Setting up a mail server can be quite tedious since you need to configure many components to have everything up and running. Luckily, there is a much easier solution – iRedMail.
What is iRedMail?
iRedMail is an open-source email server that supports the latest IMAP, SMTP, and POP3 standards. It also supports modules such as Antispam and Antivirus to keep your inbox spam-free and virus-free.
It is a reliable and scalable solution for businesses of any size. You can use it to send and receive emails with your employees, clients, and customers.
You can also use iRedMail with your website to combine your online identity with your email address for a seamless user experience. iRedMail is designed with usability in mind. The interface has been simplified to help you get started without any IT background or special training.
Some other features include:
- Support for creating unlimited email accounts.
- Access to Roundcube Webmail (MUA): This is a browser-based portal where you can access and manage your mail accounts and create new ones.
- Block malicious IPs using Fail2ban utility.
- Save mail accounts using OpenLDAP, MariaDB, and PostgreSQL tools.
- Uses Dovecot as POP3/POP3S, IMAP/IMAPS service (MDA)
This post will give you a step-by-step guide on setting up iRedMail on RHEL. The steps described here will also work for CentOS, RockyLinux, AlmaLinux, and other RHEL based distros.
Step 1. Verify Your Cloud Provider Allows Port 25
Due to the increase in spamming and to avoid the risk of abuse on the internet, most cloud providers block port 25, which is responsible for SMTP relaying. That allows one to send email from one email server to another.
For example, as of writing this post, Google Cloud Platform (GCP) blocks ports
587 for outbound connections. Other providers like Digital Ocean require new users to contact support to enable port
25 on their droplets. We will use OVH Cloud to set up our mail server for this post since they don’t put restrictions on using port
Luckily, you can easily test whether your server allows the usage of port
25. Execute the commands below.
sudo dnf install telnet telnet gmail-smtp-in.l.google.com 25
If port 25 outbound connection is allowed, you should see a message like,
Connected to gmail-smtp-in.l.google.com as shown in the image above.
If port 25 outbound connection is blocked, you will see a message like,
telnet: Unable to connect to remote host: Connection timed out.
Step 2. Setup Hostname (FQDN)
You need to set up a proper Fully Qualified Domain Name (FQDN), commonly referred to as hostname. You can use the
hostnamectl command or edit the hostname file directly. We will look at both methods in this post.
Set FQDN with hostnamectl command
hostnamectl is one of the easiest methods you can use on any Linux distribution. Open the Terminal and execute the command below.
hostnamectl set-hostname <your-desired-hostname>
hostnamectl set-hostname mail.example.local
Set FQDN by Editing hostname File
This second method is a little more technical than the previous. You will need to edit the hostname file directly and add your desired hostname here.
For users running RHEL 7/CentOS 7 or newer, execute the command below:
sudo nano /etc/hostname
Type your desired hostname as shown in the image below.
For users running RHEL 6/CentOS 6 or earlier releases, execute the command below to add your hostname.
sudo nano /etc/sysconfig/network
To verify whether the FQDN was successfully configured, reboot the system and execute the command below.
sudo reboot now
Excute the command below to verify hostname.
/etc/dhcp/dhclient.d/google_hostname.shby executing the commands below.
rm -rf /etc/dhcp/dhclient.d/google_hostname.sh rm -rf /etc/dhcp/dhclient-exit-hooks.d/google_set_hostname
Update the /etc/hosts file
The final step when dealing with hostnames is updating the
/etc/hosts file. Execute the command below and add your FQDN next to the
127.0.0.1 address as shown in the image below.
sudo nano /etc/hosts
Step 3. Disable SELinux
The next thing you need to do is disable SELinux because iRedMail doesn’t work well with SELinux policies.
SELinux is a Linux kernel security module that has been designed to monitor and control the access of certain programs. It does this by enforcing rules upon these programs’ behavior to prevent unwanted activity.
To disable SELinux, execute the command below.
sudo nano /etc/sysconfig/selinux
Find the line
SELINUX=enforcing and set it to disabled, as shown in the image below.
