
    11 months ago

    Hey, do we have to change the hostname to mail.domain.com like in the iRedmail tutorial

  • Great tutorial. I’m complete linux noob, but thanks to this guide I was able to set up mail server. Great stuff. Thanks.

  • I followed this guide closely and did everything you said. mail.mydomain.co is setup just fine but whenever I go to log into modova i just get the nginx landing page.

    • How do I purge this from my system entirely? its just taking up space and not doing anything. I want it gone.

    • Looks like you already have Nginx on your server before installing Modoboa. If you are not a Linux server expert, it’s recommended to install Modoboa on a clean server.

      To remove Modoboa, run this command.

      sudo apt purge postfix dovecot amavisd-new clamav spamassassin opendkim

      I think I have said that it’s better to install Modoboa on a clean server.

      • I was under the impression that this guide works with nginx. The only reason I even considered it was because of the web based GUI, looks like I was misinformed. I just used postfix and it works just fine, a lot easier to setup and actually works, the gui is not very important, postfix works just as well if you are familiar with linux like me.

    • Yes, Modoboa works with Nginx, but if you have made some modifications in Nginx, it might not work. If you are familiar with Nginx, you can still make it work.

      If you are setting up a mail server for just a handful of people, you can simply install Postfix and Dovecot. A web-based GUI is important when you run a mail server for dozens of people or more, or when you need to share administrative permissions with others.

  • This was just wonderful! Thank you so much for this, this made it so much easier to setup a mail server. While sending and receiving now works fine, my emails still get send to the spam folders to most providers even though I have everything setup (SPF, DMARC, DKIM, etc.). I think it’s like you stated because it’s a “new” IP for mailing which doesn’t have a reputation yet. A bit later I also noticed is that some mails weren’t going through. I was testing the mail service using GlockApps and after signing up I didn’t receive a verification email. After checking the mail log I found the following postfix error occured

    NOQUEUE: reject: RCPT from [x.x.x.x]:15037: 450 4.3.2 Service currently unavailable;

    The solution is to change some of the settings in postfix’s main.cf stated here: https://serverfault.com/questions/628790/postscreen-sometimes-stops-the-mail-with-450-4-3-2-service-currently-unavailable/628807. One last thing, everytime I login with an email user I get this “Update profile settings” page. Is there a way to set the landing page to the mailbox (/webmail/#?action=listmailbox) after signing in?

    • This message

      NOQUEUE: reject: RCPT from [x.x.x.x]:15037: 450 4.3.2 Service currently unavailable;

      Indicates that Modoboa is using greylisting to filter spam. The sending SMTP server will try delivering the email again after several minutes.

  • Dan Romania
    10 months ago

    Hello sir!
    This tutorial is awesome!
    I installed it and it works as expected!

    I like the functionality, but I want also to login and install Roundcube in parralel on another address, for example: mail.example.com/roundcube where I could use the same mail addresses as in Modoboa.

    Is that possible?

  • Dan Romania
    10 months ago

    I installed Roundcube and everything worked fine!
    This tutorial is awesome!
    I have another question, if you don’t mind…

    I can’t manage to login from Laravel to send email thru my email server
    I get this error:

    Connection could not be established with host mail.myserver.com :stream_socket_client(): unable to connect to ssl://mail.myserver.com:587 (Connection timed out)  

    My config is:
    MAIL_DRIVER=smtp
    MAIL_HOST=mail.codecodac.com
    MAIL_PORT=587
    MAIL_USERNAME=office@myserver.com
    MAIL_PASSWORD=mygreatpassword
    MAIL_ENCRYPTION=ssl

    myserever being an alias for “my server”
    mygreatpassword an alias for “my great password”

  • James PJ
    10 months ago

    I want to install the https://github.com/modoboa/modoboa-imap-migration extension. I’ve followed the documentation mentioned in the extension page. However, I’m always getting the error `modoboa-amavis not found`, even if I try from `virtualenv`, but `modoboa-amavis` extension is already installed and running fine. I’m thinking now whether I have to add the extension in installer and run it again. I’m just confused with this.

