Cart

    Sorry, we could not find any results for your search querry.

    Installing and configuring Exim & Dovecot in AlmaLinux or Rocky Linux

    On Linux mail servers, Exim and Postfix (MTA) are usually used in combination with Dovecot (MDA). Exim and Postfix take care of sending mail from one mail server to another. Dovecot ensures that mail that is delivered to your VPS actually arrives at the correct mail address.

    In this tutorial, we show you how to install Exim and Dovecot on an AlmaLinux or Rocky Linux VPS.  As part of the installation, you'll be using virtual domains to handle e-mail accounts, rather then system accounts. Additionally, we show how you use SSL (TLS) from Let's Encrypt to secure the connection.

    • For the steps in this manual you need:
       
      • An AlmaLinux or Rocky Linux VPS to which the EPEL repository has been added.
      • Correctly set reverse DNS.
      • A domain whose DNS refers to your VPS, for example via mail.example.com. In this guide (under mail), we provide an example of how you refer the DNS of your VPS to your VPS for email.
         
    • Execute the commands in this article using sudo, or as a root user.
    • This is fairly complex matter. It is recommended to create a snapshot of your VPS in advance so you have a relapse point in case of any configuration errors.

    Installing and configuring Exim

     

    Step 1

    Connect to your VPS via SSH or the VPS console in the TransIP control panel.


     

    Step 2

    Update your VPS so you have the most recent software at your disposal:

    dnf -y update

    We recommend rebooting your VPS after an update. Many updates are only implemented after a reboot. In addition, any problems in the configuration of your server will then quickly come to light and you can possibly restore a backup.


     

    Step 3

    Install Exim with the command:

    dnf -y install exim

     

    Step 4

    You then adjust the configuration of Exim. To do this, open /etc/exim/exim.conf, for example, with

    nano /etc/exim/exim.conf

     

    Step 5

    Adjust the following options in the opened file. They are not all under each other, so you have to scroll / search through the file (ctrl + w in nano or /<wordyouarelookingfor> in vim).

     

    no_local_from_check

    Exim does not trust the system users on your server and will rewrite the 'From' field in the headers to contain the hostname if you want to mail on behalf of a system user. This is not really a problem since you use virtual domains in this manual to create mail addresses.

    Do you still want system users to be able to mail without rewriting the headers (and you mail with mail@<yourhostname>, for example)? Then add the following two lines to the top of the file (for example, under the 'Runtime configuration file for Exim' block) to trust user accounts:

    no_local_from_check
    untrusted_set_sender = *

     

    General

    domainlist local_domains = lsearch;/etc/listofdomains
    tls_certificate = /etc/letsencrypt/live/mail.jedomein.nl/fullchain.pem
    tls_privatekey = /etc/letsencrypt/live/

    Explanation

    • domainlist local_domains: a list of all domains that mail can be sent to on your VPS. With 'lsearch;/etc/listofdomains' you set that list to be included in a file on your VPS. We will get back to this in Steps 6 and 7.
       
    • tls_certificate & tls_privatekey: specify a location where your SSL certificate will be placed, in this example, this is the directory in which Let's Encrypt will generate the certificate (see Step 1 and onward under adding an SSL certificate).

      The subdomain which you specify here is the subdomain that is ultimately used in mail software / apps when setting up an incoming and outgoing server. It is important that the DNS of this subdomain correctly points to your VPS.
       
    • auth_advertise_hosts: if a client tries to authenticate on your mail server, Exim, among other things, advertises 'AUTH' in the answer, as long as the host matches the value set here.

    The value '${if eq {$ tls_in_cipher}{}{}{*}}' ensures that the availability of AUTH is only advertised by your server if not only the host matches but TLS encryption is also used by the client.

    This is the most secure method to configure your mail server, but if you also want to accept connections without TLS encryption, just use the * value.

    virtual_router

    Scroll to the end of the 'router configuration' part and place the code below directly above the 'localuser' part.

    virtual_router:
      driver = accept
      require_files = +/home/vmail/$local_part@$domain/
      transport = virtual_transport

    Explanation

    The function of routers

    The routers that you find under 'routers configuration' contain conditions that determine under which conditions 'something' happens to the mail. What happens next is determined by the transports under 'transport configuration'.

