olomana/software-development/infrastructure/mailserver

Mail Server

A dockerized mail server for PWS. For now I am using Stalwart.

Setup

1. Port forward the following ports:

• 25/TCP - SMTP, mandatory for receiving mail. May need to open a support ticket to open this port or live with partial nonfunction.
• 465 - SMTPS, implicit TLS.
• 587 - SMTP, alternative, possibly blocked by ISPs.
• 993 - IMAPS, mandatory for reading mail from apps.
• 443 - HTTPS, mandatory for the management dashboard and modern JMAP.

2. DNS Records (Basic)

• A, Host=mail, v=YOUR_IP
• MX, Host=@, v=mail.example.com
• CNAME, em123.example.com -> sendgrid.net
• CNAME, s1._domainkey.example.com
• CNAME, s2._domainkey.example.com

3. DNS Records (Security)

• TXT (DKIM), Host=@, v=spf1 mx include:sendgrid.net -all.
• TXT (DMARC), Host=_dmarc, v=DMARC1; p=quarantine; rua=mailto:admin@example.com, Tells people what to do if SPF/DKIM fails.

4. Configure Sendgrid/Get API Key

• We are NOT setting a PTR record because I am on a residential internet connection.
• Set up a SendGrid account.
• Go to Settings > API Keys and create a key with Full Access and Mail Send permissions. Copy the key.
• Go to Settings > Sender Authentication and complete Sender Authentication steps to link your domain to SendGrid so they can send your mail.

5. Create Relay Host in Stalwart (Settings > SMTP > Outbound > Relay Hosts)

• Description: SendGrid Relay
• Address: smtp.sendgrid.net
• Port: 587
• Protocol: SMTP
• Authentication: Username: apikey, Secret: <YOUR_SENDGRID_API_KEY>.

6. Set Routing Rule in Stalwart (`Settings > SMTP > Outbound > Routing')

• Create or Edit the routing strategy:

[
  { "if": "is_local_domain('', rcpt_domain)", "then": "local" },
  { "else": "SendGrid Relay" }
]

3. Start via Docker

docker compose up -d

4. Test Use Mail-Tester.com to test.