by: Linux/Unix Web

iRedMail is a script that performs a huge amount of tasks and set up all sorts of services and applications to fulfill any e-mail necessity.

  • Postfix SMTP server.
  • Dovecot IMAP server.
  • Nginx webserver (admin panel and webmail).
  • OpenLDAP, MySQL/MariaDB, or PostgreSQL.
  • Amavised-new (DKIM).
  • SpamAssassin (anti-spam).
  • ClamAV (anti-virus).
  • Roundcube (webmail).
  • SOGo (webmail, calendar, contacts, ActiveSync…).
  • Fail2ban (security).
  • mlmmj (mailing list).
  • Netdata (monitoring).
  • iRedAPD Postfix (greylisting).

Set the domain name:

sudo apt update && sudo apt upgrade -y
sudo hostnamectl set-hostname mail.example.com
sudo nano /etc/hosts

    127.0.0.1 mail.example.com mail localhost

Download from any of the methods:

git clone https://github.com/iredmail/iRedMail/
cd iRedMail
chmod +x iRedMail.sh
sudo bash iRedMail.sh

    OR

wget https://github.com/iredmail/iRedMail/archive/1.4.0.tar.gz
tar xvf 1.3.2.tar.gz
cd iRedMail-1.3.2/
chmod +x iRedMail.sh
sudo bash iRedMail.sh

Get the latest at [Link].

Follow the screens:

Your mail server is already working and as a good practice, it is now ready to start SSL/TLS certificate on the webserver.

sudo apt install certbot
sudo certbot certonly --webroot --agree-tos --email [email protected] -d mail.example.com -w /var/www/html/
sudo nano /etc/nginx/templates/ssl.tmpl

Change the following lines accordingly for NGINX:

ssl_certificate /etc/letsencrypt/live/mail.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mail.example.com/privkey.pem;

Test and reload the webserver:

sudo nginx -t
sudo systemctl reload nginx

Now, install the certificate in the Postfix (SMTP server) and Decovet (IMAP server):

sudo nano /etc/postfix/main.cf

Change the following lines accordingly:

smtpd_tls_key_file = /etc/letsencrypt/live/mail.example.com/privkey.pem
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.example.com/cert.pem
smtpd_tls_CAfile = /etc/letsencrypt/live/mail.example.com/chain.pem

Same for the Decovet (IMAP server):

sudo nano /etc/dovecot/dovecot.conf

Change the following lines accordingly:

ssl_cert = </etc/letsencrypt/live/mail.example.com/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail.example.com/privkey.pem

Reload both services:

sudo systemctl reload postfix
sudo systemctl reload dovecot