Traefik
Traefik is a reverse proxy for docker container that organises the network trafic und updates the https certificates.
Scope of this Tutorial
Install Docker
Download Mailcow
Setup
docker-compose.override.yml
Launch Mailcow
Add DNS Entrys
Install Docker & Git
Arch
yay -S docker docker-compose git
Ubuntu
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
sudo apt-get install git
Start & Enable Docker service
sudo systemctl start docker
sudo sysyemctl enable docker
Download Mailcow
In the next step we’ll clone the Mailcow git Repository
git clone https://github.com/mailcow/mailcow-dockerized /opt
Change directory to /opt/mailcow-dockerized
cd /opt/mailcow-dockerized
Generate config
./generate_config.sh
Remove exposed ports from Mailcow Docker-Compose File
nginx-mailcow:
...
#ports:
#- "${HTTPS_BIND:-0.0.0.0}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}"
#- "${HTTP_BIND:-0.0.0.0}:${HTTP_PORT:-80}:${HTTP_PORT:-80}"
Create Docker-Compose Override
version: "2.1"
services:
nginx-mailcow:
labels:
- "traefik.enable=true"
- "traefik.http.routers.nginx-mailcow.entrypoints=web"
- "traefik.http.routers.nginx-mailcow.rule=HostRegexp(`{host:(autodiscover|autoconfig|webmail|mail|email).+}`)"
- "traefik.http.middlewares.nginx-mailcow-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.nginx-mailcow.middlewares=nginx-mailcow-https-redirect"
- "traefik.http.routers.nginx-mailcow-secure.entrypoints=web-secure"
- "traefik.http.routers.nginx-mailcow-secure.rule=Host(`mail.example.de`)" # YOUR EMAIL SUBDMAIN
- "traefik.http.routers.nginx-mailcow-secure.tls=true"
- "traefik.http.routers.registry-secured.tls.certresolver=myCertResolver" # ADD your Certresolver here
- "traefik.http.routers.nginx-mailcow-secure.service=nginx-mailcow"
- "traefik.http.services.nginx-mailcow.loadbalancer.server.port=80"
- "traefik.docker.network=main"
networks:
main:
certdumper:
image: humenius/traefik-certs-dumper
container_name: traefik_certdumper
restart: unless-stopped
network_mode: none
command: --restart-containers mailcowdockerized_postfix-mailcow_1,mailcowdockerized_dovecot-mailcow_1
volumes:
# mount the folder which contains Traefik's `acme.json' file
# in this case Traefik is started from its own docker-compose in ../traefik
- /home/niklas/letsencrypt:/traefik:ro
# mount mailcow's SSL folder
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/assets/ssl:/output:rw
environment:
- DOMAIN=mail.example.de # YOUR EMAIL SUBDOMAIN HERE
networks:
main: # YOUR TRAEFIK NETWORK HERE
external: true
Download docker-compose.override
wget https://gist.githubusercontent.com/corusm/063de56d133aa688f9d36a82bd78e607/raw/cdb03c2c5ef8b2ee62808a04b3aff935ab1e02e7/docker-compose.override.yml
Edit File
Now edit the File in line 12, 33, 35
as in the comments explained.
Edit Mailcow.conf
-
Change
SKIP_LETS_ENCRYPT=n
toSKIP_LETS_ENCRYPT=y
- Change
SKIP_CLAMD=n
toSKIP_CLAMD=y
Run Docker-Compose - Start Mailcow
sudo docker-compose up
If you are done with this tutorial, you can add the -d
flag to run docker compose in the background.
Open mail.example.com
Start configuring your Mailcow Server!
Configure Mailcow
Goto Configuration > Mail Setup
Add Domain
Goto Configuration > Mail Setup > Domains
Add Mailbox (E-Mail Adress)
Goto Configuration > Mail Setup > Mailbox
Open Webmail
https://mail.example.com/SOGo
Login
User: user@domain.com
Add DNS Config
Add DMARC Entry
_dmarc.domain.com. TXT 3600 "v=DMARC1;p=none;rua=mailto:postmaster@domain.com;ruf=mailto:postmaster@domain.com"
Add MX Entry
domain.de MX 3600 10 mail.example.com
Add DKIM Entry
Goto
Configuration > ARC/DKIM-Keys
Add ARC/DKIM key
- Copy Private Key to DNS Server
INFO
It takes some time for the DNS Servers to spread the information. Give this process some time!
Check the Spammyness of your email
- Open the Website
- Send E-Mail to this address
- Get the review!
Top comments (0)