Naturally with owning a domain, I can setup e-mail. Now I could use any number of free services to do this, but I’m choosing to host my own solution here. With the theme of containerization, I looked to see if there was a good solution using docker, and that’s how I found Mailu.io. This project is a secure by design set of docker images which makes setting up a secure e-mail server surprisingly easy.
This is a fully fleshed out e-mail solution. Beyond providing simple POP, IMAP, and SMTP services; Mailu.io provides web access to a mail client out of the box. Security can be enabled simply with Let’s Encrypt (Bonus!). It has anti-spam and anti-virus modules. This project even has a setup utility that builds you a docker-compose.yml.
Before I can even set this up though I had to consider where I would run this server. As a mail server it’s desirable to have 100% up-time, if possible. This is why I decided on running this mail server in the Digital Ocean cloud. If I can minimize the memory foot print, I may be able to use this server for multiple purposes. I picked the smallest size for this server. 1 GB of RAM, and 25 GB of SSD. More than enough for now. Digital Ocean automatically setup my SSH keys, and installed a copy of Centos 7. I then ran the same few commands from the WordPress docker host setup.
# curl -fsSL https://get.docker.com/ | sh
# systemctl enable docker
# systemctl start docker
# curl -L https://github.com/docker/compose/releases/download/1.24.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
# chmod 755 /usr/local/bin/docker-compose
I also need to add a few records to DNS so that other mail servers can find mine:
The top record is a SPF record used for reducing e-mail forgery by preventing changes to the sender address. The A record simply reports the mail.ericpark.dev IP, and the MX record says who manages mail for this domain.
After using the setup utility from Mailu.io I copied the resulting docker-compose.yml and after inspecting it, started it on my new cloud host. After it started I was able to access the admin console and away I went. It was much less painful than I have experienced previously. Admittedly, neither implementation ever met any real load, they are more like proof-of-concepts. However, it does enable me to receive e-mails at eric@ericpark.dev!
The server has a rather mild footprint, so I’ll be able to host other services on this host as well!
Upon further inspection of the docker-compose.yml, I thought it was interesting to see that it is implemented at its core with dovecot and postfix which ironically were what I manually set up the last time I built a mail server.
After the server was up and running I was able to send and receive a few e-mails from my gmail account. I went on to test the server for compliance using the following tool: MXToolbox
We like to see a good report! Particularly important is the Open Relay check. If this fails, your server could be used as a spam relay. No one wants more spam.