Debug School

Cover image for Install Mail-in-a-Box Server
Suyash Sambhare
Suyash Sambhare

Posted on

Install Mail-in-a-Box Server

Prerequisites

Add the glue records on your domain’s registrar. Replace watchmail.com with the domain name you wish to use. Each glue record should point to the public IPv4 address of the Virtual Machine which will deploy Mail-in-a-Box.
ns1.box.watchmail.com
ns2.box.watchmail.com

Install Mail-in-a-Box

After you log in to your server with an SSH client, update all the software packages on your server:
sudo apt update && sudo apt upgrade

To start the install process, run the following command:
curl -s https://mailinabox.email/setup.sh | sudo bash

It will start a text-based wizard.

Install Wizard Steps
Delete the pre-filled value and replace it.
suyash@watchmail.com

In the next step, the hostname should look like this:
vm1.watchmail.com

Now, the install wizard should continue to download and configure software packages.

Select the time zone based on your location.

Mail-in-a-Box will continue to pull in required packages and auto-configure them.

Now the script will prompt you to choose a password for the administrative account.
This will be the password to the email account you set up earlier.

Your Mail-in-a-Box is running.

Please log in to the control panel for further instructions at:

https://box.watchmail.com/admin

If you have a DNS problem put the box's IP address in the URL
(https://10.17.15.13/admin) but then check the TLS fingerprint: 
5E EA 66 C5 7F AB 0A E1 16 54 CD 22 04 23 E7 A7 42 41 DA E5 91 41 BD 30 31 E3 63 FC 63 1A D1 06
Enter fullscreen mode Exit fullscreen mode

Now, you can access the control panel in your web browser. After logging in, you’ll be greeted with a page showing you status checks. It centralizes all the information you need and describes how you can resolve possible problems.

Control panel access URL is: https://watchmail.com/admin
Mail access URL is: https://watchmail.com

Control Panel

The Admin console Control Panel provides following options for administration:

System

  • Status Checks
  • TLS (SSL) Certificates
  • Backup Status
  • Advanced Pages
  • Custom DNS
  • External DNS
  • Munin Monitoring

Mail & Users

  • Instructions
  • Users
  • Aliases
  • Your Account
  • Two-Factor Authentication

Contacts/Calendar

Web

Koyna

Status Check

Log in to the console and run the status check script.

root@watchmail:~/mailinabox/management# ./status_checks.py

System
======
✓  All system services are running.
✓  SSH disallows password-based login.
✖  There are 9 software packages that can be updated.
   libc-devtools (2.35-0ubuntu3.4)
   libc6-dev (2.35-0ubuntu3.4)
   libc-dev-bin (2.35-0ubuntu3.4)
   linux-libc-dev (5.15.0-86.96)
   libc6 (2.35-0ubuntu3.4)
   libc-bin (2.35-0ubuntu3.4)
   locales (2.35-0ubuntu3.4)
   grub-efi-amd64-signed (1.187.6+2.06-2ubuntu14.4)
   grub-efi-amd64-bin (2.06-2ubuntu14.4)
?  You are running version Mail-in-a-Box v63. Mail-in-a-Box version check disabled by privacy setting.
✓  System administrator address exists as a mail alias. [administrator@mail.watchmail.com ↦ suyash@watchmail.com]
✓  The disk has 27.81 GB space remaining.
✓  System memory is 72% free.

Network
=======
✓  Firewall is active.
✓  Outbound mail (SMTP port 25) is not blocked.
✓  IP address is not blacklisted by zen.spamhaus.org.

mail.watchmail.com
================
✓  Nameserver glue records are correct at registrar. [ns1/ns2.mail.watchmail.com ↦ 10.17.15.13]
✓  Domain resolves to box's IP address. [mail.watchmail.com ↦ 10.17.15.13]
✓  Reverse DNS is set correctly at ISP. [10.17.15.13 ↦ mail.watchmail.com]
✓  Hostmaster contact address exists as a mail alias. [hostmaster@mail.watchmail.com ↦ administrator@mail.watchmail.com]
✓  Domain's email is directed to this domain. [mail.watchmail.com has no MX record, which is ok]
✓  Postmaster contact address exists as a mail alias. [postmaster@mail.watchmail.com ↦ administrator@mail.watchmail.com]
✓  Domain is not blacklisted by dbl.spamhaus.org.
✓  TLS (SSL) certificate is signed & valid. The certificate expires in 81 days on 2023-11-20.

watchmail.com
===========
?  The nameservers set on this domain at your domain name registrar should be ns1.mail.watchmail.com;
   ns2.mail.watchmail.com. They are currently ns-1446.opendns-52.org; ns-309.opendns-38.com; ns-544.opendns-04.net. If you
   are using External DNS, this may be OK.
✓  Domain's email is directed to this domain. [watchmail.com ↦ 10 mail.watchmail.com]
✖  MTA-STS policy is missing: STSFetchResult.NONE
✓  Postmaster contact address exists as a mail alias. [postmaster@watchmail.com ↦ administrator@mail.watchmail.com]
✓  Domain is not blacklisted by dbl.spamhaus.org.
✓  Domain resolves to this box's IP address. [watchmail.com ↦ 10.17.15.13]
✓  TLS (SSL) certificate is signed & valid. The certificate expires in 67 days on 2023-12-10.
?  This domain's DNSSEC DS record is not set. The DS record is optional. The DS record activates DNSSEC. See below for
   instructions.
   Follow the instructions provided by your domain name registrar to set a DS record.
   Registrars support different sorts of DS records. Use the first option that works:


   Option 1:
   ----------
   Key Tag: 37894
   Key Flags: KSK / 257
   Algorithm: 13 / ECDSAP256SHA256
   Digest Type: 2 / SHA-256
   Digest: c7a8e82c15ef66a5a8c5b8972343b87a6c712b707d38d73edf8e452512d08
   Public Key:
   lxi+lUSBz4j7X7Wj7SxfXM5Q66XlQ7SAHDjkahdoi87293SKCOwRfhauv8IPyl+g69q7N3w==

   Bulk/Record Format:
   watchmail.com. 3600    IN      DS      37894 13 2 c7a8e82c15ef66a5a8c5b85704389b6b87a6c712b707d38d73edf8e452512d08
   Bulk/Record Format:
   watchmail.com. 3600    IN      DS      3735 7 2 8430dc6073bc240f0b65bc192696655e333442dc9c7ed8644c7fc0c9558fa25e

✓  www.watchmail.com: Domain resolves to this box's IP address. [www.watchmail.com ↦ 10.17.15.13]
✓  www.watchmail.com: TLS (SSL) certificate is signed & valid. The certificate expires in 67 days on 2023-12-10.
✓  autoconfig.watchmail.com: Domain resolves to this box's IP address. [autoconfig.watchmail.com ↦ 10.17.15.13]
✓  autoconfig.watchmail.com: TLS (SSL) certificate is signed & valid. The certificate expires in 81 days on 2023-12-24.
✓  autodiscover.watchmail.com: Domain resolves to this box's IP address. [autodiscover.watchmail.com ↦ 10.17.15.13]
✓  autodiscover.watchmail.com: TLS (SSL) certificate is signed & valid. The certificate expires in 81 days on 2023-12-24.
root@watchmail:~/mailinabox/management#
Enter fullscreen mode Exit fullscreen mode

Hooray! 👍
Mail In a Box is now installed and configured for your domain.

Ref: https://mailinabox.email/guide.html

Top comments (0)