Comprehensive Guide: Configuring Mailcow for a Self-Hosted Mail Server

Mailcow is an open-source mail server suite that provides a robust, Docker-based solution for handling email. This guide will walk you through the process of installing, configuring, and optimizing Mailcow.

Introduction to Mailcow
Prerequisites
Setting Up Mailcow
Configuring Mailcow
Securing Your Mailcow Server
Managing Users and Domains
Testing Mail Deliverability
Backup and Restore Mailcow
Troubleshooting Common Issues
Best Practices for Production

1. Introduction to Mailcow

Mailcow provides a modern, feature-rich mail server built on Docker. It includes services like Postfix, Dovecot, and rspamd for spam filtering, making it a powerful solution for businesses and advanced users.

Key Features:

Dockerized for easy deployment
Integrated spam and virus filtering
Web-based administration panel
Support for multiple domains and users

2. Prerequisites

Ensure your system meets the following requirements:

A fresh Debian 12 or Ubuntu 22.04 server
Minimum 4GB RAM and 2 CPU cores
Public IPv4 address and a domain (e.g., mail.yourdomain.com)
Docker and Docker Compose installed

Update System and Install Dependencies:

sudo apt update && sudo apt upgrade -y sudo apt install curl git -y

3. Setting Up Mailcow

Step 1: Clone the Mailcow Repository

cd /opt git clone https://github.com/mailcow/mailcow-dockerized.git cd mailcow-dockerized

Step 2: Configure Mailcow

Generate a configuration file:

./generate_config.sh

When prompted, provide your primary domain (e.g., mail.yourdomain.com).

Step 3: Start Mailcow

docker-compose pull docker-compose up -d

Step 4: Access the Web Interface

Navigate to:

https://mail.yourdomain.com

Default credentials:

Username: admin
Password: moohoo

Change the password immediately upon first login.

4. Configuring Mailcow

Step 1: Set Up DKIM, SPF, and DMARC

Navigate to Configuration > Mail Setup to generate DKIM keys. Add the required DNS records:

SPF Record:

Type: TXT Name: @ Value: v=spf1 mx ~all

DKIM Record:

Type: TXT Name: mail._domainkey Value: (From Mailcow UI)

DMARC Record:

Type: TXT Name: _dmarc Value: v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@yourdomain.com

Step 2: Set Hostname

echo "mail.yourdomain.com" > /etc/hostname hostname -F /etc/hostname

Step 3: Configure SSL with Let’s Encrypt

Mailcow automatically requests SSL certificates. Verify the logs:

docker-compose logs acme-mailcow

5. Securing Your Mailcow Server

Step 1: Enable Fail2Ban

apt install fail2ban -y systemctl enable fail2ban --now

Step 2: Restrict Access with UFW

ufw allow 25,80,110,143,443,587,993,995/tcp ufw enable

Step 3: Enable Spam Filtering

Mailcow uses rspamd for spam filtering. Ensure it’s active in Configuration > Filters.

6. Managing Users and Domains

Add a New Domain

Navigate to Configuration > Mail Setup
Click Add Domain and provide details

Create a New Mailbox

Go to Mailboxes > Add Mailbox
Set username, password, and assign to a domain

7. Testing Mail Deliverability

Use online tools like mail-tester.com to verify email headers and deliverability. Also, check Mailcow logs:

docker-compose logs postfix-mailcow

8. Backup and Restore Mailcow

Backup:

./helper-scripts/backup_and_restore.sh backup

Restore:

./helper-scripts/backup_and_restore.sh restore /path/to/backup

9. Troubleshooting Common Issues

Check Logs

docker-compose logs -f

Restart Services

docker-compose restart

10. Best Practices for Production

Monitor logs regularly
Apply software updates frequently
Implement rate-limiting on outgoing emails

Useful Services

Mail-tester (mail-tester.com) for email quality checks
MXToolbox (mxtoolbox.com) for DNS verification