How to Quickly Set up a Mail Server on Ubuntu 22.04 with Modoboa
This tutorial is going to show you how to quickly set up your own email server on Ubuntu 22.04 with Modoboa, which is a free and open-source mail hosting and management platform designed to work with Postfix SMTP server and Dovecot IMAP/POP3 server.
Modoboa is written in Python, released under the terms of ISC license. Main features of Modoboa are as follows:
- Modoboa by default uses Nginx web server to serve the webmail client and web-based admin panel.
- Compatible with Postfix and Dovecot.
- Support MySQL/MariaDB, or PostgreSQL database.
- Easily create unlimited mailboxes and unlimited mail domains in a web-based admin panel.
- Easily create email alias in the web-based admin panel.
- The webmail client provides an easy-to-use message filter to help you organize messages to different folders.
- It can help you protect your domain reputation by monitoring email blacklists and generating DMARC reports, so your emails have a better chance to land in the inbox instead of the spam folder.
- Includes amavis frontend to block spam and detect viruses in email.
- Calendar and address book.
- Integration with Let’s Encrypt.
- Includes AutoMX to allow end-users to easily configure mail account in a desktop or mobile mail client.
Step 1: Choose the Right Hosting Provider and Buy a Domain Name
To set up a complete email server with Modoboa, you need a server with at least 3GB RAM, because after the installation, your server will use more than 2GB of RAM.
Note: You must install Modoboa on a clean fresh Ubuntu 22.04 server.
This tutorial is done on a $9/month Kamatera VPS (virtual private server) with 1 CPU and 3GB RAM. They offer a 30-day free trial.
Kamatera is a very good option to run a mail server because
- They don’t block port 25, so you can send unlimited emails (transactional email and newsletters) without spending money on SMTP relay service. Kamatera doesn’t have any SMTP limits. You can send a million emails per day.
- The IP address isn’t on any email blacklist. (At least this is true in my case. I chose the Dallas data center.) You definitely don’t want to be listed on the dreaded Microsoft Outlook IP blacklist or the spamrats blacklist. Some blacklists block an entire IP range and you have no way to delist your IP address from this kind of blacklist.
- You can edit PTR record to improve email deliverability.
- They allow you to send newsletters to your email subscribers with no hourly limits or daily limits, whatsoever.
- You can order multiple IP addresses for a single server. This is very useful for folks who need to send a large volume of emails. You can spread email traffic on multiple IP addresses to achieve better email deliverability.
Other VPS providers like DigitalOcean blocks port 25. DigitalOcean would not unblock port 25, so you will need to set up SMTP relay to bypass blocking, which can cost you additional money. If you use Vultr VPS, then port 25 is blocked by default. They can unblock it if you open a support ticket, but they may block it again at any time if they decide your email sending activity is not allowed. Vultr actually may re-block it if you use their servers to send newsletters.
Go to Kamatera website to create an account, then create your server in your account dashboard.
I recommend following the tutorial linked below to properly set up your Linux VPS server on Kamatera.
Once you created a server, Kamatera will send you an email with the server SSH login details. To log into your server, you use an SSH client. If you are using Linux or macOS on your computer, then simply open up a terminal window and run the following command to log into your server. Replace 12.34.56.78 with your server’s IP address.
ssh [email protected]
You will be asked to enter the password.
You also need a domain name. I registered my domain name from NameCheap because the price is low and they give whois privacy protection free for life.
Step 2: Creating DNS MX Record
The MX record specifies which host or hosts handle emails for a particular domain name. For example, the host that handles emails for linuxbabe.com is mail.linuxbabe.com. If someone with a Gmail account sends an email to [email protected], then Gmail server will query the MX record of linuxbabe.com. When it finds out that mail.linuxbabe.com is responsible for accepting email, it then query the A record of mail.linuxbabe.com to get the IP address, thus the email can be delivered.
In your DNS manager, create a MX record for your domain name. Enter @ in the Name field to represent the main domain name, then enter mail.your-domain.com in the Value field.
Note: The hostname for MX record can not be an alias to another name. Also, It’s highly recommended that you use hostnames, rather than bare IP addresses for MX record.
Your DNS manager may require you to enter a preference value (aka priority value). It can be any number between 0 and 65,356. A small number has higher priority than a big number. You can enter 0 for your email server, or accept the default value.
After creating MX record, you also need to create an A record for mail.your-domain.com , so that it can be resolved to an IP address. If your server uses IPv6 address, be sure to add AAAA record.
If you uses Cloudflare DNS service, you should not enable the CDN feature when creating A record for your mail server.
Step 3: Set up Mail Server on Ubuntu 22.04 with Modoboa Installer
Log into your server via SSH, then run the following commands to update software packages.
sudo apt update sudo apt upgrade -y
I strongly recommend creating a sudo user for managing your server rather than using the default root user to improve server security. Run the following command to create a user. Replace username with your preferred username.
adduser username
Then add the user to the sudo group.
adduser username sudo
Switch to the new user.
su - username
Modoboa is written in Python. Run the following command to install the necessary Python software.
sudo apt-get install -y git python3-virtualenv python3-pip
Download modoboa installer from Github.
git clone https://github.com/modoboa/modoboa-installer
Then navigate to the modoboa-installer directory and create a configuration file. Replace example.com with your own domain name.
cd modoboa-installer
sudo ./run.py --stop-after-configfile-check example.com
Edit the configuration file installer.cfg with a command line text editor like nano.
sudo nano installer.cfg
To obtain a valid TLS certificate from Let’s Encrypt for your mail server, in [certificate] section, change the value of type from self-signed to letsencrypt.
type = letsencrypt
And change the email address from [email protected] to your real email address, which will be used for account recovery and important notifications. You will not be able to obtain and install Let’s Encrypt certificate if you use the default email address.
By default, Modoboa installer will install PostgreSQL database server, as indicated by the following lines in the config file.
[database] engine = postgres host = 127.0.0.1 install = true
If you would like to use MariaDB database server, then change the engine from postgres to mysql. (Modoboa will install MariaDB instead of MySQL.)
Save and close the file. (To save a file in Nano text editor, press Ctrl+O, then press Enter to confirm. To exit, press Ctrl+X.)
Next, you should use a fully-qualified domain name (FQDN) as the hostname for your mail server, such as mail.example.com. Run the following command to set the hostname.
sudo hostnamectl set-hostname mail.example.com
Now we need to verify if the DNS records are propagated to the Internet. Depending on the domain registrar you use, your DNS record might be propagated instantly, or it might take up to 24 hours to propagate. You can go to https://dnsmap.io, enter your mail server’s hostname (mail.example.com) to check DNS propagation.
If your DNS record is propagated, run the following command to start the installation. (Please replace example.com with your main domain name such as linuxbabe.com. Do not use a sub-domain like mail.example.com in this command).
sudo ./run.py --interactive example.com
The installation process can take a while. It took 10 minutes on my server. Once it’s installed, restart your server to make sure each service will start automatically.
sudo shutdown -r now
If you see an error during the installation, you can use the --debug option to see the more detailed output.
sudo ./run.py --interactive --debug example.com
After Modoboa finishes the installation, you can log into the admin panel with username admin and password password.
- If your browser can’t connect to the admin panel, it could be that Nginx is not running. Start it with
sudo systemctl restart nginx. If it fails to start, runsudo nginx -tto find out what’s wrong. - If you see the internal error message, please use the solution here.
Once you are logged in, you should go to Admin -> Settings -> Profile to change the password.
Step 4: Adding Mailboxes in Modoboa Admin Panel
Go to Domains tab and click Add button to add a new domain.
Then enter your main domain name in the Name field. It is highly recommended that you enable DKIM signing, which can help with your domain reputation. In Key selector field, you can enter a random word like modoboa. Choose 2048 as the key length.
In the next screen, you can choose to create an admin account for your domain. The SMTP protocol requires that a mail server should have a [email protected] address.
Click the Submit button and your domain name will be added in Modoboa.
To add email addresses, go to Domains tab and click your domain name.
Then click mailboxes.
Click Add button and choose Account.
Then choose Simple user as the role. Enter an email address in Username field and enter a password.
In the next screen, you can optionally create an alias for this email address.
After clicking the submit button, the email address is created.
Step 5: Sending Test Emails
To login to the webmail, you need to log out the admin account first and then enter the user credentials.
Once you are logged into Modoboa webmail, you can send a test email from your private email server to your other email address and vice versa.
Disable Greylisting
Inbound emails will be delayed for a few minutes, because by default Modoboa enables greylisting, which tells other sending SMTP server to try again in a few minutes. This is useful to block spam. The following message in /var/log/mail.log indicates greylisting is enabled.
postfix/postscreen[20995]: NOQUEUE: reject: RCPT from [34.209.113.130]:36980: 450 4.3.2 Service currently unavailable;
However, greylisting can be rather annoying. You can disable it by editing the Postfix main configuration file.
sudo nano /etc/postfix/main.cf
Find the following lines at the end of the file and comment them out. (Add a # character at the beginning of each line.)
postscreen_pipelining_enable = yes postscreen_pipelining_action = enforce postscreen_non_smtp_command_enable = yes postscreen_non_smtp_command_action = enforce postscreen_bare_newline_enable = yes postscreen_bare_newline_action = enforce
Save and close the file. Then restart Postfix for the changes to take effect.
sudo systemctl restart postfix
Now you should be able to receive emails without waiting several minutes.
