You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This was a great solution for a specific use case of mine. Thanks!
In case others need some setup help, here are the steps I took (replace 11.22.33.44, mydomain.com, and 55.66.77.88 with your values):
# Purchase a cloud server that supports email (port 25) and a static IP address -- in this example guide we'll use 11.22.33.44
# Purchase a domain for your mail server -- in this example guide we'll use mydomain.com
# In the domain's DNS settings area, delete all records and then create:
# A record:
# Host = leave blank to create a record for the root domain
# Answer = 11.22.33.44
# TTL = 600
# MX record:
# Host = leave blank to create a record for the root domain
# Answer = mydomain.com
# TTL = 600
# Priority = 10
# Wait for DNS to propagate (can take up to a day), then run these tests on your cloud server to verify
sudo apt install -y dnsutils
dig @1.1.1.1 mydomain.com a # should return 11.22.33.44
dig @1.1.1.1 mydomain.com mx # should return: mydomain.com. 600 IN MX 10 mydomain.com.
# SSH into the cloud server to set up TMail
sudo apt update && sudo apt install -y git golang-go make curl jq iptables iptables-persistent netfilter-persistent nginx snapd
mkdir /tmp/go && export GOPATH=/tmp/go
go get -u -d github.com/mgerb/tmail
cd /tmp/go/src/github.com/mgerb/tmail/
sed -i 's/0.0.0.0/localhost/' webserver/webserver.go # see https://github.com/mgerb/tmail/issues/1
go mod init tmail
go mod tidy
rm -f Gopkg.lock Gopkg.toml
make linux
cp build/tmail-linux /usr/local/bin/tmail
cd /tmp
cat > tmail.service <<EOF
[Unit]
Description=TMail Service
[Service]
Restart=always
RestartSec=1
Environment="GIN_MODE=release"
ExecStart=/usr/local/bin/tmail
[Install]
WantedBy=default.target
EOF
sudo mv tmail.service /etc/systemd/system/
sudo systemctl start tmail && sudo systemctl enable tmail
sudo systemctl status tmail
# send a test email to your server, then verify it arrived:
curl -s localhost:8090/api/mail | jq .[0]
# prevent DOS (if a source sends more than 20 emails per minute, block them)
sudo su -
iptables -A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 20 --name DEFAULT --rsource -j DROP
iptables -A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -m recent --set --name DEFAULT --rsource
ip6tables -A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -m recent --update --seconds 60 --hitcount 20 --name DEFAULT --rsource -j DROP
ip6tables -A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -m recent --set --name DEFAULT --rsource
iptables-save > /etc/iptables/rules.v4
ip6tables-save > /etc/iptables/rules.v6
systemctl start netfilter-persistent && systemctl enable netfilter-persistent
exit
# set up NGINX to allow whitelisted API access (replace 55.66.77.88 with your remote client IP address that is allowed to query the API)
echo 'TMail' > /var/www/html/index.html
cat > /etc/nginx/sites-enabled/default <<EOF
server {
listen 80;
server_name mydomain.com
root /var/www/html;
index index.html;
location / {}
location /api/mail {
allow 55.66.77.88;
deny all;
proxy_pass http://localhost:8090;
}
}
EOF
sudo systemctl reload nginx
sudo snap install core
sudo snap refresh core
sudo apt remove -y certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --nginx
curl -s https://mydomain.com/api/mail | jq .[0]
The text was updated successfully, but these errors were encountered:
This was a great solution for a specific use case of mine. Thanks!
In case others need some setup help, here are the steps I took (replace
11.22.33.44
,mydomain.com
, and55.66.77.88
with your values):The text was updated successfully, but these errors were encountered: