omar/Mailserver_Documentaion
0
0
نسخ 0
الشفرة المشكلات طلبات السحب Actions Packages المشاريع الإصدارات الويكي النشاط

Update readme.md

تصفح المصدر
هذا الالتزام موجود في:
omar
2025-12-29 20:44:39 +00:00
الأصل d2c556c03e
التزام 3a334297f2
1 ملفات معدلة مع 287 إضافات و0 حذوفات
تنزيل ملف التصحيح تنزيل ملف الاختلاف توسيع جميع الملفات طي جميع الملفات

287
readme.md
عرض الملف

@@ -0,0 +1,287 @@
---
```md
# Mailu Mail Server Full Setup Guide
Domain: ghaymah.cloud
Mail Server: Mailu (Docker)
---
## 1. Purpose
Deploy a private mail server for a company using Mailu where:
- Accounts are created by admin only
- Internal mail works between users
- External mail works with Gmail and other providers
- The setup is secure and production-ready
---
## 2. Mailu Setup Wizard
### Step 1: Initial Configuration
- **Mailu storage path**
```
/mailu
```
- **Main mail domain**
```
ghaymah.cloud
```
- **Postmaster local part**
```
admin
```
→ `admin@ghaymah.cloud`
- **TLS certificates**
```
Let's Encrypt
```
- **Rate limits**
- Failed login per IP: 5/hour
- Failed login per user: 50/day
- Outgoing mail per user: 200/day
- ✅ Enable Admin UI
---
### Step 2: Select Features
- Webmail: Roundcube
- Antivirus (ClamAV): Enabled
- Oletools: Enabled
- Tika: Disabled (high resource usage)
---
### Step 3: Expose Mailu to the Internet
- **IPv4 listen address**
```
158.220.97.132
```
- **Docker network subnet**
```
192.168.203.0/24
```
- IPv6: Disabled
- Internal DNS resolver (unbound): Enabled
- **Public hostname**
```
mail.ghaymah.cloud
````
---
### Step 4: Ports
Default Mailu ports were used.
HTTPS (443) was temporarily changed to **8443** to avoid conflicts.
---
### Step 5: Generate and Run Mailu
```bash
docker compose up -d
````
---
## 3. Web Interface Access
* Admin / Webmail URL:
```
https://mail.ghaymah.cloud:8443
```
### ⚠️ Important Note
Sometimes after startup, the **Web UI / Webmail may not load** due to a temporary issue with the front (nginx) container.
### Solution
Restart the front container:
```bash
docker restart mailu-front-1
```
---
## 4. Admin Configuration
* Login as admin
* Add domain: `ghaymah.cloud`
* Create user accounts for employees
* Generate DKIM keys from:
```
Admin → Domains → Generate keys
```
---
## 5. DNS Records Configuration
### A Record
```dns
mail.ghaymah.cloud A 158.220.97.132
```
### MX Record
```dns
ghaymah.cloud MX 10 mail.ghaymah.cloud
```
### SPF Record
```dns
ghaymah.cloud TXT "v=spf1 ip4:158.220.97.132 mx -all"
```
### DKIM Record
```dns
mail._domainkey.ghaymah.cloud TXT "v=DKIM1; k=rsa; p=PUBLIC_KEY"
```
### DMARC Record
```dns
_dmarc.ghaymah.cloud TXT "v=DMARC1; p=none; rua=mailto:postmaster@ghaymah.cloud"
```
---
## 6. Reverse DNS (PTR)
Configured at the server provider (Contabo):
```text
158.220.97.132 → mail.ghaymah.cloud
```
---
## 7. Testing and Verification
### DNS Checks
```bash
dig MX ghaymah.cloud +short
dig TXT ghaymah.cloud +short
dig TXT mail._domainkey.ghaymah.cloud +short
dig -x 158.220.97.132 +short
```
---
## 8. Spam Detection & Analysis Tools
The following tools were used to analyze why emails were going to **Spam** or being **rejected**:
### 8.1 Mail Tester
🔗 [https://www.mail-tester.com](https://www.mail-tester.com)
* Sends a test email and provides a full spam report
* Checks:
* SPF
* DKIM
* DMARC
* PTR (Reverse DNS)
* IP blacklists
* SpamAssassin score
This is the most important tool for diagnosing email delivery issues.
---
### 8.2 MXToolbox
🔗 [https://mxtoolbox.com](https://mxtoolbox.com)
Used to:
* Verify MX records
* Check SPF, DKIM, and DMARC records
* Check Reverse DNS (PTR)
* Detect if the IP is blacklisted
---
### 8.3 DNS Checker
🔗 [https://dnschecker.org](https://dnschecker.org)
Used to:
* Verify DNS propagation worldwide
* Ensure MX and TXT records are visible globally
---
### 8.4 Google Admin Toolbox
🔗 [https://toolbox.googleapps.com/apps/checkmx/](https://toolbox.googleapps.com/apps/checkmx/)
Used to:
* Validate how Gmail sees the domain
* Diagnose Gmail-specific delivery issues
---
## 9. Spam Issue Root Cause
Emails were initially classified as spam or rejected due to:
* Missing SPF record
* Missing DKIM record
* Incorrect PTR (Reverse DNS)
* New domain and IP reputation
* Test email content (very short messages)
---
## 10. Final Result
* Mailu services running successfully
* Internal mail working
* External mail working (Gmail, etc.)
* DKIM validated successfully
* Spam issues resolved after proper DNS authentication
---
## 11. Notes
* Public user signup is disabled
* Only admin can create users
* This mail server is intended for company use only
```