    Please let me know how can I add an extension.

  • Please , one question!

    Lets say I have installed VestaCP on one IP address with my domain example.com and I am using cloudflare for the DNS configuration.

    Can I install Modoboa web mail server on another (new) Ubuntu VPS with another IP address and edit DNS with cloudflare to use it with same domain name example.com ?

    • The DNS records should be like:

      example.com -> VestaCP IP address
      
      mail.example.com -> Modoboa IP address  

      You will have an email address like macan@example.com on the Modoboa server.

  • Macan Macano
    10 months ago

    Thank you.

  • Hi,

    Great tutorial! Unfortunately for me, when I attempt to access the interface, I get a “the connection timed out”. Ports 80 and 443 are open in ufw and Hostwinds. A and MX records are propagating. Nothing in the error log at all.

    Thoughts appreciated 🙂

    • Hi Jerry,

      Can you tell me what’s your domain name? If you don’t like to show your domain name in public, you can reply to my email.

      • Hi,

        After your help, I was able to get to the interface. I realize that I forgot that I didn’t modify the installer.cfg correctly by forgetting to put letsencrypt under the certificate section.

        Thanks again!

  • Followed all steps under “Improving Email Deliverability” but Gmail still puts my messages in spam. Interestingly, I sent a test to my friends Yahoo address and is successfully went to their Inbox.

  • Also, my spam test result is 9/10. Getting the following message:

    “Your message is not signed with DKIM”

    As far as I can tell, my DKIM configuration is correct. Any suggestions on how to fix this?

    Thanks again for your amazing tutorial and guidance!

    • Send an email, then check the mail log (/var/log/mail.log) to see if you can find any clue.

      • Happy Saturday. I finally got to this. Still getting 9/10 with the following warning in /var/log/mail.log:

        “postfix/smtpd[3454]: warning: connect to Milter service inet:127.0.0.1:12345: Connection refused”

        I tried to approximate configuration based on instructions at the following link, but I probably don’t know enough about what I am doing to get it right.
        https://tinycp.com/community/show/solved-warning-connect-to-milter-service-inet-127-0-0-1-8891-connection-refused,134.html

        Any help appreciated.

        Thanks.

    • I think you should check if OpenDKIM is running with the following command.

      sudo systemctl status opendkim

      If it’s not running, start it.

      sudo systemctl start opendkim
  • The installation just runs fine on my end, but the nginx is failing to start because the letsencrypt certificate does not exist even if I edited the installer.cfg file from self-signed to letsencrypt.
    In the file ‘mail.mydomain.com.conf the ssl certificate is pointed to ”/etc/letsencrypt/live/….’, but the certificate do not exist there, actually the “live’ folder is missing from /etc/letsencrypt.

    • Best practices for obtaining Let’s Encrypt certificate:

      1.) Use a clean Ubuntu 18.04 OS to install Modoboa

      2.) Change the email address from admin@example.com to your real email address. You will not be able to obtain and install Let’s Encrypt certificate if you use the default email address.

      3.) Open port 80 and 443 in the firewall.

  • Amazing tutorial thank you for publishing it.

    One thing that would be great to add is that in order for people to configure thunderbird or a mail client on their phone is necessary to make sure that the server has the ports (TCP) 993 and 587 open.

  • Hello,

    Already excellent tutorial. I followed it but I am stuck on the error of the page “Sorry, an internal error has occurred”

    I have an Ubuntu 18.04 server with LEMP already installed (MariaDB).
    I put the errors and the configuration.

