mirror of
https://github.com/myronblair/ProxMailcow
synced 2026-06-30 17:50:40 -05:00
Initial infrastructure: NPM + Mailcow on Proxmox
- VM 200: Nginx Proxy Manager (10.48.200.80) - VM 201: Mailcow email server (10.48.200.82) - Cloud-init automation for both VMs - FortiGate VIP/policy documentation - DNS records for web.orbishosting.com - NPM proxy host setup guide - Mailcow post-install checklist - Cert sync script (NPM → Mailcow) External IP: 97.176.15.26
This commit is contained in:
@@ -0,0 +1,126 @@
|
||||
# Mailcow Post-Installation Steps
|
||||
|
||||
Access Mailcow admin: **https://mail.web.orbishosting.com**
|
||||
Default login: `admin` / `moohoo`
|
||||
|
||||
---
|
||||
|
||||
## Step 1: Change Admin Password
|
||||
|
||||
**Configuration → Access → Administrator accounts → admin → Edit**
|
||||
|
||||
---
|
||||
|
||||
## Step 2: Add Your Domain
|
||||
|
||||
**Configuration → Mail Setup → Domains → Add domain**
|
||||
|
||||
| Field | Value |
|
||||
|-------|-------|
|
||||
| Domain | `web.orbishosting.com` |
|
||||
| Description | Orbis Hosting Mail |
|
||||
| Max. aliases | 400 |
|
||||
| Max. mailboxes | 10 (adjust as needed) |
|
||||
| Max. quota | 10240 MB |
|
||||
| Default mailbox quota | 1024 MB |
|
||||
| Active | On |
|
||||
|
||||
---
|
||||
|
||||
## Step 3: Create Mailboxes
|
||||
|
||||
**Configuration → Mail Setup → Mailboxes → Add mailbox**
|
||||
|
||||
Suggested mailboxes to create:
|
||||
- `admin@web.orbishosting.com`
|
||||
- `postmaster@web.orbishosting.com` (required for RFC compliance)
|
||||
- `abuse@web.orbishosting.com` (required for RFC compliance)
|
||||
- Your personal email address
|
||||
|
||||
---
|
||||
|
||||
## Step 4: Get DKIM Key
|
||||
|
||||
**Configuration → Domains → web.orbishosting.com → DKIM**
|
||||
|
||||
Click **Generate** if no key exists, then copy the TXT record and add it to your DNS:
|
||||
```
|
||||
dkim._domainkey.web.orbishosting.com TXT "v=DKIM1; k=rsa; p=YOURKEY..."
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Step 5: Verify Mail Configuration
|
||||
|
||||
**Configuration → Diagnostics** — Run all checks and ensure green on:
|
||||
- DNS MX record
|
||||
- SPF record
|
||||
- DMARC record
|
||||
- Reverse DNS (PTR)
|
||||
- DKIM
|
||||
|
||||
---
|
||||
|
||||
## Step 6: Configure Mail Clients
|
||||
|
||||
Use these settings for Outlook, Thunderbird, Apple Mail, etc.:
|
||||
|
||||
### Incoming Mail (IMAP)
|
||||
| Setting | Value |
|
||||
|---------|-------|
|
||||
| Server | `mail.web.orbishosting.com` |
|
||||
| Port | `993` |
|
||||
| Security | SSL/TLS |
|
||||
| Username | full email address (e.g., user@web.orbishosting.com) |
|
||||
|
||||
### Outgoing Mail (SMTP)
|
||||
| Setting | Value |
|
||||
|---------|-------|
|
||||
| Server | `mail.web.orbishosting.com` |
|
||||
| Port | `587` |
|
||||
| Security | STARTTLS |
|
||||
| Authentication | Normal password |
|
||||
| Username | full email address |
|
||||
|
||||
---
|
||||
|
||||
## Step 7: Test Email Deliverability
|
||||
|
||||
1. Send a test email from your new mailbox to an external address (Gmail, Outlook)
