I have a few domains installed on my VPS. I used virtualmin to setup the domains. I’m using cloudflare as my DNS. I am using Ubuntu 18.04. I use Ubuntu as my desktop on my home PC so I understand linux but I’ve never had the need to setup an email server.
When I installed VM, I didn’t have my domains operating since my previous host went down. When it asked for a qualifying domain, I used srv1.virtualmin.com to do the install so in webmin it lists the mail servers as srv1.virtualmin.com, localhost.
In Cloudflare configure mail.example.com to point to the IP address of srv1 and the MX of example.com to point to mail.example.com. Repeat for example2 and example3 domains. This will enable the delivery of your incoming email even with the weird hostname srv1 that you have elected to use.
For outgoing email, in Cloudflare set up the SPF and DKIM records by copying them over from Virtualmin | Server Configuration | DNS Records for example1, 2 and 3; and you should be able to send outgoing email from Usermin.
for outgoing SMTP wont he need to use his host.domain.com otherwise it will throw ssl errors in email clients such as outlook, apple mail, and mobile phone email client apps wont work either…(that is if he wants multiple domains on this server of course…if just one then no need to do what i suggested because the SSL cert for the virtual server and hostname will have the same primary domain)
I have stated in my previous message that @stuckinthehouse ‘should be able to send outgoing email from Usermin’ as a qualifier, to continue with the example he had used of Usermin in his original message and also to avoid making the assumption that he wishes to use an email client such as Outlook, Apple Mail etc. on the Ubuntu desktop that he said he uses as his home PC.
Thanks. This worked. I did have an issue with installing DKIM through VM as DKIM wouldn’t start thus I couldn’t sign the emails. I had to apt purge opendkim opendkim-tools and then apt install opendkim and then I went back to VM and it let me set up the server to sign the emails.
I assume for my other domains like example2.com I just have to repeat the process with the DNS records and the new DKIM key. Also, I assume you can just have one mailhost in the /etc/mailhost will say example.com so any bounce backs will say MAILER-DAMEON@example.com for all domain names?
One MX record will work, however two or more MX records offer redundancy and are recommended.
I am unable to understand the context in which you use the term ‘registrar’. It is necessary to set the SPF and DKIM records in the DNS of every domain, if that is what you were asking, and this is sometimes done via the website / control panel of the registrar of the domain.
A mail client like Thunderbird will send outgoing mail via the mail server, in your specific case, srv1.virtualmin.com, so yes, the SPF and DKIM records are necessary even if you use Thunderbird. In content of using a mail client, @adamjedgar’s alert here Setting up email server - #3 by adamjedgar becomes very relevant.
I have read it several times and I am not sure I understand the post. Where is the address of the primary nameserver not needed and what should we use instead?
Also, my DNS zone for mydomain.tlp has an SPF record, but no DKIM record … and my registrar does not have SPF or DKIM records that I can find.
Maybe I have to uninstall, purge and reinstall DKIM manually as well? But I am on CentOS, so I am going to have a look at it now.
But I can see my distance values at my registrar’s DNS zone and mydomain.tlp DNS zone are different. I will try changing that …
SPF and DKIM records are configured as TXT records in the control panel offered by domain registrars.
It is Virtualmin which will generate server specific SPF and DKIM records which you will copy over from Virtualmin to the control panel offered by you domain registrar, @Centaro.
I thought I had it all working and I used a DKIM evaluator that @calport posted in another thread and it was saying failed. I looked at the test and it wasn’t even signing the email with a key. I then searched an realized that there is a bug in VM as the openkimd is listening on a sock versus a port so I had to edit the /etc/opendkim.conf file and comment out the socket line and uncomment the one with inet:8892@localhost and I had change the 8892 to 8891 since postfix is listening on port 8891.
I had to add a TXT record to my domain with a name of 202004._domainkey (found in the VM DKIM panel). For value you had to put the key and type of signing. For the key in VM it does p=“string” “string2” “string3”. You have to make p=stringstring2string3 so in other words one long line without the “” and spaces.
Ah, there it is then, @Centaro. If you change from No to Yes the setting for Signing of outgoing email enabled, Virtualmin will configure your system to sign all outgoing email with DKIM for the virtual servers and aliass that you have created on the Virtualmin box.
And it might be a good idea to change the selector to vm3, going by the data in your screenshot.
I have tried copying SPF and DKIM records to the records at my registrar, but it isn’t working.
If anyone wants to have a look at the problems I am experiencing or has any idea … I would like the discussion to continue at MX records, Thunderbird, Postfix, Dovecot so this topic can be closed. @stuckinthehouse, glad you got it going! HAha
Are you hosting on a VPS/VDS or hosting at home? Some ISPs filter outbound 25. You will have deliverability problems anyway if your rDNS is identified as a dynamic IP, or it doesn’t match the hostname presented by Postfix.
Probably best you start a new thread explaining your exact setup in more detail.