iRedMail setup and GoDaddy DNS records
I had it in mind to Dockerize email services on an Ubuntu server. I quickly realized email is a gongshow and opted for the fastest, easiest solution. This turned out to be iRedMail, which still proved a bit tricky when it came time to set up my GoDaddy DNS records.
Here’s what I did…
The system
- Ubuntu 14.04 server
- 1 vCPU
- 2 GB (as recommended here)
- 20 GB of storage
I buy my VMs from cloudatcost.com. They’re reasonably reliable and reasonably priced.
A (Host) records
Once your machine (wherever it be) is online, set the DNS A (Host) records right away. My DNS stuff is all managed at GoDaddy.
![[First host record] [First host record]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/setHostRecord.jpg)
Then create another A record and point it to the mail subdomain:
![[mail subdomain host record] [mail subdomain host record]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/setHostMailRecord.jpg)
Prepare the environment
CloudAtCost sets creates a root user and sets the password. I ssh
in and change it right away:
|
|
There may be a compelling reason to create a non-root user, but since the iRedMail will be installed entirely as root, I’m going to skip that step until advised to do otherwise.
Set the domain name
First,
|
|
Change whatever’s inside to:
|
and save. Then,
|
|
Change it to look like this:
|
|
Change your domain name wherever appropriate (my example domain is rockyvalley.ca.
Reboot the machine.
Log back in:
|
|
Execute
|
|
If you see something similar to
|
|
then your server has been named appropriately.
Install iRedMail
Download the latest package.
|
|
Execute the install script:
|
|
This will install a bunch of stuff and then guide you through configuration. Press Enter to proceed past the intro screen.
Default mail storage path
![[Default mail storage path] [Default mail storage path]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/installHelper1.jpg)
Preferred web server
![[Preferred web server] [Preferred web server]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/installHelper2.jpg)
Choose preferred backend used to store mail accounts
Use the space bar to select the database (here, PostgreSQL).
![[Choose preferred backend used to store mail accounts] [Choose preferred backend used to store mail accounts]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/installHelper3.jpg)
Password for PostgreSQL administrator: postgres
![[Password for PostgreSQL administrator: postgres] [Password for PostgreSQL administrator: postgres]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/installHelper4.jpg)
Your first virtual domain
![[Your first virtual domain] [Your first virtual domain]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/installHelper5.jpg)
Password for the administrator of your domain
![[Password for the administrator of your domain] [Password for the administrator of your domain]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/installHelper6.jpg)
Optional components
![[Optional components] [Optional components]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/installHelper7.jpg)
Proceed with installation
![[Proceed with installation] [Proceed with installation]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/installHelper8.jpg)
I answered yes when asked:
|
|
I answered no when asked:
|
|
I figured it unwise to restart because I’m logged in to my server via ssh
.
Upon sucessful completion, the installer will spit out some valuable information:
|
|
Reboot now.
Set up DNS records
MX
The A records have already been set up. Create an MX record (I’m using GoDaddy, so I deleted the existing records before proceeding):
![[MX record] [MX record]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/setMXRecord.jpg)
SPF
This gets set as a TXT record at GoDaddy:
![[SPF record] [SPF record]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/setSPFRecord.jpg)
DKIM
Log back into your server:
|
|
Execute the following to determine your DKIM keys:
|
|
This will return something like this:
|
|
All the stuff between the brackets needs to be put onto one line, like this:
|
|
All this gets set as another TXT record:
![[DKIM record] [DKIM record]](/2015/11/04/iRedMail-setup-and-GoDaddy-DNS-records/setDKIMRecord.jpg)
This may take some time to propagate (a couple hours even). These commands will help confirm that everything is set up okay:
|
|
You’ll see the DKIM TXT record you just set once everything has propagated.
Verify public key availability:
|
|
You should see this, if successful:
|
|
SSL/TLS
At this point, assuming time allowed for propagation, you should be able to send and receive email from the postmaster account. However, the certificates iRedMail sets up for you are self-signed, which means you get an ugly warning whenever you try to access your webmail. To fix this, you’ll need to get certs from a trusted certificate authority. I like to use startssl.com because they’re free.
Once obtained, transfer the certificates to the mail server:
|
|
Login,
|
|
unzip, decrypt, and lockdown:
|
|
Since I chose Nginx as my web server and StartSSL as my CA, I need to chain my ssl.crt
with StartSSL’s intermediate certificate:
|
|
The certificates are now ready to be put in place. The self-signed certificates are stored in:
/etc/ssl/certs/iRedMail.crt
/etc/ssl/private/iRedMail.key
The new certificates were already named appropriately during decryption and chaining, so now it is simply a matter of overwriting the existing self-signed certificates:
Copy the certs to the correct directories:
|
|
Reboot the machine.
I rebooted in lieu of restarting individual services. Once back online, test sending and receiving. Everything should be good to go.