Skip to content

Module 11 of 16 · 📖 4 min read · ⏱ 90 min total

FUTO 11 Mailcow E-Mail Server (EN)

Table of contents (6 sections)
  1. Concepts and Background
  2. Architecture Diagram
  3. Practical Steps
  4. Common Pitfalls
  5. Further Resources
  6. Knowledge Check

FUTO 11 Mailcow E-Mail Server

In this module, you will learn how to operate a full-featured, self-managed email server with Mailcow. Mailcow is a comprehensive Docker-based solution that combines all necessary components for a modern email server. You will learn how to install and configure the server and set up the most important security features such as DKIM, DMARC, and SPF to protect your emails from spam and phishing.

This course provides you with the knowledge to bring your email communication completely under your own control. You will understand the architecture behind modern email systems and can operate them securely in your infrastructure. Upon completion of this module, you will be able to operate and manage a professional email server for yourself or your company.

Concepts and Background

Mailcow
Mailcow is a web-based interface for managing a complete email server based on Docker containers. It combines Postfix (MTA), Dovecot (IMAP/POP3), SpamAssassin, ClamAV, and many other components in a single, easy-to-use solution.
DKIM (DomainKeys Identified Mail)
A cryptographic method for signing emails. It allows the recipient to verify the authenticity of an email by comparing the digital signature with the sender's public key.
DMARC (Domain-based Message Authentication, Reporting & Conformance)
A security policy that builds on SPF and DKIM. DMARC instructs recipients on how to handle emails that fail SPF or DKIM verification and enables reporting on abuse.
SPF (Sender Policy Framework)
A mechanism for preventing email spoofing. SPF defines in DNS records which servers are authorized to send emails on behalf of a domain.
Roundcube
A web-based email client (Webmail) that allows users to access their emails through a web browser. It provides a modern user interface for managing emails, contacts, and calendars.

Architecture Diagram

flowchart LR
  A[Internet] --> B(Firewall/Router)
  B --> C[Server mit Mailcow]
  C --> D[Postfix (MTA)]
  C --> E[Dovecot (IMAP/POP3)]
  C --> F[SpamAssassin]
  C --> G[ClamAV]
  C --> H[Roundcube (Webmail)]
  C --> I[DKIM/DMARC/SPF]
  D --> E
  E --> H
  F --> E
  G --> F

Practical Steps

  1. Prepare the system: Install Docker and Docker Compose on your server. Ensure at least 4 GB RAM and 2 CPU cores are available. 
    apt update && apt install -y docker.io docker-compose
  2. Download Mailcow: Clone the official Mailcow repository to a directory of your choice. 
    git clone https://github.com/mailcow/mailcow-dockerized.git
  3. Adjust configuration: Open the mailcow.conf file and adjust basic settings such as domain name, hostname, and timezone. 
    cd mailcow-dockerized && nano mailcow.conf
  4. Start Mailcow: Initialize the environment and start all services. 
    ./generate_config.sh && docker-compose up -d
  5. Access web interface: In your browser, open the URL https://your-server-name and log in with the default credentials. Change these immediately after the first login.
  6. Add domain: Under "Domain administration", add your domain and configure the necessary DNS records for SPF, DKIM, and DMARC.
  7. Create user accounts: Under "Mailboxes", create the desired email accounts for your domain.
  8. Enable DKIM keys: Enable automatically generated DKIM keys for each domain in the interface.
  9. Configure firewall: Ensure that ports 25 (SMTP), 587 (SMTPS), 465 (SMTPS), 143 (IMAP), 993 (IMAPS), and 80/443 (Web) are open.
  10. Set up backup: Configure regular backups of the Mailcow data under "Backup / Restore".

Common Pitfalls

Further Resources

Knowledge Check

Four questions for self-assessment. Click on each question to see the correct answer and explanation.

What is the main advantage of using Mailcow for an email server?
  • A) It is the only open-source solution for email servers
  • B) It combines all necessary components in a Docker-based solution
  • C) It requires no technical knowledge for installation
  • D) It offers exclusively webmail functionality

Correct answer: B. Mailcow integrates all necessary components such as MTA, IMAP/POP3, spam filter etc. in a Docker-based solution. A is incorrect as there are other open-source solutions. C is incorrect as technical knowledge is required. D is incorrect as Mailcow offers more than just webmail.

Which method allows recipients to verify the authenticity of an email by comparing a digital signature with a public key?
  • A) SPF
  • B) DMARC
  • C) DKIM
  • D) Roundcube

Correct answer: C. DKIM (DomainKeys Identified Mail) is the cryptographic method for signing emails. SPF prevents email spoofing through DNS records, DMARC builds on SPF and DKIM, and Roundcube is a webmail client.

What is the main function of DMARC in an email system?