Disable Policyd
If you can find the following error in the /var/log/mail.log file, it means the policy daemon isn’t running.
postfix/smtpd[229906]: warning: connect to 127.0.0.1:9999: Connection refused postfix/smtpd[229906]: warning: problem talking to server 127.0.0.1:9999: Connection refused
You can run the following command to try to restart it.
sudo systemctl restart supervisor
Then check if the policy daemon is listening on port 9999.
sudo ss -lnpt | grep 9999
If it still won’t listen on port 9999, then you need to disable the policy daemon in Postfix.
sudo nano /etc/postfix/main.cf
Find the following lines.
smtpd_recipient_restrictions =
check_policy_service inet:127.0.0.1:9999
permit_mynetworks
permit_sasl_authenticated
check_recipient_access
proxy:pgsql:/etc/postfix/sql-maintain.cf
proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
reject_unverified_recipient
reject_unauth_destination
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_non_fqdn_helo_hostname
Comment out the check_policy_service directive.
smtpd_recipient_restrictions =
# check_policy_service inet:127.0.0.1:9999
permit_mynetworks
permit_sasl_authenticated
check_recipient_access
proxy:pgsql:/etc/postfix/sql-maintain.cf
proxy:pgsql:/etc/postfix/sql-relay-recipient-verification.cf
reject_unverified_recipient
reject_unauth_destination
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_non_fqdn_helo_hostname
Save and close the file. Then restart Postfix.
sudo systemctl restart postfix
Step 6: Checking If Port 25 (outbound) is blocked
Your ISP or hosting provider won’t block incoming connection to port 25 of your server, which means you can receive emails from other mail servers. However, many ISP/hosting providers block outgoing connection to port 25 of other mail servers, which means you can’t send emails.
If your email didn’t arrive at your other email address such as Gmail, then run the following command on your mail server to check if port 25 (outbound) is blocked.
telnet gmail-smtp-in.l.google.com 25
If it’s not blocked, you would see messages like below, which indicates a connection is successfully established. (Hint: Type in quit and press Enter to close the connection.)
Trying 74.125.68.26... Connected to gmail-smtp-in.l.google.com. Escape character is '^]'. 220 mx.google.com ESMTP y22si1641751pll.208 - gsmtp
If port 25 (outbound) is blocked, you would see something like:
Trying 2607:f8b0:400e:c06::1a... Trying 74.125.195.27... telnet: Unable to connect to remote host: Connection timed out
In this case, your Postfix can’t send emails to other SMTP servers. Ask your ISP/hosting provider to open it for you. If they refuse your request, you need to set up SMTP relay to bypass port 25 blocking.
Still Can’t Send Email?
If port 25 (outbound) is not blocked, but you still can’t send emails from your own mail server to your other email address like Gmail, then you should check the mail log (/var/log/mail.log).
sudo nano /var/log/mail.log
For example, some folks might see the following lines in the file.
host gmail-smtp-in.l.google.com[2404:6800:4003:c03::1b] said: 550-5.7.1 [2a0d:7c40:3000:b8b::2] Our system has detected that 550-5.7.1 this message does not meet IPv6 sending guidelines regarding PTR 550-5.7.1 records and authentication. Please review 550-5.7.1 https://support.google.com/mail/?p=IPv6AuthError for more information
This means your mail server is using IPv6 to send the email, but you didn’t set up IPv6 records. You should go to your DNS manager, set AAAA record for mail.your-domain.com, then you should set PTR record for your IPv6 address, which is discussed in step 8.
Step 7: Using Mail Clients on Your Computer or Mobile Device
Fire up your desktop email client such as Mozilla Thunderbird and add a mail account.
- In the incoming server section, select IMAP protocol, enter
mail.your-domain.comas the server name, choose port 143 and STARTTLS. Choosenormal passwordas the authentication method. - In the outgoing section, select SMTP protocol, enter
mail.your-domain.comas the server name, choose port 587 and STARTTLS. Choosenormal passwordas the authentication method.
You can also use IMAP on port 993 with SSL/TLS encryption.
Step 8: Improving Email Deliverability
To prevent your emails from being flagged as spam, you should set PTR, SPF, DKIM and DMARC records.
PTR record
A pointer record, or PTR record, maps an IP address to a FQDN (fully qualified domain name). It’s the counterpart to the A record and is used for reverse DNS lookup, which can help with blocking spammers. Many SMTP servers reject emails if no PTR record is found for the sending server.
To check the PTR record for an IP address, run this command:
dig -x IP-address +short
or
host IP-address
PTR record isn’t managed by your domain registrar. It’s managed by the organization that gives you an IP address. Because you get IP address from your hosting provider or ISP, not from your domain registrar, so you must set PTR record for your IP in the control panel of your hosting provider or ask your ISP. Its value should be your mail server’s hostname: mail.your-domain.com. If your server uses IPv6 address, be sure to add a PTR record for your IPv6 address as well.
To edit the reverse DNS record for your Kamatera VPS, log into the Kamatera client area, then open a support ticket and tell them to add PTR record for your server IP addresss to point the IP address to mail.your-domain.com. It’s not convenient, you might think, but this is to keep spammers away from the platform, so legitimate email senders like us will have a great IP reputation.
SPF Record
SPF (Sender Policy Framework) record specifies which hosts or IP address are allowed to send emails on behalf of a domain. You should allow only your own email server or your ISP’s server to send emails for your domain. In your DNS management interface, create a new TXT record like below.
Explanation:
- TXT indicates this is a TXT record.
- Enter @ in the name field to represent the main domain name.
- v=spf1 indicates this is a SPF record and the version is SPF1.
- mx means all hosts listed in the MX records are allowed to send emails for your domain and all other hosts are disallowed.
- ~all indicates that emails from your domain should only come from hosts specified in the SPF record. Emails that are from other hosts will be flagged as forged.
To check if your SPF record is propagated to the public Internet, you can use the dig utility on your Linux machine like below:
dig your-domain.com txt
The txt option tells dig that we only want to query TXT records.
DKIM Record
DKIM (DomainKeys Identified Mail) uses a private key to digitally sign emails sent from your domain. Receiving SMTP servers verify the signature by using the public key, which is published in the DNS DKIM record.
When we were adding domain name in Moboboa admin panel earlier, we enabled DKIM signing, so the signing part is taken care of. The only thing left to do is creating DKIM record in DNS manager. First go to Modoboa admin panel and select your domain name. In the DNS section, click Show key button.
The public key will be revealed. There are two formats. We only need the Bind/named format.
Go to your DNS manager, create a TXT record, enter modoboa._domainkey in the Name field. (Recall that we used modoboa as the selector when adding domain name in the admin panel.) Copy everything in the parentheses and paste into the value field. Delete all double quotes. Your DNS manager may require you to delete other invalid characters, such as carriage return.
Note that your DKIM record may need sometime to propagate to the Internet. Depending on the domain registrar you use, your DNS record might be propagated instantly, or it might take up to 24 hours to propagate. You can go to https://www.dmarcanalyzer.com/dkim/dkim-check/, enter modoboa as the selector and enter your domain name to check DKIM record propagation.
DMARC Record
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. DMARC can help receiving email servers to identify legitimate emails and prevent your domain name from being used by email spoofing.
To create a DMARC record, go to your DNS manager and add a TXT record. In the name field, enter _dmarc. In the value field, enter the following:
v=DMARC1; p=none; pct=100; rua=mailto:[email protected]
The above DMARC record is a safe starting point. To see the full explanation of DMARC, please check the following article.
Step 7: Testing Email Score and Placement
After creating PTR, SPF, DKIM record, go to https://www.mail-tester.com. You will see a unique email address. Send an email from your domain to this address and then check your score. As you can see, I got a perfect score.
Mail-tester.com can only show you a sender score. There’s another service called GlockApps that allow you to check if your email is placed in the recipient’s inbox or spam folder, or rejected outright. It supports many popular email providers like Gmail, Outlook, Hotmail, YahooMail, iCloud mail, etc
Email is Rejected by Microsoft Mailbox?
Microsoft uses an internal blacklist that blocks many legitimate IP addresses. If your emails are rejected by Outlook or Hotmail, you need to follow the tutorial linked below to bypass Microsoft Outlook blacklist.
What if Your Emails Are Still Being Marked as Spam?
I have more tips for you in this article: How to stop your emails from being marked as spam. Although it will take some time and effort, your emails will eventually be placed in the inbox after applying these tips.
Auto-Renew Let’s Encrypt TLS Certificate
Modoboa installed the latest version of Let’s Encrypt client (certbot) as /opt/certbot-auto. You can find the location of certbot binary by executing the following command.
sudo find / -name "*certbot*"
Let’s Encrypt TLS certificate is valid for 90 days. To automatically renew the certificate, edit root user’s crontab file.
sudo crontab -e
Add the following line at the end of this file.
@daily /opt/certbot-auto renew -q && systemctl reload nginx postfix dovecot
Save and close the file. This tells Cron to run the certbot renew command every day. If the certificate has 30 days left, certbot will renew it. It’s necessary to reload Nginx web server, Postfix SMTP server and Dovecot IMAP server so they can pick up the new certificate.
Enabling SMTPS Port 465
If you are going to use Microsoft Outlook client, then you need to enable SMTPS port 465 in Postfix SMTP server.
Troubleshooting
First, please use a VPS with at least 2GB RAM. Running Modoboa on a 1GB RAM VPS will cause the database, SpamAssassin, or ClamAV to be killed because of out-of-memory problem. If you really want to use a 1GB RAM VPS, you are going to lose incoming emails and have other undesirable outcomes.
If the Modoboa web interface isn’t accessible, like a 502 gateway error, you should check the Nginx logs in /var/log/nginx/ directory to find clues. You may also want to check the mail log /var/log/mail.log.
Check if the various services are running.
systemctl status postfix systemctl status dovecot systemctl status nginx systemctl status mariadb systemctl status clamav-daemon systemctl status amavis systemctl status uwsgi systemctl status supervisor
If you enabled the firewall, you should open the following ports in the firewall.
HTTP port: 80 HTTPS port: 443 SMTP port: 25 Submission port: 587 (and 465 if you are going to use Microsoft Outlook mail client) IMAP port: 143 and 993
If you would like to use the UFW firewall, check my guide here: Getting started with UFW firewall on Debian and Ubuntu.
ClamAV Automatic Shutdown
I found that the clamav-daemon service has a tendency to stop without clear reason even when there’s enough RAM. This will delay emails for 1 minute. We can configure it to automatically restart if it stops via the systemd service unit. Copy the original service unit file to the /etc/systemd/system/ directory.
sudo cp /lib/systemd/system/clamav-daemon.service /etc/systemd/system/clamav-daemon.service
Then edit the service unit file.
sudo nano /etc/systemd/system/clamav-daemon.service
Add the following two lines in the [service] section.