    For example, there is the local user who uses check_local_user to check if an email is sent to your server which is directed to a system account (these are the accounts that you see with cat /etc/shadow, for example). If so, the transport placed under the local_user (in the 'Transports configuration' section) is activated, which in turn determines where the mail is delivered (e.g. in which folder, with which header additions, etc.)

    Incoming mail is checked by all configured routers in the order in which they are configured. Does the first router find a match? The corresponding transport is then activated. If not, the second router will check the match.

    virtual_router

    The router which ensures that you can work with virtual domains. This means that you are not limited to system accounts, but can accurately set up that an email address belonging to a specific domain (e.g. name@example.com) can send and receive emails from your server.

    • driver = accept: accepts all mail that meets the conditions as set in the general configuration of /etc/exim/exim.conf
    • require_files = +/ home/vmail/$ local_part@$domain/: is there a directory in the /home/vmail/ folder with the name of the email address from which the mail is sent to / from your Exim server? Then, this router is activated.
    • transport=virtual_transport: uses the virtual_transport if an email activates the virtual_router.

    local_delivery

    Scroll to the 'transports configuration' section and below to 'local_delivery'. The options listed under local_delivery influence how Exim delivers the mail to local users. Search the file for local_delivery and adjust the options to make them look like the example below.

    local_delivery
      driver = appendfile
      directory = $home/Maildir
      maildir_format
      delivery_date_add
      envelope_to_add
      return_path_add
      

    Explanation

    • local_delivery: Delivers mail to mail addresses in BSD mailbox format. This is executed under the uid and gid of the local user.
       
    • driver = appendfile: the transport tool that takes care of the delivery of the mail.
       
    • group = mail & mode = 0660: These are two options that belong together. This option ensures that the group to which a user belongs has write access to the directory in which the user's mail ends up. If you remove these two options, only the user, the directory owner, and the root user have rights to that directory.
       
    • return_path_add: adds a return_path header to the mail: this is an address to which notifications are sent in case of errors while sending the mail (e.g. an unreachable recipient).
       
    • envelope_to_add: adds the envelope_to headers to the mail. This is usually the address where the mail is sent to.
       
    • delivery_date_add: adds the date / time at which the mail is delivered to the mail.
       
    • maildir_format: only works if you use directory (see above). Mail is delivered in the maildir format, which is used by many mail software.
       
    • directory = $home/Maildir: mail is delivered in the Maildir folder in the home directory of the user to whom the mail address belongs (we will get back to users later). A new file is created for each mail. Do you prefer a single file that contains all mail? Then, replace directory with file. Exim creates required parent directories by default.

    virtual_transport

    By adding the virtual_transport, you determine what happens to the mail that is designated for delivery to your server by the virtual_router.

    Place the code below directly above the local_delivery component:

    virtual_transport:
      driver = appendfile
      directory = /home/vmail/$local_part@$domain/
      maildir_format
      delivery_date_add
      envelope_to_add
      return_path_add
      user = vmail
      group = vmail
      mode = 0660
      mode_fail_narrower = false

    Explanation

    • driver = appendfile: the transport tool that takes care of the delivery of the mail.
       
    • directory = /home/vmail/$local_part@$domain/ mail is delivered to the /home/vmail/yourmailaddress/ folder (we'll get back to this later). This means that in /home/vmail, for each address that you specifically create, there will be a folder where the mail will end up.
       
    • maildir_format: only works if you use directory. Mail is delivered in the maildir format, which is used by many mail software.
       
    • delivery_date_add: adds the date / time at which the mail is delivered to the mail.
       
    • envelope_to_add: adds the envelope_to headers to the mail. This is usually the address where the mail is sent to.
       
    • return_path_add: adds a return_path header to the mail: this is an address to which notifications are sent in case of errors while sending the mail (e.g. an unreachable recipient).
       
    • user & group = vmail: the user and group under which mail is stored. You create the user and group later in this manual.
       
