<p> Before we start, you will need a Debian 10+ VPS (you can get one on digitalocean for example), if you prefer to use your own self hosted server, make sure that port 80, 443, 587 and 993 are correctly port forwarded so that the public ip points to the server and not the router. Once that's done, go and ssh into your debian 10 server. </p>
<p>You cannot use DuckDNS for this one because you will need to add specific DNS records, most importantly the MX and DKIM records which are crucial for this tutorial.
Therefore go get an actual paid domain name, i got mine on <ahref="https://infomaniak.com">Infomaniak</a> :</p>
<imgsrc="1.png"class="imgRz">
<p>So let's add a subdomain to point at our mail server, to do so you need to go to the DNS Zone settings to add a few entries starting with the MX record:</p>
<p>Here make sure you do not forget the trailing dot (.) at the end of the Target. Next you want to setup that mail subdomain as well, and to do so you will do
add a CNAME record, that is if your mail server is the SAME as your main server (mail.domain.com == domain.com):
</p>
<imgsrc="3.png"class="imgRz">
<p>In the other case where your mailserver is NOT the same as the main server (mail.domain.com != domain.com) you will need an A record which is going to tell
<p>Once you're here, nginx should tell you the configuration is successful, if not, make sure you followed the syntax of the original file. Next we're going to see that our configuration works by browsing to it:</p>
<imgsrc="7.png"class="imgRz">
<p>Here the 404 error is intended, you also see that the website redirects to https (tls 1.3). Now from here we'll simply need to use <ahref="https://lukesmith.xyz/">Luke Smith</a>'s <ahref="https://raw.githubusercontent.com/LukeSmithxyz/emailwiz/master/emailwiz.sh">script</a>:</p>
<p>Once the script finished running, we need to go back to our DNS settings to configure DKIM:</p>
<imgsrc="10.png"class="imgRz">
<p>First things first we add the following TXT record:</p>
<imgsrc="11.png"class="imgRz">
<imgsrc="12.png"class="imgRz">
<p> If it doesnt work try out the DKIM option and hit save:</p>
<imgsrc="13.png"class="imgRz">
<p>Next we're going to add DMARC:</p>
<imgsrc="14png.png"class="imgRz">
<imgsrc="15.png"class="imgRz">
<p> And lastly the @ TXT record:</p>
<imgsrc="16.png"class="imgRz">
<imgsrc="17.png"class="imgRz">
<p>Once that's done, save your DNS settings, Create the user ON THE SERVER, and install thunderbird locally:</p>
<pre><codeclass="nim">
useradd -m -G mail -s /bin/bash someone
passwd someone
</code></pre>
<imgsrc="18.png"class="imgRz">
<p>Then run thunderbird with the user's credentials, make sure you use the manual config tab:</p>
<imgsrc="20.png"class="imgRz">
<p>And welcome to DigitalOcean, where you can't run mail servers lol. I did some research on DO's forums, and i found out that basically
they are blocking port 25 (SMTP) which, in general indicates that they do not allow any mail hosting on their VPS, so for once i am not going to recommend DO
<p>TLDR i am incredibly surprised at how difficult it is to setup your own email server. In france, most ISPs simply do not allow port 25 apart from OVH.
Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <ahref="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><imgsrc="\CC0.png">