Restart=always RestartSec=3
Like this:
[Service] ExecStart=/usr/sbin/clamd --foreground=true # Reload the database ExecReload=/bin/kill -USR2 $MAINPID StandardOutput=syslog Restart=always RestartSec=3
Save and close the file. Then reload systemd and restart clamav-daemon.service.
sudo systemctl daemon-reload sudo systemctl restart clamav-daemon
Sorry, an internal error has occurred
If you see the internal error message when trying to log into the Modoboa admin panel, then edit the settings.py file.
sudo nano /srv/modoboa/instance/instance/settings.py
Turn on debugging mode.
DEBUG = True
Restart uwsgi for the changes to take effect.
sudo systemctl restart uwsgi
Next, try to log into Modoboa admin panel again. This time you will see the exact internal error. For example, on my mail server it’s
database connection isn't set to UTC
So I need to edit the settings.py file
sudo nano /srv/modoboa/instance/instance/settings.py
and turn off time zone.
USE_TZ = False
Save and close the file. Restart uwsgi for the changes to take effect.
sudo systemctl restart uwsgi
(Optional) Set Up Autodiscover and AutoConfig to Automate Mail Client Configuration
Autodiscover and AutoConfig make it easy to configure a desktop or mobile mail client. The end-user just needs to enter a name, email address and password to set up his/her mail account, without having to enter the SMTP or IMAP server details. Autodiscover is supported by Microsoft Outlook mail client and AutoConfig is supported by Mozilla Thunderbird mail client.
Modoboa uses AutoMX to implement this feature on your mail server. All we need to do now is add CNAME records in DNS. In your DNS manager, create two CNAME records.
autoconfig.yourdomain.com CNAME mail.yourdomain.com autodiscover.yourdomain.com CNAME mail.yourdomain.com
Go to the Domains tab in your Modoboa admin panel, if the autoconfig is in green, that means your CNAME records are correct. (Modoboa checks DNS records for your mail server every 30 minutes, so you might need to wait some time for autoconfig to turn green.)
Once the CNAME records are propagated to the Internet, you don’t have to enter the SMTP or IMAP server details when setting up a mail account in Microsoft Outlook and Mozilla Thunderbird.
Host Multiple Domains in Modoboa
See the following article:
Setting Up Backup Mail Server
Your primary mail server could be down sometimes. If you host your mail server in a data center, then the downtime is very minimal, so you shouldn’t be worried about losing inbound emails. If you host your mail server at home, the downtime can’t be predicted so it’s a good practice for you to run a backup mail server in a data center to prevent losing inbound emails. The backup mail server needs just 512MB RAM to run. Please check the full detail in the following article.
I hope this tutorial helped you set up a mail server on Ubuntu 22.04 with Modoboa. As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks. Take care 🙂
Thanks! Worked like a charm!
🙂
I mentioned this in the article, but I want to say it again: The best practice to run Modoboa is using a clean fresh OS.
Generally speaking, if there’s a script that will install lots of software, it’s a good practice to install it on a clean freash OS. Otherwise, the install script might mess up the existing configurations of your software, making it unusable. Or maybe a component of the softwar stack needs to bind to a port, but it’s already been taken by an existing process on the server, resulting in installation failure.
Unless you are very knowledgeable about every piece of software on the server and can spead lots of time debugging, it’s not recommended to install Modoboa on a server that has other applications running.
I have seen many folks who didn’t follow this advice bork the applications on their servers.
I accidentally deleted the modoboa system user and group from my Linux server. Does anybody of you know how to recover it from scratch? Modoboa is not working without it. O course it has to be run under the modoboa process.
Thank you 🙂
Hi
could i disable antispam/antivirus checking for incoming mails?
in my case i have antispam/antivirus gateway ,so idont need that mail server will check too
thanks
Amavis and ClamAV use about 1.3GB RAM. If your server doesn’t have enough RAM, you might not be able to receive emails. If you don’t need AntiVirus on your mail server, you can disable Amavis and ClamAV. This will save you 1.3GB RAM.
Edit Postfix master configuration file.
Find the following lines in this file and comment them out.
Save and close the file. Then restart Postfix.
Now you can stop Amavis and ClamAV.
And disable auto-start at boot time.
Thank you for very clear and concise tutorials! This is a very complex topic and you have a way of making it much more accessible. I would like to create a mail server on a virtual machine that I will create running 18.04 and I recently found your tutorial that I have been studying on using iRedMail on 16.04 (which I am sure would work on 18.04). What is your opinion on the comparison between Modoboa & iRedMail?
Yes, iRedMail works on Ubuntu 18.04 too.
Both Modoboa and iRedMail make it easy to set up your own email server and host multiple mail domains on a single server.
Modoboa is more easy to set up, because it has predefined configurations in the installer.cfg file and it integrates with Let’s Encrypt. So you have less work to do compared to iRedMail. If you are lazy, choose Modoboa.
Other than that, they are very similar.
That is very helpful, thank you!
Hello, I am really happy to find your tutorials, I already setup my own mail server following this tutorial, now I am sending emails without been flag as Spam and receiving emails from other accounts created on the same domain, thanks to you, I am just having some issues to receive emails from other servers like gmail. I tried to followed the tutorial step by step 3 times and I couldn’t. Do you have any idea how to identify the problem?
Check the /var/log/mail.log file. You will see logs of inbound and outbound emails. Find Gmail related lines in the file. If you can’t gmail.com, then Gmail can’t reach your mail server, which means either your MX record is incorrect, or there’s a firewall preventing access to port 25 on your mail server. If you host mail server at your home, be sure to set up port forwarding in your router.
Thanks for your great efforts.
Did you ever experience issues establishing SSL with imap?
You can use IMAP on port 143 with STARTTLS or port 993 with SSL/TLS.
Correct – but there seems to be an cert issue regarding imap. So that I have to manually trust it in a mail client. Ever seen this one before and solved it without a reinstallation?
If you chose Let’s encrypt certificate, then there should be no trust issue.
I tested Modoboa on two servers node – and your guide runs smooth on a fresh install.
But that’s the thing.
I tried to establish Let’s encrypt on an install that was setup on open ssl.
Somehow 993 would still not be trusted though SMTP runs fine.
I just was keen if you did find a way around the fresh install.
Sorry, but I don’t quite understand your situation.
Are you saying Let’s Encrypt certificate is not trusted by mail client? Or you didn’t choose Let’s Encrypt in the
installer.cfgfile and now you want to install Let’s Encrypt certificate?The later: I didn’t choose Let’s Encrypt in the installer.cfg file and now I want to install Let’s Encrypt certificate.
Please run the following command to install Let’s Encrypt client software (certbot).
Then obtain and install a TLS certificate with the following command.
Then edit Postfix configuration file.
Find the following two directives.
Add your certificate and private key.
Save and close the file. Then edit Dovecot TLS configuration file.
Find the following two directives.
Add your certificate and private key.
Save and close the file. Now reload Nginx, Postfix and Dovecot.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/certbot/crypto_util.py”, line 334, in _load_cert_or_req
return load_func(typ, cert_or_req_str)
File “/usr/lib/python3/dist-packages/OpenSSL/crypto.py”, line 1824, in load_certificate
_raise_current_error()
File “/usr/lib/python3/dist-packages/OpenSSL/_util.py”, line 54, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.crypto.Error: [(‘PEM routines’, ‘get_header_and_data’, ‘short header’)]
An unexpected error occurred:
OpenSSL.crypto.Error: [(‘PEM routines’, ‘get_header_and_data’, ‘short header’)]
Update your software
Reboot your server.
Then run the certbot command again.
That did it! – I somehow had dovecot pointing to the wrong directory.
Thanks for your efforts Xiao Guo-An!
I followed step by step, but when it first asks me to go to mail.mydomain.com to login to modoboa, I only get a server not found error. Please help.
Perhaps a firewall is preventing access to port 80 or 443.
No firewall, but I have ports 80 and 443 forwareded to my website server, on another IP address.
That’s the problem. The mail server needs its own web server and should be accessible from port 80 and 443.
Looks like you are setting up the mail server on your home network?
Correct, I have a dedicated server which I already have a website actively hosted on, and I’m trying to get email going as well, with no success.
You need to set up a rule in your router that forward request to the IP address of the mail server if the request is meant for mail.your-domain.com.
I already have ports 80 and 443 sent to my website server- can I somehow forward them to both servers?
If your router doesn’t have this capability, you can set up a reverse proxy on your website server. HAProxy is an open-source reverse proxy software that can redirect HTTP/HTTPS requests to different IP addresses by inspecting the domain name in HTTP header. Your router configuration stay the same.
So I did this install on the same server as my website, and I still can’t get past the part where I’m supposed to be able to get to a URL.
What does the browser say?
Says the site cannot be reached
Can you tell me your domain name?
Says the site cannot be reached
https://lexingtonitsolutions.com
Thanks for taking a look!
There’s no DNS A record for mail.lexingtonitsolutions.com
I do have one setup in godaddy, host is mail.lexingtonitsolutions.com points to 75.176.86.219
Looks like my DNS record is working now, and I went ahead and restarted the whole tutorial. Now mail.lexingtonitsolutions.com brings me to a certificate error page, which I can confirm an exception, but it just brings me to my primary website, not the modoboa login.
Can’t find the A record using the dig command.
Is there something I need to do differently with my record on GoDaddy then?
Perhaps it needs more time to propagate to the Internet.
I put it up days ago
Go to your Godaddy account, check if the A recored is there.
I did and it is there… I do not understand this. Maybe I need to contact GoDaddy?
Yes, contact GoDaddy.
Will do, thank you so much for your time. I’ll probably end up buying bugging you again after I talk to them!
Note that you need to create A record for both lexingtonitsolutions.com and mail.lexingtonitsolutions.com.
Looks like the A record is squared away, but it only brings me to my homepage for the website, while maintaining the mail.lexingtonitsolutions.com URL.
I see your lexingtonitsolutions.com website is using Apache web server. Modoboa installs Nginx web server, so the Nginx web server fails to start if Apache is already running on your server.
One solution is to use Nginx instead of Apache for your lexingtonitsolutions.com website. It’s easy to create a Nginx virtual host for your WordPress site. Please see step 4 of this article: How to Install WordPress on Ubuntu 17.10 with Nginx, MariaDB, PHP7.1 (LEMP). When creating the virtual host file, just replace the domain name, the web root directory and the PHP socket file name.
After that, stop Apache and restart Nginx.