    • group = mail & mode = 0660: These are two options that belong together. This option ensures that the group to which a user belongs has write access to the directory in which the user's mail ends up. If you remove these two options, only the user, the directory owner, and the root user have rights to that directory.
       
    • mode_fail_narrower = false: does a mailbox file not have the 0660 mode? Exim then does make an attempt to deliver the mail.

    Dovecot authenticator

    Scroll to the end of the file (shortcut in nano: ctrl + shift + _> ctrl + v, or in vi(m): shift + G) and add the following:

    #Dovecot Authenticator
     
    dovecot_login:
      driver = dovecot
      public_name = LOGIN
      server_socket = /var/run/dovecot/auth-client
      server_set_id = $auth1
    
    dovecot_plain:
      driver = dovecot
      public_name = PLAIN
      server_socket = /var/run/dovecot/auth-client
      server_set_id = $auth1 

    Explanation

    The code above is the 'Dovecot Authenticator': this is an interface to use the Dovecot authentication tools. Dovecot must use auth-client and not auth-userdb for this.

    • $auth1: contains the identity of the user after successfully passing the SMTP connection authentication.
       
    • driver = dovecot: use dovecot to deliver incoming mails.
       
    • public_name: gives the authentication mechanism a name.
       
    • server_socket: specifies the socket corresponding to the Dovecot authentication interface.
       
    • server_set_id: if authentication is successful, the identity of the user is stored in the $auth1 variable.

    There are some additional options in the Exim configuration that you may want to adjust even further depending on your use case. For a complete overview, we recommend that you consult Exim's own documentation. You will find most options in the following places:

    Finally, save the changes and close the configuration before proceeding (ctrl + x> y> enter).


    Step 6

    Create the /etc/listofdomains file with the command:

    nano /etc/listofdomains

     

    Step 7

    In the file, you add a list of all domains (+ your hostname) that are allowed to receive mail on your VPS. If a domain is not in this file, Exim cannot process mail for it. Place each domain on a separate line, for example:

    server.example.com
    example.com
    voorbeeld.nl

    Then, save the changes and close the file (ctrl + x> y> enter).

    This completes the installation and configuration of Exim. However, do not start Exim until you are also done with Dovecot and the SSL configuration.


    IPv6

    If you make use of IPv6, Exim will first try your IPv6 address. Exim has a tedency to use a different IPv6 address then your primary one. If you notice this is happening, you can check your IPv6 addresses with the command:

    ip a

    Or send an email to yourself and check which IPv6 address was used to send it. Make sure you also include this IPv6 address in your SPF record and reverse DNS settings.

    Do you prefer disabling IPv6 for Exim? Then add the code below under the 'Runtime configuration file for Exim' part of /etc/exim/exim.conf

    disable_ipv6 = true

    Installing and configuring Dovecot

     

    Step 1

    Install Dovecot with the command:

    yum -y install dovecot

     

    Step 2

    The Dovecot configuration is spread over several specific files. First, you adjust the SSL configuration in the file 10-ssl.conf:

    nano /etc/dovecot/conf.d/10-ssl.conf

     

    Step 3

    Add the following content to the file:

    ssl_cert = </etc/letsencrypt/live/mail.yourdomain.com/fullchain.pem 
    ssl_key = </etc/letsencrypt/live/

    Then, save your changes and close the file (ctrl + x> y> enter).

    Explanation

    ssl_cert & ssl_key: refer to the location in which your Let's Encrypt SSL certificate is located.

    • Change mail.yourdomain.com to the subdomain that you want to use as the server name for incoming and outgoing mail.
       
    • You generate the certificate in the last paragraph of this manual.
       

    Additional information

    You will find the SSL = yes option in many manuals. By default, Dovecot is set to SSL = required. SSL = required requires SSL / TLS in all cases. This is a safe option and therefore we keep it on required.

    If you use SSL = yes and disable_plaintext_auth=no (in this context, plaintext is an unencrypted password), your connection will be unsafe unless you only use plaintext mechanisms (e.g. auth {mechanisms = plain login}). Then, SSL = yes works essentially the same as SSL = required. Therefore, there is no reason to use an option other than 'required'.