|
||||
2. Check spam score: https://www.mail-tester.com
|
||||
3. Check blacklists: https://mxtoolbox.com/blacklists.aspx
|
||||
|
||||
**Target score:** 10/10 on mail-tester.com
|
||||
|
||||
Common issues if score is low:
|
||||
- Missing PTR record → contact ISP
|
||||
- Missing DKIM → check Step 4
|
||||
- Missing DMARC → check dns-records.md
|
||||
- On a residential ISP blacklist → consider a mail relay (SendGrid, Mailgun) for outbound
|
||||
|
||||
---
|
||||
|
||||
## Mailcow Useful Commands
|
||||
|
||||
```bash
|
||||
ssh ubuntu@10.48.200.82
|
||||
cd /opt/mailcow-dockerized
|
||||
|
||||
# View all container status
|
||||
sudo docker compose ps
|
||||
|
||||
# View logs for specific container
|
||||
sudo docker compose logs -f postfix-mailcow
|
||||
sudo docker compose logs -f dovecot-mailcow
|
||||
sudo docker compose logs -f acme-mailcow
|
||||
|
||||
# Restart all Mailcow containers
|
||||
sudo docker compose restart
|
||||
|
||||
# Update Mailcow
|
||||
sudo docker compose pull
|
||||
sudo docker compose up -d
|
||||
|
||||
# Update Mailcow (official method)
|
||||
sudo ./update.sh
|
||||
```
|
||||
@@ -0,0 +1,46 @@
|
||||
#!/bin/bash
|
||||
# Sync SSL certificates from NPM to Mailcow
|
||||
# Run on the NPM VM (10.48.200.80) via cron after cert renewal
|
||||
#
|
||||
# Cron entry (on NPM VM): 0 3 * * * /opt/sync-certs.sh
|
||||
#
|
||||
# Prerequisites:
|
||||
# 1. SSH key from NPM VM to Mailcow VM is set up (no password needed)
|
||||
# Run on NPM VM: ssh-keygen -t ed25519 -f ~/.ssh/mailcow_sync
|
||||
# Run on Mailcow VM: echo "<pub key>" >> ~/.ssh/authorized_keys
|
||||
#
|
||||
# 2. DOMAIN below matches the cert folder in NPM's letsencrypt directory
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
DOMAIN="mail.web.orbishosting.com"
|
||||
MAILCOW_HOST="10.48.200.82"
|
||||
MAILCOW_USER="ubuntu"
|
||||
MAILCOW_SSH_KEY="/root/.ssh/mailcow_sync"
|
||||
|
||||
NPM_CERT_DIR="/opt/npm/letsencrypt/live/${DOMAIN}"
|
||||
MAILCOW_CERT_DIR="/opt/mailcow-dockerized/data/assets/ssl"
|
||||
|
||||
# Check if cert exists
|
||||
if [ ! -f "${NPM_CERT_DIR}/fullchain.pem" ]; then
|
||||
echo "ERROR: Certificate not found at ${NPM_CERT_DIR}"
|
||||
echo "Make sure the NPM proxy host for ${DOMAIN} has an active SSL cert."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Syncing certs for ${DOMAIN} to Mailcow at ${MAILCOW_HOST}..."
|
||||
|
||||
# Copy certs to Mailcow
|
||||
scp -i "${MAILCOW_SSH_KEY}" \
|
||||
"${NPM_CERT_DIR}/fullchain.pem" \
|
||||
"${MAILCOW_USER}@${MAILCOW_HOST}:${MAILCOW_CERT_DIR}/cert.pem"
|
||||
|
||||
scp -i "${MAILCOW_SSH_KEY}" \
|
||||
"${NPM_CERT_DIR}/privkey.pem" \
|
||||
"${MAILCOW_USER}@${MAILCOW_HOST}:${MAILCOW_CERT_DIR}/key.pem"
|
||||
|
||||
# Reload Mailcow services that use the cert
|
||||
ssh -i "${MAILCOW_SSH_KEY}" "${MAILCOW_USER}@${MAILCOW_HOST}" \
|
||||
"cd /opt/mailcow-dockerized && sudo docker compose restart postfix-mailcow dovecot-mailcow nginx-mailcow"
|
||||
|
||||
echo "Done. Certs synced and Mailcow services restarted."
|
||||
Reference in New Issue
Block a user