You also need to enable HTTPS on the WordPress website. See this article: How to Properly Enable HTTPS on Nginx with Let’s Encrypt on Ubuntu 16.04/17.10
I’d really rather not risk moving my website to the new server application… Is there any way to get an email server going with Apache?
You know you mentioned exactly nowhere that your method is not compatible with apache.
Yes, there are other ways.
1.) Use Apache instead of Nginx as a reverse proxy to the back end Modoboa web app.
2.) Use HAProxy as a reverse proxy to your WordPress site and the Modoboa web app.
The details of which warrants another article.
Me again!
So I started a fresh VM, forwarded all the ports to it, and was successful to the point of making my email address, and being able to successfully send an email. However, I cannot receive any. When I send an email from my gmail account, i receive the error:
550 5.1.1 Recipient address rejected: undeliverable address: unknown user: “info”
I’m so close! What is this, been at it for hours.
That means the email address [email protected] cannot be found on your email server.
Starting…
Overwrite the existing SSL certificate? (y/N) y
Generating new self-signed certificate
Installing amavis
Amavis is not installed
my installation stops on first package Amavis ? why is that
If you see an error during the installation, you can run the command again with the
--debugoption to see more detailed output.Hi friend
How to connect my domain to mail server in namecheap ?
I have domain name in NameCheap and i have cloudflare account!
If you register domain name at NameCheap and uses Cloudflare’s DNS service, you need to create MX and other DNS records at Cloudflare, but remember you should not enable the CDN feature for your mail server.
Hi,
Already, I completed the above mail configuration.
but mail server, not working for outgoing and incoming mails.
what wrong in my server ? please tell me
If your ISP refuses to unblock port 25, you should set up SMTP relay to send outgoing email. See this article: https://www.linuxbabe.com/mail-server/postfix-smtp-relay-ubuntu-sendinblue
In order to receive email from outside, you need to open port 25 on your firewall. If your mail server is at your home, then you also need to configure port forwarding for port 25.
Your ISP usually blocks outbound connection on port 25, but allows inbound connection on port 25.
Hi Xiao Guo An,
thank for your answers!
Can i use port 26 instead of port 25 in my modoboa mail server ?
After you send an email from your mail server, please check the mail log (/var/log/mail.log) and after you send an email from another email address to your mail server, also check the mail log. You can know what’s going wrong from the log.
Hi Xiao Guo An,
I see mail log in my server,
My mail log says :
Sometimes Connection refused,
Sometimes Connection closed,
Sometimes : (delivery temporarily suspended: connect to alt4.gmail-smtp-in.l.google.com[64.233.185.26]:25: Connection timed out)
Sometimes Connection timed out.
And
i am using mail server ports : 587, 993.
Port 25 is Blocked (i am already asked to ISP, my ISP not allowd 25 unblocking).
In Modoboa admin panel all DNS records indicates are Green.
MX, DNSBL, SPF, DKIM DMARC, autoconfig are in Green Highlight.
what is the problem exactly in my website : mail.s46.win?
In order to delivery email, your mail server needs to hit the port 25 on the recipient’s mail server. They are listening on port 25 to receive incoming email. If your ISP blocks outbound port 25, you need to set up SMTP relay. The SMTP relay server need to hit port 25 on the recipient’s email server as well.
In order to receive email, your mail server needs to listen on port 25 because SMTP clients expect you to listen on port 25.
It’s SMTP standard. You can’t ask recipient’s mail server to change the listening port from 25 to another port. And if you change the listening port from 25 to another port on your own mail server, you won’t receive emails from others.
does smtp not work if it is not on smarttls? why I tried configuring an email in a panel my more the same only has tls protocol or ssl does not have starttls 🙁
The submission port 587 uses STARTTLS. If this doesn’t work, you can use port 465 with SSL/TLS for submission.
Hi,
Thanks for your answers,
How to use modoboa mail server for incoming and outgoing mails properly without port 25 ?
If i use smtp relay its is limited per day 200 mails.
Already i have namecheap hosting but its not sent more than 200 mails per day (this is my opinion only).
I have 5000 customers, i need to send 5000 mails. I need a private server i choose my home server with ubuntu.
I want how to use modobia mail server
without 25 port or smtp relay.
I am requested to my iso to unblock but, he is not convinced.
I am using 587 and 993
Please help me.
Hi Krishna,
Diego is in a different situation than yours. Port 587 is a submission port for mail clients
to submit emails to your mail server.
After your mail server accepts mail submissions from mail clients, the mail server needs to use port 25 to send the email to the recipient’s mail server. If port 25 is blocked, you need to set up SMTP relay.
In a nutshell, you have to use port 25 or smtp relay. There’s no other way. The SMTP relay service I mentioned allows you to send 200 emails per day for free. After that, you need to upgrade to a premium account to send more emails.
If you don’t like paying an SMTP relay service, you can use VPS hosting that doesn’t block port 25, like Kamatera VPS.
If you want to set up a production website, I would recommend you to host it in a data center, instead of hosting it at your home.
To secure your website, first, you need to harden SSH server: 5 steps to harden SSH server on Ubuntu
Then set up UFW firewall: Getting Started with UFW Firewall on Debian, Ubuntu, Linux Mint Server
Next, set up a web application firewall like mod_security with Apache/Nginx.
Dear admin, I have already public ip address to host multiple websites,
Why not use our home desktop pc ubuntu 16.04 as server for my website production.
I know how to install lamp in ubuntu home pc, and
I don’t have ssh server, and I dont want use ssh server for my website.
Home server pc is easy for editing and writing and backup for my website content and all data.
So. Why not use our home desktop as server for my websites?
If you host website on your home PC,
1.) The latency between visitors and your website is higher.
2.) You have to prepare for Internet/Power outage. You need to buy UPS (Uninterruptible Power Supply).
3.) You need to make sure your other applications’ traffic don’t use up all your Internet bandwidth.
4.) Running Home PC 24 x 7 will decrease the life expectancy of PC hardware.
Conclusion: Hosting websites on home PC is for hobbyists. Just pay $10 per month to get professional hosting service.
nginx: [emerg]BIO_new_file("/etc/letsencrypt/live/mail.linuxbabe.ml/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/mail.linuxbabe.ml/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) nginx: configuration file /etc/nginx/nginx.conf test failedCurrently there’s an issue with certbot-auto creating a Python virtual environment. It will be fixed by Let’s Encrypt soon.
For now, you need to reinstall Modoboa with a self-signed certificate. It’s a good idea to reinstall the OS as well.
After modoboa is installed, please check this comment to obtain and install Let’s Encrypt certificate manually.
thkns, but why i need to reinstall the OS as well ?
If the modoboa reinstallation fails, then reinstall the OS.
thnks bro
I see the “Welcome to nginx page” when i enter my server’s ip address in the browser. Am i missing anything like nginx configuration?
This is normal. When you enter the public IP address in browser, the default Nginx virtual host will show up.
Thanks for your response. I’m facing issue while installing ssl certificates. I tried this command “sudo certbot –nginx –agree-tos –redirect –hsts –staple-ocsp –email [email protected] -d mail.example.com”. And heres the error:-
And i already have an A record with hostname mail.example.com pointing to the ip address.
“SERVFAIL” indicates something is wrong with your name server. Run the following command to query the A record.
You might need to wait sometime for the DNS record to propagate to the Internet.
This command outputs the ip address of my server.
The whois record of your domain name says you are using DigitalOcean name server, but I couldn’t find your name server by using the following command:
On my computer, the dig command failed to find the A record of your domain name, also I couldn’t find the NS record of your domain name. As I said before, there’s something wrong with your name server.
If you choose not to use the name servers of your domain registrar, you need to specify the new name servers at your domain registrar’s website.
I tried reinstalling modoboa with letsencrypt and then mail.example.com stopped working!. So i tried “sudo certbot –nginx –agree-tos –redirect –hsts –staple-ocsp –email [email protected] -d mail.example.com” but the following error occurs:-
Saving debug log to /var/log/letsencrypt/letsencrypt.log Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/mail.blackweb.in/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/mail.blackweb.in/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) nginx: configuration file /etc/nginx/nginx.conf test failed The nginx plugin is not working; there may be problems with your existing configuration. The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] BIO_new_file("/etc/letsencrypt/live/mail.blackweb.in/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(\'/etc/letsencrypt/live/mail.blackweb.in/fullchain.pem\',\'r\') error:2006D080:BIO routines:BIO_new_file:no such file)\nnginx: configuration file /etc/nginx/nginx.conf test failed\n',)Please see Med’s comment.
I used the manual approach but still fails to install ssl certificate as per your steps mentioned above.
This is my ip 68.183.244.134 Could you please check?
As I said before, there’s something wrong with your name server (aka DNS server). The Internet can’t find the authoritative DNS server of your domain name. You may need to ask your domain registrar to troubleshoot this problem.
I have checked with godaddy about DNS and they say the A records have been updated successfully. they ask me to check if any ports are blocked on the server. So does the port have anything to do with querying A record?
No. Your mail server has nothing to do with DNS record update. However, It will take some time for the DNS change to propagate to the Internet.
I have a feeling that your DNS server is still not working.
@xiao Thankyou for responding with patience. However i fixed the issue now. I thing it’s because of the DNSSEC feature enabled on my godaddy control panel(which i disabled), but not sure if that is the only cause. It would be interesting to know how to enable DNSSEC in Modoboa though! Thanks again.
Hi, will this work with the latest version of EasyEngine which is Version 4? Please let me know if you have tested with EasyEngine. Thank you.
I haven’t tested it with EasyEngine.
Thank you. I may test it on a clean droplet. Have a good day.
Hi,
I’m planning to set this up Modoboa on Kamatera VPS.
I’m also planning to set up a PHP website in the same VPS. Will that be ok or does the website need to be in a separate VPS.
I plan to use Modoboa for a single domain. Is this overkill? Should I just install postfix and dovecot from scratch if I’ll only use one domain?
Thanks in advance for your feedback,
Michael.
Modoboa and PHP website can run on the same VPS, but if your website needs to be put behind a CDN like Cloudflare, I suggest you set up the website on a different IP address.
If the mail server is only used by you and you are familiar with Postifx/Dovecot, Modoboa is an overkill. If there are many people using the mail server, or I need to set up multiple domains, I will choose Modoboa.
