Configuring your mail server in docker-compose
Why install your own server if there is Google in the world?
- Your personal domain is just a cool email address. But for any more or less intelligible company, this is an obligation. Without a corporate email, you will not be able to register trial versions of b2b products.
- No ads and no crawling of your mail by third-party services. At one time, Gmail and others were notable for persistent scanning. And while most of them have stopped doing it, it is recommended that you check your email privacy settings. And Yandex, apparently, is still doing this for the purpose of targeting advertising.
- The ability to write an API for interacting with mail. If you are a serious system administrator, then creating a new user in the domain should not be accompanied by a walk through five different interfaces. You need to run a script that will create and link all accounts to each other.
- Price. With free server capacity and a large number of users, having your own server is much cheaper than paying for Google.
- Postfix. If you are looking to grow, then postfix is for you. Emails that need to be processed, thrown from box to box and the like hoop jumping while humming the American anthem – for all this you need postfix.
Let’s get started
We will install it on the tenth Debian. You will need a dedicated server with a domain name. In general, the system can be run on 4 gigabytes of RAM.
Setting up DNS records takes a couple of minutes. We go to the site of our favorite DNS provider, buy mydomain.org and start configuring it. You need the following entries:
mydomain.org A 188.8.131.52 mail.mydomain.org A 184.108.40.206 mydomain.org MX mail.mydomain.org
And first of all, save yourself a little nerves:
systemctl stop exim4.service systemctl disable exim4.service systemctl stop apache2.service systemctl disable apache2.service
Then we install
according to the instructions.
The first underwater mine
During the installation of docker-compose, you will see the following message:
perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LANG = "en_US.utf8" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C").
Sometimes the lack of a properly configured locale creates problems for the execution of docker-compose scripts. So let’s fix this right away:
export LANGUAGE=en_US.UTF-8 export LANG=en_US.UTF-8 export LC_ALL=en_US.UTF-8 locale-gen en_US.UTF-8 dpkg-reconfigure locales
After dpkg-reconfigure, the locale selection window will open, in which you need to select en_US (UTF-8). You only need to select a different locale. In that case, good luck.
After that, we create a folder to store all data in the root of the system:
Next, go to
and we start interactively creating our docker-compose.yml for our system. We fill in all the fields and select compose in the first paragraph, since we are using it. The rest of the fields are filled with obvious values.
A few things worth mentioning separately:
We enable this option to mount the administration interface for your domain. I would recommend replacing / admin with something more obscure, for security reasons.
In the third paragraph, you can choose a web client for your mail. In most cases, this will be useful if the client is not always at hand. Roundcube and rainloop are available to choose from.
Rainloop, from my point of view, looks much nicer than roundcube. But in terms of functionality in Mailu, both of these systems are exactly the same. Unless some people say that rainloop is more convenient from a mobile phone, but I never saw any reason to use the mail web interface on a mobile phone. Better to give preference to your beloved client.
The GPL version of roundcube or rainloop will be installed on the server. Therefore, you will not have additional chips such as your interface or two-factor authorization. Rainloop offers a paid version for this purpose. If you seriously intend to use the web interface, then it is recommended to think about the paid version with 2FA.
Turn on the webdav service so that you can store contacts and calendars linked to your mailbox.
Second underwater mine
If you are trying to raise a server without embedding it into the existing IT infrastructure, then in the IPv4 listen address column, be sure to specify the IP address of your server, and not 127.0.0.1.
In the last part of the setup, choose the database you will be working with. If you need to serve a company of 50 people, you can opt for sqlite. But I needed postgres. In fact, the creation of users on my system occurs externally, and for the normal operation of my scripts, I needed access to postgres.
Click Generate and get links to ready-made docker-compose.yml and mailu.env. These files must be copied to the server in the / mailu directory.
Third underwater mine
Posgres is not part of the installation and needs to be configured separately. If you try to add postgres as a backend for your installation directly from the web configurator, you will receive a warning that it will not work from the next version. If you already have an instance running, just enter the addresses, logins and passwords for it.
If it is not there, then add it by hand.
# Postrgres Database db: image: postgres restart: always volumes: - "/mailu/postgres:/var/lib/postgresql" environment: - "POSTGRES_PASSWORD=pass" - "POSTGRES_USER=postgres-mailu" - "POSTGRES_DB=mailu"
And in the .env file, we make sure that the settings are correct:
################################### # Database settings ################################### DB_FLAVOR=postgresql DB_USER=postgres-mailu DB_PW=pass DB_HOST=db DB_NAME=mailu
Well, the time has come, run:
docker-compose -p mailu up -d
Be sure to indicate
at system startup. If you do not do this, then strange things will happen and in some places some parts of the system will fall off.
Check the logs of the mailu / nginx container: 1.8. The system will automatically install letsencrypt certificates. But it may happen that this does not happen the first time. When you try to enter the admin panel, you will see a warning and an error that the server is unavailable.
If the logs say that getting the certificate failed miserably, just do:
docker-compose down docker-compose -p mailu up -d
Everything should work. If something does not start, then you have to go and check the nginx logs and /var/log/letsencrypt.log, most of the errors will be described there.
So, congratulations. Everything started, everything works.
First of all, we execute the following command:
docker-compose -p mailu exec admin flask mailu admin admin mydomain.org PASSWORD
Then we go to mydomain.org/admin (or whatever you specified in the settings in the second paragraph) and change the admin password.
For the uninitiated, I can see that the presented administrative interface is not as intuitive as the google control panel. If you can’t wait to move on to creating new emails, then choose Mail Domains and look at the very small icons in the Manage section. There you can create users, aliases and whatever your heart desires.
Basically, that’s it. You can start chasing mail.
But don’t be in a hurry. Be careful. You are now charged with the duties of an administrator. If you like to ride – love to carry sledges.
In order to properly secure yourself, you just need to completely backup the / mailu directory on the server. At least once a day. And if you are doing this on a production server in an enterprise, then I would recommend rsync every 5 minutes, plus creating a backup every 8-12 hours.
Deleted mail is permanently deleted. Therefore, users will come to you and ask you to fix everything. Here you cannot do without backups.
For some reason, the topic of backups is not covered in Mailu’s extensive documentation, although the developers themselves are on github claimthat the server can safely back up rsync.
Naturally, you should take into account that in this case we started a server with a database on postgres, and in order to properly backup it, you will need to configure additional systems. To solve this problem, there is such and similar containers.
And of course, the best part is the size of the letters. If Vasya Pupkin likes to send 60 gigabytes of mail a day, make sure you set the quotas and limits correctly.
When your server is up tight, the first thing to do is check:
To find out how much space you have left on the disk. And with the help:
du * -cksh
You can quickly find the culprit for the evaporated place.
Well, actually, that’s all. You have your own postfix, dovecot, roundcube, whatever. It is very easy to transfer it from one server to another. And when you decide that you need more control over the system, you can disassemble the existing docker containers and replace them with a standard installation of the required components.
In total, you have a mail server on hand. To provide mail for 50 employees, the following configuration is quite suitable:
You get your mail server at a price of 20 rubles per month per user. Which is seriously cheaper than Google Workspace. You can sit down and write instructions on how to connect to your server from iPhone and Android. Thunderbird, for example, will figure out how to connect properly.
A UFO flew in and left here promotional codes for the readers of our blog:
– 15% for all VDS tariffs (except for the Warming up tariff) – HABRFIRSTVDS…
– 20% off AMD Ryzen and Intel Core Dedicated Servers – HABRFIRSTDEDIC…