Hi jehy,
I use my external registrars free dns hosting for all domains and email.
in my examples below, you should be able to substitute your webmin host.domain.com and ip address and client virtual server/domain.com and it should also work for you.
Firstly, a caveat…
I always setup the very first virtual server on my virtualmin system to be my business domain name. Because that is the default website that apache automatically displays in the event that a client dns A record is pointed at my server, however, no website has actually been installed on it (ie a new client virtual server has not yet been created on my system for this client dns A record). This is always good practise because it promotes your business…not one of your own client domains (should one of them be first in the list). You can of course change this in Virtualmin at any time.
Please note…before doing any of the following and because you are trying to use SSL with “web1.adamshosting.com”, this Webmin server must have its own Letsencrypt SSL certificate in addition to the domains on it. Webmin has a guide on how to set up this and some googling will find plenty of tutorials on how to do this.
OK, so once you have your Webmin VPS system “web1.adamshosting.com” using its own CA authority SSL certificate…on to your problem.
Things to check in Virtualmin for new virtual server (another name used by other control panels is “domains”) that you create for each client website and email…
- virtualmin>Edit Virtual Server>Enabled Features
-
make sure that DNS domain enabled is “unchecked” (this will tell Virtualmin not to host dns for this domain)
-
apache website http://, and if you want https:// apache SSL website, are both “checked”
-
mail for domain is “checked”
if you want to be able to login to Webmin/Virtualmin as the server administrator for just this virtual server/domain, then also
- Webmin login enabled “checked”
Now for dns at your clients registrars…
let pretend that the following is our setup details
at your client registrar under free dns hosting add the following records (minimum to get it working):
- jacksmotorcyles A record 12.34.56.78
- jacksmotorcycles MX record web1.adamshosting.com
that is all that is needed for both website to resolve for http://jacksmotorcycles.com or https://jacksmotorcycles.com (https:// with an ssl warning because initially, Virtualmin will automatically use a"self-signed ssl certificate") and for email to work (via Usermin login https://jacksmotorcycles.com:20000)
remember that in order to get into Usermin via port 20000, you need to go to your VPS providers own network firewall and ensure that port TCP 20000 is open (remember Virtualmin requires TCP 10000 open…both of these can be customized in Virtualmin but don’t play with default until you understand how to do this properly)
Once your server has its own SSL certificate from a licensed CA provider (such as Letsencrypt), you can then set up client email apps to work through that via either START TLS/SSL or just SSL. To install Letsencrypt SSL:
-
Choose which Virtual server you wish to add Letsencrypt Certificate for.
-
Virtualmin>Server Configuration> SSL Certificate>Letsencrypt
fill in the domains associated with this virtual server (usually the Virtualmin defaults work)
- click on “request certificate”
copy these to dovecot, webmin etc (but i do not copy to postfix…that stuffs up the servers own postfix SSL on my installation…i believe this is because postfix cannot handle more than one ssl per ip address and all virtual servers are already using my server ip address…if you want to fix this, each Virtual Server needs to have its own IP address, then you can copy that particular Virtual Server’s SSL to postfix)
now for clients desktop pc email apps (such as Thunderbird and Outlook) set incoming and outgoing mail servers as follows
“START TLS”
Incoming mail server: web1.adamshosting.com SMTP Port=587
Outgoing mail server: web1.adamshosting.com IMAP port = 143
or just plain “SSL”
incoming mail server= web1.adamshosting.com SMTP port = 465
Outgoing mail server= web1.adamshosting.com IMAP port = 993
I have found many mobile email client apps (particularly Outlook) to be extremely frustrating to get working with Virtualmin. I think its just a matter of understanding exactly what settings get Outlook working. A couple of mobile apps that do work quite easily are (android) gmail and samsungs default email. I found both of these work quite well (particularly the gmail one).
for Desktop PC, thunderbird is the easiest to get work by far, although Microsoft Outlook (office 365) is also quite good too. Windows 10 mail is a pain in the bum until you figure out how to get round all the automated stuff it tries to do (same with Apple Mail on the IMAC…which is particuarly quirky).
I can provide you with working examples for all of the above email apps if you have any problems.
To fix your _DMARC issue…
Google the following:
-
reverse PTR (you need this setup at your VPS provider)
-
spf generator (mxtoolbox has one of these but there are others)
-
_DMARC generator (again mxtoolbox but also others)
add spf and _dmarc records for each virtual server/domain on your Virtualmin system at their respective registrars free dns hosting along with A records and MX records.
hope this helps…its a crash course, but should be enough to get things working for you.
please note, do not play with the default Virtualmin install. Keep everything as default as is possible otherwise you will stuff your Virtualmin install very easily “with great power comes great responsibility”
kind regards
Adam
p.s i would like to give a lot of credit to my own learning experience with this to dibbs on this forum. He spent quite a few hours on a Teamviewer session with me one weekend recently to help sort this for me (i just had great trouble visualizing how to make it work). Hopefully my examples above make it easy for you too.
Please ensure you first have Webmin SSL setup for (web1.adamshosting.com) before doing any of the above!