Excellent, i followed step by step and wow, my own email server is up and running with multiple domains and email accounts. Thank you.
There isnt any webmail option in my dashboard although i installed web mail package from here https://github.com/modoboa/modoboa-webmail
after installation I shows internal serve error
Can you tell me what could go wrong and how to restart python process?
The Modoboa installer will install webmail alongside other mail components. Why do you want to install the webmail separately?
Because when i logged-in there was no webmail option
it was something like this image here
https://3.bp.blogspot.com/-fivtShvnh6M/Wr5DTG3YG2I/AAAAAAAABLs/BNEgch1LK20lctdAR4X2j_1jEfbDGZmiwCLcBGAs/s1600/modoboa%2Badmin%2Bweb%2Binterface.JPG
Hopefully you can test and update your post
See yourself in official demo It would be awesome if you write additional post or simply update this one
although how to use it to send mail via smtp
The default admin account isn’t an email account. It’s used to manage the mail server only. You need to create an email account (for example: [email protected]) and use that to login, then you will see the webmail.
Wow its working awesome Thanks
Can you tell me how can i use it for smtp?
That depends on what software you use to connect to the Modoboa mail server. Most web applications allows you to use your own mail server. You just need to enter your email address and password in that web application. The port for SMTP relay is 587.
I will connect it to mastodon I used sendmail earlier but in new server its not working and i am not able to fix it
Use
sendmailoption if Mastodon and Modoboa are installed on the same server. If they are on different servers, you should configure SMTP relay. Check the Mastodon dodumentation. Scroll down to the end of that page.Hi, when I compose email and send, it literally takes over 15 seconds to send. How to resolve this? Additionally, when I test email server with mxtoolbox tool it shows SMTP Connection Time- 7.343 seconds – Warning on Connection time and SMTP Transaction Time-10.003 seconds – Not good! on Transaction Time.
I think its the server mine doesnt any type of issue
Is it normal?
I am using digital ocean and its working without an issue Email sent in almost instant. it could be because of server which company server you are using
i’m also using digital ocean server
may be a memory issue. When i loaded Modoboa on a small VM (1GB RAM) CLAMV cound not tart, and the “button” hung while the system failed/retries thr CLAMV process… then eventually sent. Check your /var/log/syslog for more details and grep for clamv
I installed modoboa but whenever i send a mail google postmaster shows no dkim configured and even in the inbox only mailed by option is shown, not signed by domain.
do I have to add open-dkim manually
Make sure you enable DKIM signing when adding a domain in Modoboa admin panel, and the DKIM record is correctly set in DNS.
And can you show the DKIM header in Gmail? (Click “show original” button in the Gmail inbox to show email headers.)
After installation using letsencrypt, nginx fails to start.
Run
sudo nginx -tto see what’s wrong in the configuration.Hi, I’m trying to access the given radicale contact url but I get this error : The requested resource could not be found.
URL : https://DOMAIN/radicale/USER@DOMAIN/contacts
Any idea ?
Note : Access to calendar works
Regards
Where can i find that edit dns recoored/mx
You can create DNS record at your domain registrar’s website 🙂
we are hosting are own server/domain and after install of modoboa i cant reach the default modoboa inlog page any help?
If you run your own DNS server, then create DNS record on your DNS server. Also make sure your firewall doesn’t block port 80 and 443 on the mail server.
Is it possible to use aws certificate manager to issue certificate to mododao mail server domain? What are the steps?
I don’t use AWS. Whatever tool you use, you need to configure Nginx, Postfix and Dovecot to use the certificate.
I went through this but skipped the DKIM bit. Now want to add DKIM and have found this (https://modoboa.readthedocs.io/en/latest/manual_installation/opendkim.html) as a way to do it. My problem si I cannot find the modoboa databse. No sign of it in mysql and I can’t (obviously) see any other engines. ANy ideas as to where to go next?
Modoboa by default uses PostgreSQL database server.
I am not able to send email from modoboa mailbox. It doesn’t even end up in spam. This is the recent log when I try to send an email >however I am able to receive an email from Gmail.
dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=14306, secured, session= Jun 11 16:59:28 ip-172-31-62-168 postfix/postscreen[14454]: CONNECT from [127.0.0.1]:55618 to [127.0.0.1]:25 Jun 11 16:59:28 ip-172-31-62-168 postfix/postscreen[14454]: WHITELISTED [127.0.0.1]:55618 Jun 11 16:59:28 ip-172-31-62-168 postfix/smtpd[14455]: connect from localhost[127.0.0.1] Jun 11 16:59:28 ip-172-31-62-168 postfix/smtpd[14455]: NOQUEUE: client=localhost[127.0.0.1] Jun 11 16:59:28 ip-172-31-62-168 amavis[10092]: (10092-10) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: Connection $ Jun 11 16:59:29 ip-172-31-62-168 amavis[10092]: (10092-10) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: Connection $ Jun 11 16:59:29 ip-172-31-62-168 amavis[10092]: (10092-10) (!)ClamAV-clamd: All attempts (1) failed connecting to /var/run/clamav/clamd.ctl, retrying (2) Jun 11 16:59:35 ip-172-31-62-168 amavis[10092]: (10092-10) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: Connection $ Jun 11 16:59:35 ip-172-31-62-168 amavis[10092]: (10092-10) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed c$ Jun 11 16:59:35 ip-172-31-62-168 amavis[10092]: (10092-10) (!)WARN: all primary virus scanners failed, considering backups Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14476]: connect from localhost[127.0.0.1] Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14476]: 5EC4485DE0: client=localhost[127.0.0.1], orig_client=localhost[127.0.0.1] Jun 11 17:00:01 ip-172-31-62-168 postfix/cleanup[14477]: 5EC4485DE0: message-id= Jun 11 17:00:01 ip-172-31-62-168 opendkim[16384]: 5EC4485DE0: DKIM-Signature field added (s=modoboa, d=blackweb.in) Jun 11 17:00:01 ip-172-31-62-168 postfix/qmgr[6185]: 5EC4485DE0: from=, size=1046, nrcpt=1 (queue active) Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14476]: disconnect from localhost[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 quit=1 commands=6 Jun 11 17:00:01 ip-172-31-62-168 amavis[10092]: (10092-10) Passed CLEAN {RelayedOpenRelay}, [127.0.0.1]:55618 -> , Message-ID: <20190611165928.1$ Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14455]: proxy-accept: END-OF-MESSAGE: 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 5EC4485DE0; from=<abishek@blackweb.$ Jun 11 17:00:01 ip-172-31-62-168 postfix/smtpd[14455]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5 Jun 11 17:00:31 ip-172-31-62-168 postfix/smtp[14479]: connect to gmail-smtp-in.l.google.com[74.125.195.27]:25: Connection timed out Jun 11 17:01:01 ip-172-31-62-168 postfix/smtp[14479]: connect to alt1.gmail-smtp-in.l.google.com[209.85.234.26]:25: Connection timed out Jun 11 17:01:31 ip-172-31-62-168 postfix/smtp[14479]: connect to alt2.gmail-smtp-in.l.google.com[64.233.176.27]:25: Connection timed out“Connection timed out” indicates that your hosting provider blocked port 25. You can a VPS hosting that doesn’t block port 25 like Kamatera VPS, or set up SMTP relay to bypass port 25 blocking.
You can also run the following command to check if port 25 if blocked.
If telnet is trying to connect forever, then port 25 is blocked on your server.
Yes, Its taking forever.
How to fix this?
Should i update new AWS security group?
As far as I know, AWS security group doesn’t block outbound connection by default. If the port 25 is blocked outbound by your ISP, you can set up SMTP relay to solve this problem.
I checked on https://ping.eu/port-chk/ and port 25 seems to be open.
There is inbound port 25, which allows to you receive emails, and outbound port 25, which allows you to send emails.
online port scanners show you the inbound ports only.
Your ISP won’t block incoming connection to port 25 of your server. They are likely to block the outbound port 25.
Okay, maybe I’ll try restarting the clamAV service once. By the way what is the command in ubuntu to restart service?
sudo systemctl restart clamav-daemon
So AWS has an email sending form that removes the outbound blockage. However, my emails are being sent to spam now. I have checked the domains section DNS status> the DNSBL is marked red also the autoconfig is marked red. Could this be the reason why my emails are being sent to spam? Any fix?
I recommend using mxtoolbox.com and dnsbl.info to check if your IP address is blacklisted. The current Modoboa installation includes the bad.psky.me DNSBL provider, which you should ignore.
Autoconfig is used to help users to automatically configure mail accounts in mail clients (Mozilla thunderbird, Microsoft Outlook, etc). It has nothing to do with email deliverability.
The fact is even if you get a 10/10 score at mail-tester.com, your email can still be flagged as spam. You should read this article: How to stop your emails being marked as spam.
Hi All,
I tried to setup the modobia but getting bad request when i tried to login via web. Can anyone please help
Hi, you can check Nginx error log (/var/log/nginx/mail.yourdomain.com-error.log) to see what went wrong.
How can I add quota restriction on users?
And what Self hosted email server would you recommend for a startup Webhosting company that also provides business emails:)
Have looked into iredmail, modoboa, mail-in-a-box, mailcow.
Any recommendations?
You can set quota when you create an email address in Modoboa admin panel.
You mean what software can allow a web hosting company to provide business email for clients? Sorry, I don’t know. I don’t run a web hosting company. Maybe CPanel?
iRedmail, Modoboa, Mail-in-a-box, mailcow are not meant for that purpose. They are for people/organizations to set up their own email server on machines where they have root access.
OK, i managed to change the qoutas. Thanks for that:)
Basically, i just wanted to know what premade email hosting software you would recommend for a small webhosting business. I don’t have Cpanel, but since i have my own Server, i can install iRedmail, Modoboa, Mail-in-a-box or mailcow. Whichever one you recommend, i will use 🙂
And also, how can i update modoboa?
I only used iRedMail and Modoboa and I slightly prefer Modoboa because at least I can easily create alias in the admin panel without paying for a pro license.
I will write an article on how to upgrade Modoboa and notify you.
Oh!
Thanks:)
Really appreciate it.
Hello please notify me too
Hello:
Thank you for this.
