You'll need a server with Ubuntu, so we recommend Digital Ocean, as it only costs $5/mo for a basic droplet.
You'll also need the following dependencies installed:
-
-
Mac (via brew):
brew install redis && brew services start redis -
Ubuntu:
sudo add-apt-repository -y ppa:chris-lea/redis-server sudo apt-get update sudo apt-get -y install redis-server
-
-
-
Ubuntu:
sudo apt-get -y install ufw
# allow port 22 sudo ufw allow ssh # allow port 25 sudo ufw allow smtp # allow port 465 sudo ufw allow smtps # allow port 587 sudo ufw allow submission # turn on rules sudo ufw enable
-
-
libstemmer for Spam Scanner
- Ubuntu
sudo apt-get install libstemmer-dev libstemmer-tools
-
authbind - for allowing non-root users to run on restricted ports
-
Ubuntu:
sudo apt-get install authbind
Modify
userwith the name of your user running the email forwarding server:sudo touch /etc/authbind/byport/25 sudo chown user:user /etc/authbind/byport/25 sudo chmod 755 /etc/authbind/byport/25 sudo touch /etc/authbind/byport/465 sudo chown user:user /etc/authbind/byport/465 sudo chmod 755 /etc/authbind/byport/465 # note that ports in range 512-1023 need ! added # <http://manpages.ubuntu.com/manpages/xenial/man1/authbind.1.html> sudo touch /etc/authbind/byport/\!587 sudo chown user:user /etc/authbind/byport/\!587 sudo chmod 755 /etc/authbind/byport/\!587
-
-
pm2 - for managing and running all processes
- npm:
npm install -g pm2
- npm:
-
openssl - for generating DKIM keys for your domain
-
Ubuntu:
sudo apt-get install opensslSee https://lxadm.com/Generating_DKIM_key_with_openssl to generate a DKIM key.
Your DNS TXT record name/host/alias should be
default._domainkey(if you change this you'll also need to change this value via an environment flag override, see the source code for more info).Your DNS TXT record value should look something like this (replace the
p=part with your actual public key generated from the above link):"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCojharU7eJW+eaLulQygsc/AHx2A0gyLnSU2fPGs8mI3Fhs3EVIIRP01euHg+IljMmXz9YtU+XMfZuYdSCa9NY16XjoIgub2+lkeiHHNpURIpwQJSeHxviMOfMAZ5/xSTDDoaYY2vcKytheZeLAVK2V1SuTdTp+C6B9E6AUSu1TwIDAQAB"
-
-
DNS records - you need to setup and modify your DNS records with your own self-hosted version. See our FAQ for more information (be sure to replace
forwardemail.netin the FAQ instructions with your own domain - and make sure you do DNS lookups for all related subdomains such asmx1.forwardemail.net,mx2.forwardemail.net, andspf.forwardemail.net– and clone them with your own). We recommend using Cloudflare or Amazon Route 53 for DNS hosting. -
Reverse DNS ("rDNS") with PTR Record- - the PTR record for your server's IP address is controlled by your server provider, and therefore you need to contact your server provider to set the PTR record for you. Services such as DigitalOcean will set a PTR record for you automatically as long as you use a fully-qualified domain name ("FQDN").
-
FQDN - you'll need to set your server up to have a FQDN, you can do this by:
sudo vim /etc/hosts
-127.0.1.1 current-hostname +127.0.1.1 domain.com
sudo vim /etc/hostname
+domain.com -
Nameservers - we highly recommend you set your server's nameservers to
1.1.1.1and1.0.0.1(see our FAQ and here is a TechRepublic or a Digital Ocean guide). See https://developers.cloudflare.com/1.1.1.1/1.1.1.1-for-families/ for more information on these DNS nameservers (you could also use malware and/or adult protection name servers instead from Cloudflare).sudo systemctl disable systemd-resolved.service sudo systemctl stop systemd-resolved.service sudo vim /etc/resolv.conf
nameserver 1.1.1.1 nameserver 1.0.0.1 options edns0 -
Enable IPv6 and set a AAAA record on the mail servers (see https://www.digitalocean.com/docs/networking/ipv6/how-to/enable/)
See the app.js and ecosystem.json files for more insight.
| Name | Website |
|---|---|
| Nick Baugh | http://niftylettuce.com/ |