New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
No - I just like having the extra buffer so I can run Solr for full-text search. My email account is ~15 years worth of email, ~600k messages in total. Solr consumes a few gigabytes of RAM with an index of that size.
The VPS is only $125 / 3 years (~$41/year) - It's the "BudgetKVMSJC-3" with a "double RAM + a bit more disk space" offer since it was a preorder.
ahhh, I see. thank you for the reply. I'm glad this post made it's way back to recent activity. I'm going to use it to set up my mail server similarly
Once I get mine running I'll post an update here with the updated process using the direct admin since mxroute seems to be using it exclusively instead of panel now.
Thanks!
My MXRoute account still uses cPanel, so I can't test anything DirectAdmin-related. I guess it's on a legacy server.
I tried a new install on GreenCloud VPS and several containers fail to start with errors like "exec /opt/docker-solr/scripts/docker-entrypoint.sh: exec format error". It's weird because this error is usually due to the docker image being for a different architecture than the one of the host system, but in this case both are x86. Any ideas?
I gave up with Mailcow as I didn't have the energy to file the Github issue with that long template so I decided to try Mailu. Wow it's awesome! It's extremely easy to set up and backup. I was up and running in a few minutes without any issues. The UI is simple but has the essential configuration you actually need to just set up a simple but complete mailserver. I am using Zepto Mail for outgoing email so I don't have to worry about deliverability. It's just 2.50 euros per credit and each credit is for a whopping 10K emails and lasts 6 months, so it's almost nothing. Will I keep this setup? I don't know, I am trying it just because I love self hosting stuff lol so let's see. But I really like how simple and easy it is.
I was wondering, while these projects should be fairly secure (hopefully), what is the best way or tool to test the security of an mail server?
This is for Mailcow specifically, but some advice might be useful for other systems too:
Make sure it's not an open relay (e.g. using a tool like https://mxtoolbox.com/diagnostic.aspx). Make sure you test both IPv4 and IPv6.
Mailcow includes fail2ban which will block IP addresses (individual IP for IPv4 and /64 range for IPv6) for one day if they get a password wrong 10 times in 10 minutes. It's preconfigured to handle all places that take passwords - Mailcow admin UI, SOgo (webmail), SMTP, IMAP4, POP3, Sieve.
Make sure you enable two-factor authentication for your accounts - both the admin account and webmail (in SOgo). Use TOTP at least, but ideally use Webauthn/FIDO2 using a Yubikey. SMTP/IMAP4 don't support two-factor auth, though.
Disable POP3 for your account if you're not using it.
Use "app passwords" rather than your actual account password for your email apps. If you have scripts that need to send mail, create an app password and disable all protocols except for SMTP (so that particular app password won't have IMAP, ActiveSync, POP3 or Sieve access).
All the same general advice for Linux servers applies, too:
passwd -d root && passwd -l root
PasswordAuthentication
in/etc/ssh/sshd_config
and only use SSH keysunattended-updates
to automatically install security updates / bug fixesThanks
seems good but no backup option?
I think it is time for mxroute @jar to limit the login account should be same as the header From address,otherwise,some one maybe use it as relay service and sending spams.
@jar If no limitation,I buy service from mxroue for only USD15/year,and sell a email account for a company as relay account with USD100 per year,it is just like sendgid and mailgun,that will be huge profit service^_^
Considering the 300 emails/hour limit, it may not meet the needs of a substantial business.
You can creat many accounts as relay accounts,for example,30 accounts,then 9000 email per hour,that is enough for normal business. That is cheap cheap cheap compared with other mail service like sendgrid/mailgun/smtp2go and etc.
As a digital printing enterprise in Vietnam, we only use one email to send transactional messages via our CRM. This setup is efficient and professional, as it's unnecessary for serious businesses to use multiple emails for transactional communication.
It's pretty good and I am happy with it, so chances are I might keep this setup. It's super easy to set up and operate, and to back it up you just back up the directory where all the data is! The database is sqlite and writes are atomic temporarily freezing other processes that try to access the database during a write (like backup), and since the database is tiny, this is so quick that it's as if it doesn't happen. Also the database is not actively written to but only when there are changes to the config etc, so with these two in mind you can just back up the directory as is and that's it. If you need to restore, you just restore the directory and run compose up. It really couldn't be any simpler and I really like it.
Forgot to mention that if you go with it, use the master branch when generating the configuration file, because it has improved full text search. They will make a new release in a month
https://mxroute.com/policy.html
If you have a catchall account
@example.com
, then it's totally fine for the From address to be anything@example.com
. That's what I'm doing. Each domain has a separate catchall address for that domain.I am working on doing a blog post about this in more detail but hopefully this will help someone. I was able to use @Daniel15 directions and make it work on the newer DirectAdmin panel that MXRoute is using now. It is a bit different but I have it working on multiple domains. Before I could not send emails to anything owned by M$ but now all emails are delivered without issue. So this is roughly how I did it:
Log in to MXRoute
Go to Account Manager --> Domain Setup
Add New
Domain: ENTERYOURDOMAINHERE.TLD
Uncheck Secure SSL, CGI Access, PHP Access (probably ok to leave alone but I unchecked it)
Leave everything else alone
Click Create
At the top right, choose the domain drop down, and choose the domain you just created
Go to Account Manager --> DKIM Keys
Copy the x_.domainkey TXT entry
Go to your DNS host and create that entry with its data
Also update your v=spf1 record to be "v=spf1 mx a include:mxroute.com -all"
Go back to MXRoute. E-mail Manager --> E-mail Accounts
+CREATE ACCOUNT
Enter something for the Username (part before the @), I use something like null or similar. Do not use something you will use on your mailcow instance. I am not sure if this will mess things up but just to be safe use something not used elsewhere.
Create a long, complex password. I use my password generator and set it to 40+ characters
Leave everything else alone
Click CREATE ACCOUNT
Take note of the window that pops up if you did not copy your password down.
Click CLOSE
E-mail Manager --> E-mail Routing
Uncheck the "Use this server to handle my e-mails......"
Click SAVE
Advanced Features --> Catch-All E-mail
Check the radio button beside Address
Type the username you created, it should auto-populate so select it
Click SAVE
Go to your Mailcow instance
System --> Configuration --> Routing
In the Add sender-dependant transport (middle of the page) add the following:
Host: Your MXRoute server instance name:587 (ex: friday.mxrouting.net:587)
Username: The email address you created (ex: [email protected])
Password: The password you created with the above username
Click +ADD
(You can do the test here if you want)
DONE! You should now be able to send emails and they all route through MXRoute.