If you have time, please do an article on how to Upgrade Modoboa as installed from this article. The Upgrade documentation on the Modoboa site is not written very well, and is confusing.
Thanks!
Doesn’t work on Ubuntu 19.04
Package ripole is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
Package zoo is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package ‘ripole’ has no installation candidate
E: Package ‘zoo’ has no installation candidate
Use Ubuntu LTS to run complex server software. Modoboa doesn’t support Ubuntu 19.04. In addition, you don’t want to upgrade Ubuntu every 9 months to break your mail server.
I have an existing webserver running apache, mariadb, and php.
Can this be setup using apache?
Yes, you can.
First, stop Apache on your server.
Then follow this tutorial to install Modoboa.
Next, stop and disable Nginx.
Start Apache.
Then search on Google to find out how to set up Apache virtual host with Modoboa.
Thank you for your quick response and your guidance.
You are herooooooooooooooooooooooo regarding this nginx in apache2 man thank you.
Hi, I forgot the admin password
Is there anyway to reset it?
Thank you
You need to log into the PostgreSQL database server and find the table that contains the admin account. Then you can change the admin password using SQL commands.
Hello bro, i tried installing and everything was fine. but it wont come up when i tried to access the site. it said page not found.
1. my domain is .business and not .com
2. do i need to to set my nameserver?
3. i am using google domain.
thanks
Make sure you create MX record for
example.businessand create A record formail.example.businessin Google’s DNS record editor.If you can’t access the admin panel, go to /var/log/nginx/ directory to check out the error log, which can tell you why it’s not working.
Hi, thanks for the tutorial, is really good!
Everything works fine for me, I have one issue:
I have to wait 60 seconds for an email to be sent from an email client or external application like Laravel, it is exactly 60 seconds.
How do I solve this? Thanks in advance.
The clamav-daemon service has a tendency to stop without clear reason even when there’s enough RAM. This will delay emails for 1 minute. We can configure it to automatically restart if it stops via the systemd service unit. Copy the original service unit file to the /etc/systemd/system/ directory.
Then edit the service unit file.
Add the following two lines in the [service] section.
Like this:
Save and close the file. Then reload systemd and restart clamav-daemon.service.
I’m having problems getting to work on Ubuntu 19.04
Starting…
Generating new certificate using letsencrypt
Installing amavis
Amavis is not installed
Then it stops, I all ran with –debug flag and got this:
https://github.com/modoboa/modoboa-installer/issues/277
Can you shed a light? I can arrange server access if needed, I would hate to reinstall my OS and configure all my domains again :/, hope the debug flag was helpful. Is there any other error logs I can check to further try to debug this?
Thanks!
The following two lines
indicates Ubuntu 19.04 repository doesn’t contain the ripole and zoo package.
It is recommended that you follow this tutorial on a clean install of Ubuntu 18.04 system. Installing a piece of complex server software like Modoboa on a non-LTS Ubuntu is discouraged as you will probably encounter problems when upgrading your OS every 9 months. The software author doesn’t have time to support every Ubuntu release. It is far better for your mail server to stay stable for 2 or 5 years.
Thank you, after posting this I read some where that is was not compatible :/.. Wish I new before setting up my server. Thanks for the lesson..
It’s all working now under Ubuntu 18.04 LTS
Just a quick note: In your tutorial above it says to use lets-encrypt, but that seems to be failing and had a hard time to fix it, most probably because I don’t really know what I’m doing. I recommend installing w/ self-signed certs and than doing changes above as you have posted here >> https://www.linuxbabe.com/mail-server/email-server-ubuntu-18-04-modoboa#comment-5168
Thank you for the help!
Worked! but..
i’ve sent an email successfully to my google account, but unfortunately, when I reply the email from Gmail, google return an error like
“Your message wasn’t delivered to [email protected] because the address couldn’t be found, or is unable to receive mail.”
Is there any configuration to enable the email to receive?
i’ve followed all of your tutorials
Thanks sir, love from Indonesia!
Your didn’t set your MX record correctly. Use
digto find your MX record.Output:
The mail.luarsekolah.com server has the lowest priority. You need to change the priority value from 10 to 0 for the mail.luarsekolah.com server.
well, actually I don’t understand that setting, im just follow the placeholder 😀
wait i’ll try to change it, thanks for your fast response!
Super super tuto !!!
Merci 😉
Hello,
I’d like to follow this guide to deploy a domestic mail server with Modoboa (in past I followed your guide to use iRedMail), but I don’t want to install and use Postgres on my server. The installer doesn’t support MariaDB (my favourite SQL server) so I’d know if it’s possible to use the installer for install MySQL server and, after installation, move to MariaDB and remove MySQL form server. Can you help me, please?
When you edit the installer.cfg file, you can choose which database server to install.
By default, Modoboa installer will install PostgreSQL database server, as indicated by the following lines in the config file.
If you would like to use MariaDB database server, then change the engine from
postgrestomysql. (Modoboa will install MariaDB instead of MySQL.)Thank you for reply!
Actually I had already tried to edit in configuration file inserting
but I got an error for engine not supported, so I changed to
thinking to migrate later from MySQL to MariaDB but it was not necessary because it was installed directly MariaDB… 😉
Great tutorial everything worked perfectly so I consindered using IT for Business.
Why in DNS state I get red DKIM with No record found? I use Sendinblue relay (port 25 blocked) and I configured my DNS, in <> section of my Sendinblue account <> is green and I read <>…
You need to configure both DKIM records (Moboboa and Sendinblue).
Hi Guoan – followed your excellent intro for various topics of mail setup. I built up with your 4 of 5 series from Build Your Own Email Server on Ubuntu: Basic Postfix Setup. Then tried to deep with this subject. It seems everything fine but https://mail.mydomain.com is still pointing to nginx default server block not updated to prompt to the Modoboa page. Anywhere I should update to nginx conf file or somewhere else? Thank you for your helps in advance.
changed back to 10.3 from 10.4 MariaDB. Red highlighted seemed errors during debug installation process:
..
… 2019-11-12 0:53:28 0 [Note] /usr/sbin/mysqld: ready for connections.
…Version: ‘10.3.20-MariaDB-1:10.3.20+maria~bionic’ socket: ‘/var/run/mysqld/mysqld.sock’ port: 3306
after installed, go to mail.mydomain.com, nothing happened and still goes to nginx deafult page of mail.mydomain.com.
Any clues? Thanks.
Hi Torvan,
If you followed my 5 part email server tutorial series, you should not install Modoboa on the same server. Modoboa is a complete email server solution, which automatically install and configure Postfix, Dovecot, SPF, DKIM, virtual mailboxes and webmail.
I tried the same setup all got installed properly I believe. But, if I try to send the mail from a user it give me below error.
Here is the screen shot of Modaboa Webmail settings https://ibb.co/Jy1jn0G
If I use SMARTTLS and 587 port for SMTP I’ll get following error.
You don’t need to change the default webmail settings, as shown below. The webmail, SMTP server, and IMAP server are running on the same server. There’s no need to use secure TLS connection when talking to localhost.
Thank you for your time. I’ve reinstalled the modoboa and works fine. But, now I want to install the https://github.com/modoboa/modoboa-imap-migration extension. I’ve followed the documentation mentioned in the extension page. However, I’m always getting the error `modoboa-amavis not found`, even if I try from `virtualenv`, but `modoboa-amavis` extension is already installed and running fine. I’m thinking now whether I have to add the extension in installer and run it again. I’m just confused with this.
Please let me know how can I add an extension.
Hi, thanks for your amazing tutorial, can u help analyze my log?
https://prnt.sc/q5zjzi
My situations is, I already succeed on sending email, but can’t receive from anywhere and the delay is too long when sending email with attachment.
Thanks.
Your Postgresql is not properly installed. Run the following command to install the client.
I’m using centos 7, already installed postgresql, should I update it to higher version?
There is no problem when I send and receive email with attachment max size 10mb, but when I try to upload larger file, the upload process is keep running and repeating (back to 0% when reach 100% upload), setting parameters didn’t give an effect at all (https://prnt.sc/q6zol6).
I think you should also change the maximum attachment size limit in Postfix.
If you can send and receive email, there’s no need to upgrade PostgreSQL.
Hi, I already follow your guide on changing max attachment size limit in postfix, but there’s no effect.
I still can’t attach file larger than 10MB. Loading keeps rolling even upload has reach 100%.
https://prnt.sc/q8leq7
And I have another problem, I also follow your guide on hosting multiple domain in 1 server, it works, I have 2 domain on my server, (https://prnt.sc/q8lf6h) let’s say there are mail.dom1.com and mail.dom2.com, my question is why user on mail.dom1.com can also login at mail.dom2.com? I want user on domain1 only can login at mail.dom1.com, is it possible?
Thank you.
https://prnt.sc/q8lf6h
Hi Xiao,
I got an error while running debug option doesn’t fix:
This is the error:
Job for nginx.service failed because the control process exited with error code.
See “systemctl status nginx.service” and “journalctl -xe” for details.
invoke-rc.d: initscript nginx, action “start” failed.
● nginx.service – A high performance web server and a reverse proxy server
Loaded: loaded (/etc/systemd/system/nginx.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/nginx.service.d
└─nofile_limit.conf
Active: failed (Result: exit-code) since Wed 2019-12-11 17:15:37 UTC; 21ms ago
Process: 5404 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
Main PID: 1031 (code=killed, signal=KILL)
…Failed to start A high performance web server and a reverse proxy server.
Perhaps there’s another web server running, so Nginx can’t start.
Destroying droplet and starting fresh.
Hi Xiao,
I deleted and created a new droplet. I installed Modoboa successfully, but I can’t reach my site; error: This site can’t be reached took too long to respond.
Perhaps you have enabled DigitalOcean’s cloud firewall.
Hey, do we have to change the hostname to mail.domain.com like in the iRedmail tutorial
You don’t have to. Modoboa will automatically configure the hostname in Postfix configuration file.
Great tutorial. I’m complete linux noob, but thanks to this guide I was able to set up mail server. Great stuff. Thanks.
I followed this guide closely and did everything you said. mail.mydomain.co is setup just fine but whenever I go to log into modova i just get the nginx landing page.