Save the file (CTRL + S) and exit (CTRL + X). Reboot the system to apply the configurations. You can execute the command below.
sudo reboot now
Step 4. Download iRedmail
Up to this point, we are now ready to download and install iRedMail on our system. To get started, download the latest stable release from their official website using the
wget command shown below.
wget <Download Link>
If you get an error like
wget command not found ,install it by executing the command below.
sudo dnf install wget
Step 5. Extract the Installation Package
When you run the s command, you will notice iRedmail downloaded as a compressed file, and you need to extract it. To do this, we will use the tar command as shown below.
tar -xzvf <Compressed-File.tar.gz>
tar -xzvf 1.5.1.tar.gz
If the downloaded compressed file has an tar.bz2 extension, you will need to use a different command to extract it. However, first, install the bzip2 utility with the command below.
sudo dnf install bzip2
Then extract files with the command below.
tar -jxvf your-compressed-file.tar.bz2
Step 6. Execute the Installation Script
After successfully extracting the files, when you run the ls command, you should see a newly created iRedmail directory. See the image below.
Navigate to this new directory using the cd command and execute the iRedmail.sh script as shown below.
Make the script executable with the command below.
chmod +x iRedMail.sh
Run the installation script.
iRedmail will first check for any updates and install additional required packages before launching the Welcome screen below.
Select Yes and hit Enter. A new screen will appear, and you need to select the directory where you wish to store your mails. By default, it’s set to
/var/vmail. For this post, we will leave it as it is—press Enter.
On the new screen, select a web server for iRedmail. That will enable you to run the Roundcube webmail portal on your browser. In earlier versions of iRedmail, users could select between Nginx and Apache. Nowadays, you only have an option for Nginx. Select Nginx and press Enter.
Next, select the database you want to use to manage your Email service. For this post, we will use MariaDB. Press Enter.
Next, you need to set a password for the MySQL administrator. Type your desired password and hit Enter.
On this screen, you will enter the domain name without any prefix. For example, we will use the example.local in our case. Later on, you can create your desired mail accounts from the iRedadmin dashboard, which we will show you.
Select any additional utilities you want to install for your mailing service on the next screen. For this post, we highly recommend installing RoundCube. Press Enter when done.
You will see a list of all your settings on the Terminal. Go through each one and ensure they are correct before typing Y and pressing enter to apply the configurations.
During the configuration process, you will see prompts if whether you want to use the Firewall rules provided by iRedmail, type Y, and hit Enter. We highly recommend re-installing the operating system and starting the iRedmail installation process again if you encounter any errors.
After a successful installation, you will see a notification on the Terminal with your login credentials for the mail administrator. You can read more about the mail server in the
Reboot the system to enable all the mail services by executing the command below.
sudo reboot now
Step 7. Access the Web Admin Panel
When your server is back online, you can visit the web admin panel using the URL below. That is the dashboard where you can manage, add, and remove mail accounts.
To access the Roundcube webmail, use the URL below.
Step 8. Setting up MX Records
Before diving deeper, we need to understand A and MX records.
An A record is the most popular type of DNS record. It tells your computer system which server to use when trying to resolve a domain name. Whenever you enter a domain name into your browser, it will go to the DNS and find out which IP address points to it. If there is no A record for that domain name, the browser will return an error.
An MX record is a type of DNS (Domain Name System) record that defines the server responsible for accepting email messages on behalf of a domain name. It specifies which mail transfer agent (MTA) handles incoming email messages and which port number to use.
We will discuss two main methods of setting up MX records for your mail server.
Note: We will assume you already have your website domain fully set up for this post, including the nameservers and the A records.
Both the Mail Server and the Website are Installed/ Running on One Server (VPS).
When both your mail service and the website run on one server, you don’t need to do many configurations. You need to create one MX record with the following details.
See the image below.
The Mail Server and the Website are Installed/ Running on Different Servers
Even though this method is a little more technical; it is most preferred as it eliminates the complexity of managing the Mail server and the website on a single VPS. For example, if you want to migrate your services to another server, it will be hectic for people who are not well-versed with server administration. We will use the logic below to set up our configurations.
If I were to send an email to [email protected], I would first hit the DNS servers looking up mydomain.com and look for MX records - those MX records would point to your mail server.
Therefore, as shown below, we first need to create an A record of our FQDN that points to the mail server public IP.
|A||mail.your-domain.com||IP-Address of the mail server||300|
When done, proceed to create an MX record that defines the server responsible for accepting email messages on behalf of a domain name as shown below.
After successfully creating the A and MX records, try opening the webmail URL described in Step 7. You should be good to go now.
We hope you now have the mail server up and running up to this point. Even though the steps described in this post might sound a little too technical, we tried our best to explain every single bit in detail. If you encounter any errors or need any additional help, please feel free to let us know in the comments below.