    Installing amavis
    Lecture des listes de paquets…
    Construction de l'arbre des dépendances…
    Lecture des informations d'état…
    libdbi-perl est déjà la version la plus récente (1.640-1).
    arc est déjà la version la plus récente (5.21q-5).
    arj est déjà la version la plus récente (3.10.22-17).
    cabextract est déjà la version la plus récente (1.6-1.1).
    libdbd-mysql-perl est déjà la version la plus récente (4.046-1).
    liblz4-tool est déjà la version la plus récente (0.0~r131-2ubuntu3).
    lrzip est déjà la version la plus récente (0.631-1).
    lzop est déjà la version la plus récente (1.03-4).
    p7zip-full est déjà la version la plus récente (16.02+dfsg-6).
    rpm2cpio est déjà la version la plus récente (4.14.1+dfsg1-2).
    unrar-free est déjà la version la plus récente (1:0.0.1+cvs20140707-4).
    amavisd-new est déjà la version la plus récente (1:2.11.0-1ubuntu1.1).
    Les paquets suivants ont été installés automatiquement et ne sont plus nécessaires :
      libconfig-inifiles-perl python-pyicu
    Veuillez utiliser « sudo apt autoremove » pour les supprimer.
    0 mis à jour, 0 nouvellement installés, 0 à enlever et 14 non mis à jour.
    ERROR 1045 (28000): Access denied for user 'chris'@'localhost' (using password: YES)
    ERROR 1045 (28000): Access denied for user 'chris'@'localhost' (using password: YES)
    ERROR 1045 (28000): Access denied for user 'chris'@'localhost' (using password: YES)
    ERROR 1045 (28000): Access denied for user 'chris'@'localhost' (using password: YES)
    ERROR 1045 (28000): Access denied for user 'chris'@'localhost' (using password: YES)
    ERROR 1045 (28000): Access denied for user 'amavis'@'localhost' (using password: YES)
    Installing spamassassin
    Lecture des listes de paquets…
    Construction de l'arbre des dépendances…
    Lecture des informations d'état…
    pyzor est déjà la version la plus récente (1:1.0.0-3).
    spamassassin est déjà la version la plus récente (3.4.2-0ubuntu0.18.04.4).
    

    <pre
    [database]
    engine = mysql
    host = 127.0.0.1
    install = false

    [mysql]
    user = chris
    password = xxxxxxx
    charset = utf8
    collation = utf8mb4_general_ci

    “chris” has the same root privileges. I searched for hours and unfortunately did not find a solution.

    Thanks in advance.

  • xiao,
    thank you so much for this guide.
    Everything works as you described and all my domains emails end up in ‘Inbox’.
    Only one thing is not clear. how do you enable radicale for global contacts?
    I just get this message when i go to ‘www.mydomain.com/radicale’.
    “Radicale works!”

  • Digi Doe
    7 months ago

    Hi Xiao Guoan (Admin)

    This is my first time on your website and I must confess you made me feel like a pro! You are the BEST on the internet. You make everything look easy and please accept my token and I urge everyone to support him too!

    Just a lil suggestion for those having issues with no connection after the congratulatory message.

    I did the following four step and my site came live, apparently it was issue with lets encrypt

    #apt install certbot

    #apt install certbot

    #service nginx restart

    #/etc/init.d/dovecot restart

  • Hi,

    Could you please write an article on updating modoboa to the latest version? My current version is 1.14 and 1.15 is released. The readthedocs which i found was kinda to hard to follow. And there’s something about python 2 being dropped which makes it harder.
    thnx in advance

    • Olaf Menzel
      6 months ago

      cd modoboa-installer

      ~/modoboa-installer$ git pull

      ~/modoboa-installer$ sudo ./run.py –interactive –debug yourdomain.tld

  • Olaf Menzel
    6 months ago

    Hi everybody,

    just found your page. It’s amazing, but I have issues with the current nginx version 1.14.0-0ubuntu1.7 package:

    tail -f /var/log/nginx/error.log 
    2020/06/10 08:39:29 [emerg] 23381#23381: could not build server_names_hash, you should increase server_names_hash_bucket_size: 32
    2020/06/10 08:54:33 [emerg] 622#622: could not build server_names_hash, you should increase server_names_hash_bucket_size: 32
    

    Still I don’t know how to fix it

  • Olaf Menzel
    6 months ago

    Thank you for the hint,

    I just found the solution at the same time on
    https://stackoverflow.com/questions/13895933/nginx-emerg-could-not-build-the-server-names-hash-you-should-increase-server

    /etc/nginx/nginx.conf:

     server_names_hash_bucket_size 128; 

    This line fixed the problem 🙂

  • Olaf Menzel
    5 months ago

    Hello Xiao,

    I tried to create a small distribution list via Alias but Modoboa refuses to accept those aliases and do not deliver them at all. Is there any solution for sending to a group of email recipients?