How do I purge this from my system entirely? its just taking up space and not doing anything. I want it gone.
Looks like you already have Nginx on your server before installing Modoboa. If you are not a Linux server expert, it’s recommended to install Modoboa on a clean server.
To remove Modoboa, run this command.
I think I have said that it’s better to install Modoboa on a clean server.
I was under the impression that this guide works with nginx. The only reason I even considered it was because of the web based GUI, looks like I was misinformed. I just used postfix and it works just fine, a lot easier to setup and actually works, the gui is not very important, postfix works just as well if you are familiar with linux like me.
Yes, Modoboa works with Nginx, but if you have made some modifications in Nginx, it might not work. If you are familiar with Nginx, you can still make it work.
If you are setting up a mail server for just a handful of people, you can simply install Postfix and Dovecot. A web-based GUI is important when you run a mail server for dozens of people or more, or when you need to share administrative permissions with others.
This was just wonderful! Thank you so much for this, this made it so much easier to setup a mail server. While sending and receiving now works fine, my emails still get send to the spam folders to most providers even though I have everything setup (SPF, DMARC, DKIM, etc.). I think it’s like you stated because it’s a “new” IP for mailing which doesn’t have a reputation yet. A bit later I also noticed is that some mails weren’t going through. I was testing the mail service using GlockApps and after signing up I didn’t receive a verification email. After checking the mail log I found the following postfix error occured
The solution is to change some of the settings in postfix’s main.cf stated here: https://serverfault.com/questions/628790/postscreen-sometimes-stops-the-mail-with-450-4-3-2-service-currently-unavailable/628807. One last thing, everytime I login with an email user I get this “Update profile settings” page. Is there a way to set the landing page to the mailbox (/webmail/#?action=listmailbox) after signing in?
This message
Indicates that Modoboa is using greylisting to filter spam. The sending SMTP server will try delivering the email again after several minutes.
Hello sir!
This tutorial is awesome!
I installed it and it works as expected!
I like the functionality, but I want also to login and install Roundcube in parralel on another address, for example: mail.example.com/roundcube where I could use the same mail addresses as in Modoboa.
Is that possible?
Yes, it’s possible. You just need to put the Roundcube configuration in a sub-directory in the Nginx virtual host.
You can also install Roundcube on its own sub-domain like webmail.example.com.
https://www.linuxbabe.com/ubuntu/install-roundcube-webmail-ubuntu-18-04-apache-nginx
I installed Roundcube and everything worked fine!
This tutorial is awesome!
I have another question, if you don’t mind…
I can’t manage to login from Laravel to send email thru my email server
I get this error:
My config is:
MAIL_DRIVER=smtp
MAIL_HOST=mail.codecodac.com
MAIL_PORT=587
[email protected]
MAIL_PASSWORD=mygreatpassword
MAIL_ENCRYPTION=ssl
myserever being an alias for “my server”
mygreatpassword an alias for “my great password”
“Connection timed out” indicates there could be a firewall preventing Laravel to connect to port 587 of your mail server.
I want to install the https://github.com/modoboa/modoboa-imap-migration extension. I’ve followed the documentation mentioned in the extension page. However, I’m always getting the error `modoboa-amavis not found`, even if I try from `virtualenv`, but `modoboa-amavis` extension is already installed and running fine. I’m thinking now whether I have to add the extension in installer and run it again. I’m just confused with this.
Please let me know how can I add an extension.
Please , one question!
Lets say I have installed VestaCP on one IP address with my domain example.com and I am using cloudflare for the DNS configuration.
Can I install Modoboa web mail server on another (new) Ubuntu VPS with another IP address and edit DNS with cloudflare to use it with same domain name example.com ?
The DNS records should be like:
You will have an email address like [email protected] on the Modoboa server.
Thank you.
Hi,
Great tutorial! Unfortunately for me, when I attempt to access the interface, I get a “the connection timed out”. Ports 80 and 443 are open in ufw and Kamatera. A and MX records are propagating. Nothing in the error log at all.
Thoughts appreciated 🙂
Hi Jerry,
Can you tell me what’s your domain name? If you don’t like to show your domain name in public, you can reply to my email.
Hi,
After your help, I was able to get to the interface. I realize that I forgot that I didn’t modify the installer.cfg correctly by forgetting to put letsencrypt under the certificate section.
Thanks again!
Followed all steps under “Improving Email Deliverability” but Gmail still puts my messages in spam. Interestingly, I sent a test to my friends Yahoo address and is successfully went to their Inbox.
Also, my spam test result is 9/10. Getting the following message:
“Your message is not signed with DKIM”
As far as I can tell, my DKIM configuration is correct. Any suggestions on how to fix this?
Thanks again for your amazing tutorial and guidance!
Send an email, then check the mail log (/var/log/mail.log) to see if you can find any clue.
Happy Saturday. I finally got to this. Still getting 9/10 with the following warning in /var/log/mail.log:
“postfix/smtpd[3454]: warning: connect to Milter service inet:127.0.0.1:12345: Connection refused”
I tried to approximate configuration based on instructions at the following link, but I probably don’t know enough about what I am doing to get it right.
https://tinycp.com/community/show/solved-warning-connect-to-milter-service-inet-127-0-0-1-8891-connection-refused,134.html
Any help appreciated.
Thanks.
I think you should check if OpenDKIM is running with the following command.
If it’s not running, start it.
The installation just runs fine on my end, but the nginx is failing to start because the letsencrypt certificate does not exist even if I edited the installer.cfg file from self-signed to letsencrypt.
In the file ‘mail.mydomain.com.conf the ssl certificate is pointed to ”/etc/letsencrypt/live/….’, but the certificate do not exist there, actually the “live’ folder is missing from /etc/letsencrypt.
Best practices for obtaining Let’s Encrypt certificate:
1.) Use a clean Ubuntu 18.04 OS to install Modoboa
2.) Change the email address from [email protected] to your real email address. You will not be able to obtain and install Let’s Encrypt certificate if you use the default email address.
3.) Open port 80 and 443 in the firewall.
Amazing tutorial thank you for publishing it.
One thing that would be great to add is that in order for people to configure thunderbird or a mail client on their phone is necessary to make sure that the server has the ports (TCP) 993 and 587 open.
Hello,
Already excellent tutorial. I followed it but I am stuck on the error of the page “Sorry, an internal error has occurred”
I have an Ubuntu 18.04 server with LEMP already installed (MariaDB).
I put the errors and the configuration.
<pre
[database]
engine = mysql
host = 127.0.0.1
install = false
[mysql]
user = chris
password = xxxxxxx
charset = utf8
collation = utf8mb4_general_ci
“chris” has the same root privileges. I searched for hours and unfortunately did not find a solution.
Thanks in advance.
Best practice to run Modoboa: Use a clean install OS.
xiao,
thank you so much for this guide.
Everything works as you described and all my domains emails end up in ‘Inbox’.
Only one thing is not clear. how do you enable radicale for global contacts?
I just get this message when i go to ‘www.mydomain.com/radicale’.
“Radicale works!”
Hi Xiao Guoan (Admin)
This is my first time on your website and I must confess you made me feel like a pro! You are the BEST on the internet. You make everything look easy and please accept my token and I urge everyone to support him too!
Just a lil suggestion for those having issues with no connection after the congratulatory message.
I did the following four step and my site came live, apparently it was issue with lets encrypt
#apt install certbot
#apt install certbot
#service nginx restart
#/etc/init.d/dovecot restart
Hi,
Could you please write an article on updating modoboa to the latest version? My current version is 1.14 and 1.15 is released. The readthedocs which i found was kinda to hard to follow. And there’s something about python 2 being dropped which makes it harder.
thnx in advance
cd modoboa-installer
~/modoboa-installer$ git pull
~/modoboa-installer$ sudo ./run.py –interactive –debug yourdomain.tld
Hi everybody,
just found your page. It’s amazing, but I have issues with the current nginx version 1.14.0-0ubuntu1.7 package:
Still I don’t know how to fix it
Thank you for the hint,
I just found the solution at the same time on
https://stackoverflow.com/questions/13895933/nginx-emerg-could-not-build-the-server-names-hash-you-should-increase-server
/etc/nginx/nginx.conf:
This line fixed the problem 🙂
Hello Xiao,
I tried to create a small distribution list via Alias but Modoboa refuses to accept those aliases and do not deliver them at all. Is there any solution for sending to a group of email recipients?
Why not use a mailing list manager?
Hi, this worked like a charm.
How can I use this for transactional emails? I’ll love to replace ElasticMail.
Are there additional steps or implementations that I need to make?
Simply set up SMTP authentication between your website and mail server, so your website will be able to send emails via your own mail server. For example, if you use WordPress, you can install an SMTP plugin to help set up the SMTP authentication.
If you don’t like installing plugins in WordPress, you can follow the tutorial below to set up SMTP authentication from command line.
How to set up SMTP relay between 2 Postfix SMTP servers on Ubuntu
I did the installation, after that I tried to login using domain name, I got blank page, then I tried to login using IP address I got “Bad Request (400) ” response
Best practices for running Modoboa:
1.) Use an LTS release of Ubuntu such as 18.04.
2.) Use a clean fresh Ubuntu 18.04 server.
3.) Make sure your server has at least 2GB RAM.
The installer is currently broken (august 7th 2020). A python dependency is breaking the entire install (the “braces” module) – so typical for python… sigh :/
I just installed Modoboa on a new server, and it worked like charm.
Best practices for running Modoboa:
1.) Use an LTS release of Ubuntu such as 18.04. (I didn’t test with 20.04).
2.) Use a clean fresh Ubuntu 18.04 server.
3.) Make sure your server has at least 2GB RAM.
You mention at the beginning you can send unlimited emails.
How would you setup modoboa to send 100k emails/day?
Is there any specific conf to add?
Thanks!!
By default, there are no settings in Postfix to limit the sending volume, so you can send unlimited emails out of the box.
Tip: Before sending bulk emails, you should build some reputation for your self-hosted email server.
Oh wow! That’s amazing!
But there are for sure some speed limits or something like that due to the hardware right?
Hello,
thank you for amazing tutorial. I was able to manage all the settings and I am able now to send emails directly to inbox!
however, there is a problem – I cannot recieve any email send to the address.
where should I start searching for solutions?
hm, ok I can send email to self and it arrives. any email from outside the system is ignored.
Hi,
Thanks for the wonderful article.
I was able to setup the modoboa based email server. Able to send/receive emails.
Configured the DKIM/SPF/MX/Dmarc in the DNS and ensured that it gets a score of 10/10 using the email server verification.
(mail.cpanook.com) is the domain on which the modoboa based email server is hosted.
Now, I want to use one of my django based web application (hosted on a different domain/ Server) to use the smtp of the mail.cpanook.com to send the email(s). (We use the django-postoffice and are able to successfully aboe to send emails using the gmap smtp server and email of the gamil account cedentials).
We want to replace it with the modoboa based email server as th smtp server in ou web application.
We have tried to replace the smtp server, email/passwod created in the mail.cpanook.com. However, it does not even seems to send the reques to toe modoboa based web server).
I have verified that on both the hosted webserver (email web server and web application web server) – ports 25, 443 are open and able to send/receive emails from both the servers.
Basically, we need the credentials to be used by the remote server to send the email using the smtp of the modoboa based email server.
Can you please help us to guide further on this aspect?
After sending an email, check the mail log
/var/log/mail.log.Hi,
I installed my mail server at the beginning of the year following these instructions. Thanks for the good How-to 🙂
But in the meantime Modoba says that updates are available.
Would you also do a Modoba Update/Upgrade Guide?
Thanks,
Robin
Hi Xiao
Just wanted to let you know that your site is amazing!! It is a wealth of precise information. I have used your tutorials for a number of different setups and posted your links in forums where people are asking for help.
Thank you so much for the effort and great site.
thanks
i will try it
Hi,
Thanks for the tutorial, it works perfectly.
I just want to ask about the client side configuration. I use Gmail app and the problem is with incoming mails. If I open the Gmail app the incoming mails are received almost instantly. However I did not receive any notification when the app is closed, so if I want to know if there are incoming mails I have to open the Gmail app. Is there anyway to tackle this?
You should ask Gmail about this.
Hello Xiao Guoan, I wonder how you would recommend Modoboa ~ iRedMail. Your article w/ Modoboa are based on Ubuntu and the second on Debian.
Can Modoboa be used on Debian ?
Is there differences of use between the two ?
Regards.
DKIM IS NOT WORKING IT’S KEEP ON PROMPTING Awaiting checks is SHOWING…
I face the same issue, even everything is green! 🤷♂️
I forgot to mention, that I am using Cloudflare, with my main domain. The Mailserver is built with a sub-domain. May that is why I receive the DKIM error. I could not fix until now.
Great guide. The only problem is that if you set up your own email server, its reputation will be really really difficult. A good idea would be to use Amazon SES as your e-mail relay. I know that you have instructions for Sendinblue. It would be cool to have those instructions.
Hey! thank you for your guide, it really helped.
I am currently having troubles with auto renew SSL. I am getting this error when I try to run commant manually, because cron does not work (is setup correctly)
Thanks
Looks like you need to install the certbot nginx plugin.
thank you. I installed this. is there any other command to run? how can I run process again to obtail valid SSL? thanks
seems like all went well this time, but I still dont see valid certificate on the server. is there any other step to perform? thanks and appreciate your help a lot!
Use the following command to list certificates on your server.
After renewal, you may need to restart Nginx.
it works now, thanks!
Thank you for the tutorial, it worked as expected. Wich steps are necessary, if I want to use three separate domains? Until know I use two domains as mentioned above!
Emails are not going by thunderbird getting errror
An error occurred while sending mail. The mail server responded:
4.3.5 : Recipient address rejected: Server configuration problem.
Please check the message recipient “[email protected]” and try again.
I just installed Modoboa on a clean Ubuntu 18.04 server and I can send email successfully in Thunderbird.
I have seen this “Server configuration problem” error before on my own mail server. It is probably due to a typo or syntax error in your Postfix config file
/etc/postfix/master.cfor/etc/postfix/main.cfI have after install this error: Server internal error , when i try install on clear system ubuntu 18/20 my install stipping on this stage.
A motivating discussion is definitely worth comment.
I believe that you need to write more on this subject
To the next! Best wishes!!
Thanks for the tutorial. How do I install modoboa without having to install a new certificate. I already have a working SSL certificate
Even if you already have an SSL certificate, I still recommend using the Modoboa script to obtain a certificate from Let’s Encrypt. It’s free, and you can automate the renewal with a Cron job.
If you really want to use your existing SSL certificate, here’s how.
After installing Modoboa, edit Postfix configuration file.
Find the following two directives.
Add your certificate and private key.
Save and close the file. Then edit Dovecot TLS configuration file.
Find the following two directives.
Add your certificate and private key.
Save and close the file. Now reload Nginx, Postfix and Dovecot.
Bad Request (400)
i think the letsencrypt don’t work to create a certificate ,
i have use certificate create with cerbot ,i have change the ssl to tls1.2 on
and also i use the domain freemon to testing mail server
cheers
OMar
Tremendous things here. I am very glad to see your
article. Thank you a lot and I’m looking forward to touch you.
Will you kindly drop me a mail?
Hello, I log on to your blogs every day.
Your style is witty, keep doing what you’re doing!
django 1045, “Access denied for user ‘modoboa’@’localhost’
no matter what I try e.g. change 127.0.0.1 to localhost; grant privileges on db etc..
Any pointers would be highly appreciated!
Same for me – this seems to be a MariaDB issue.
No app has access to Maria
Hi, thanks for the great tutorial, yet I cannot get the install right.
During installation this happens in Debug mode:
Jan 20 12:26:22 xxx.xxxx.com mariadbd[5461]: 2023-01-20 12:26:22 172 [Warning] Access denied for user ‘modoboa’@’localhost’ (usi>
Jan 20 12:27:02 xxx.xxxxx.com mariadbd[5461]: 2023-01-20 12:27:02 173 [Warning] Access denied for user ‘modoboa’@’localhost’ (usi>
Same for the root user.
Any ideas?
Thank you very much
I got a little further, just when installing MariaDB at the beginning of the modoboa installation process, it states MariaDB already installed with newest version.
So modoboa seems to skip it.
All users fail: modoboa and root.
Hi. I think your HowTo needs an Update. I´ve installed this multiple times but now when i try i get an error for pycairo. Its a fresh VPS:
Stored in directory: /srv/modoboa/.cache/pip/wheels/f0/69/93/a47e9d621be168e9e33c7ce60524393c0b92ae83cf6c6e89c5
Building wheel for pycairo (pyproject.toml) … error
error: subprocess-exited-with-error
× Building wheel for pycairo (pyproject.toml) did not run successfully.
│ exit code: 1
╰─> [12 lines of output]
running bdist_wheel
running build
running build_py
creating build
creating build/lib.linux-x86_64-cpython-310
creating build/lib.linux-x86_64-cpython-310/cairo
copying cairo/__init__.py -> build/lib.linux-x86_64-cpython-310/cairo
copying cairo/__init__.pyi -> build/lib.linux-x86_64-cpython-310/cairo
copying cairo/py.typed -> build/lib.linux-x86_64-cpython-310/cairo
running build_ext
‘pkg-config’ not found.
Command [‘pkg-config’, ‘–print-errors’, ‘–exists’, ‘cairo >= 1.15.10’]
[end of output]
note: This error originates from a subprocess, and is likely not a problem with pip.
ERROR: Failed building wheel for pycairo
Successfully built rrdtool django-xforwardedfor-middleware progressbar33 psycopg2-binary vobject sgmllib3k
Failed to build pycairo
ERROR: Could not build wheels for pycairo, which is required to install pyproject.toml-based projects
bash: line 1: modoboa-admin.py: command not found
None
Nevermind i figured it out. install these 2 packages if you encounter the pycairo error:
sudo apt-get libcairo2 libcairo2-dev
Hi there,
Thanks for your ever great tutorials. This seems like a great tool to manage the mail server, but I have already had one running for some time using another one of your tutorials. How can I migrate from the completely manually setup mailserver to this?
Tom
8/12/2023
Success with Debian 11 Network and apt install gnome-core.
If behind a firewall, before installing Modoboa, allow incoming http and https so Let’s Encrypt certbot Internet servers can verify the token temporarily placed on your Modoboa web site during the certificate installation process.
Then, immediately after Modoboa is installed, disable incoming http/https, and change the Modoboa admin password to something cryptic, then re-open incoming http/https ports.
Hi
Brilliant guide and works 99.9%. Thank you. Emails are being sent without going into junk, Gmail, Yahoo and Microsoft etc.
I have installed this on 22.04 desktop. The only thing I am unsure of is the Auto-Renew Let’s Encrypt Certificate. I have no cert-bot-auto in my opt directory.
Any help you can give on this would be really appreciated.
Managed to crack it. I have used /usr/bin/certbot renew -q.
I have got stuck in step 5. Logging in works fine but once I click “Webmail” I see this:
“Error: [b'[SERVERBUG] Internal error occurred. Refer to server log for more information. [2023-08-27 13:09:10] (0.001 + 0.000 secs).’]”
I resolved it by “chmod”-ng “vmail:vmail” the folder “/srv/vmail”.
I can send and receive messages, however no sent message is stored in “Sent”-folder and no draft is stored in “Drafts”-folder.
Even more strange is that this only happens using “Thunderbird”. If I use “modoboa” then the sent items are in “Sent” and they are also visible in “Thunderbird”. But when I send something in “Thunderbird” nothing is stored in “Sent”. And if I reply in “Thunderbird” to a mail sent from my mail server then the receiver is not the user on my mail server but the one who has received the mail from my mail server, and the sender is the account of my mail server, not the version where I click vor the reply.
I had to set in “Thunderbird” that my mail server account is used for these mails not “Local Folders”. And suddenly, that replying thingy also works.
Hello. This is a great tutorial and resource! Thank you. I have one small issue that maybe you can help me resolve or diagnose. The webmail works. Thunderbird works. I have a GOIP GSM gateway that sends sms to email via smtp. It is on the same network as the Modoboa server. It does not work with the Modoboa server. It seems the connections are never established. Fail2ban is not running. There is no mail logs for some reason. How can I see why the outgoing credentials are not working? Thanks