  • Hi, this worked like a charm.

    How can I use this for transactional emails? I’ll love to replace ElasticMail.

    Are there additional steps or implementations that I need to make?

  • I did the installation, after that I tried to login using domain name, I got blank page, then I tried to login using IP address I got “Bad Request (400) ” response

    • Best practices for running Modoboa:

      1.) Use an LTS release of Ubuntu such as 18.04.

      2.) Use a clean fresh Ubuntu 18.04 server.

      3.) Make sure your server has at least 2GB RAM.

  • The installer is currently broken (august 7th 2020). A python dependency is breaking the entire install (the “braces” module) – so typical for python… sigh :/

    • I just installed Modoboa on a new server, and it worked like charm.

      Best practices for running Modoboa:

      1.) Use an LTS release of Ubuntu such as 18.04. (I didn’t test with 20.04).

      2.) Use a clean fresh Ubuntu 18.04 server.

      3.) Make sure your server has at least 2GB RAM.

  • You mention at the beginning you can send unlimited emails.

    How would you setup modoboa to send 100k emails/day?

    Is there any specific conf to add?

    Thanks!!

  • Oh wow! That’s amazing!
    But there are for sure some speed limits or something like that due to the hardware right?

  • Hello,

    thank you for amazing tutorial. I was able to manage all the settings and I am able now to send emails directly to inbox!
    however, there is a problem – I cannot recieve any email send to the address.

    where should I start searching for solutions?

    • hm, ok I can send email to self and it arrives. any email from outside the system is ignored.

  • Hi,
    Thanks for the wonderful article.

    I was able to setup the modoboa based email server. Able to send/receive emails.

    Configured the DKIM/SPF/MX/Dmarc in the DNS and ensured that it gets a score of 10/10 using the email server verification.

    (mail.cpanook.com) is the domain on which the modoboa based email server is hosted.

    Now, I want to use one of my django based web application (hosted on a different domain/ Server) to use the smtp of the mail.cpanook.com to send the email(s). (We use the django-postoffice and are able to successfully aboe to send emails using the gmap smtp server and email of the gamil account cedentials).

    We want to replace it with the modoboa based email server as th smtp server in ou web application.

    We have tried to replace the smtp server, email/passwod created in the mail.cpanook.com. However, it does not even seems to send the reques to toe modoboa based web server).

    I have verified that on both the hosted webserver (email web server and web application web server) – ports 25, 443 are open and able to send/receive emails from both the servers.

    Basically, we need the credentials to be used by the remote server to send the email using the smtp of the modoboa based email server.

    Can you please help us to guide further on this aspect?

  • Hi,

    I installed my mail server at the beginning of the year following these instructions. Thanks for the good How-to 🙂
    But in the meantime Modoba says that updates are available.

    Would you also do a Modoba Update/Upgrade Guide?

    Thanks,
    Robin

  • Hi Xiao

    Just wanted to let you know that your site is amazing!! It is a wealth of precise information. I have used your tutorials for a number of different setups and posted your links in forums where people are asking for help.

    Thank you so much for the effort and great site.

  • thanks
    i will try it

  • Hi,

    Thanks for the tutorial, it works perfectly.
    I just want to ask about the client side configuration. I use Gmail app and the problem is with incoming mails. If I open the Gmail app the incoming mails are received almost instantly. However I did not receive any notification when the app is closed, so if I want to know if there are incoming mails I have to open the Gmail app. Is there anyway to tackle this?

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community (https://community.linuxbabe.com) for questions unrelated to this article.
  • I don't have time to answer every question. Making a donation would incentivize me to spend more time answering questions.


The maximum upload file size: 2 MB.
You can upload: image.