     

    Step 4

    Next, you open the mail configuration. Here you indicate where the mailbox is located on your server.

    nano /etc/dovecot/conf.d/10-mail.conf

     

    Step 5

    In the file, change #mail_location = enabled to:

    mail_location = maildir:/home/vmail/%u

    Then, save your changes and close the file (ctrl + x> y> enter).

    Explanation

    While configuring Exim, you have specified to use the maildir format in the directory /home/vmail/<mail address>.

    With maildir: you indicate that you are using the maildir format. /home/vmail/%u indicates that you use the folder that corresponds to /home/vmail/<mailaddress> (%u is a variable that automatically enters the email address that was used).


     

    Step 6

    You have set up a Dovecot authenticator in step 5 of the Exim configuration. You give Exim permission to use Dovecot's authentication system in 10-master.conf:

    nano /etc/dovecot/conf.d/10-master.conf

     

    Step 7

    Add the content below at the bottom of the opened file.

    service auth {
       unix_listener auth-client {
          mode = 0660
          user = exim
       }
    }

    Then, save your changes and close the file (ctrl + x> y> enter).

    Explanation

    • Adds an additional service called 'auth'.
       
    • The service uses a unix listener: this listens in 0660 mode to communication by another service with Dovecot. In this case, via the dovecot authenticator from the previous Exim part).
       
    • User= determines which user (Exim in this case) uses the service (here the Dovecot authenticator) that communicates with Dovecot.

     

    Step 8

    Open the file which provides the authentication:

    nano /etc/dovecot/conf.d/10-auth.conf

     

    Step 9

    Change the existing configuration so auth_mechanisms looks like this:

    auth_mechanisms = plain login

    Then, save your changes and close the file (ctrl + x> y> enter).

    Explanation

    auth_mechanisms = plain login: adds support for plain and login. These are authentication methods that are supported by (almost) all mail software.


     

    Step 10

    Finally, open the /etc/dovecot/conf.d/auth-system.conf.ext file. Here, you adjust the authentication method for Dovecot, so you can actually work with virtual domains.

    nano /etc/dovecot/conf.d/auth-system.conf.ext

     

    Step 11

    Place comments for the existing passdb and userdb parts and add a new one for both as in the example below:

    #passdb {
    #  driver = pam
      # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
      # [cache_key=<key>] [<service name>]
      #args = dovecot
    #}
    
    passdb {
      driver = passwd-file
      args = /etc/dovecot/imap.passwd
    }
    
    #userdb {
      # <doc/wiki/AuthDatabase.Passwd.txt>
    #  driver = passwd
      # [blocking=no]
      #args =
    #
      # Override fields from passwd
      #override_fields = home=/home/virtual/%u
    #}
    
    userdb {
      driver = static
      args = uid=vmail gid=vmail home=/home/vmail/%u
    }

    Explanation

    By placing # in front of the existing rules you comment them off and they are no longer applied. The new rules do the following:

    • passdb: authenticates the user. Any additional information such as which server the user is going to proxy, if the user is allowed to log in, etc. More information about the extensive options can be found here.
       
    • args = uid=vmail guid=vmail home=/home/vmail/%u: use vmail as uid and guid (which you will create later in this manual) and specify that all mail can be found in /home/vmail/%u where %u will be replaced during the authentication by the email address that is being mailed from / to.
       
    • driver = static: use a single UID and GUID for all mail users and optionally, the home directories.
       
    • userdb: retrieves user-specific information when login via passdb is successful. This can concern things like mailbox location, quota limit, etc.
       
    • args = /etc/dovecot/imap.passwd: the location of the file containing the password and mail address. We will get back to this later.
       
    • driver = passwd file: supports a password file for authentication. This may use the same structure as /etc/passwd.

     

    Then, save the changes and close the file (ctrl + x> y> enter).


    For the correct operation of your mail and the generation of Let's Encrypt certificates, it is necessary to open a few ports. You do this with the commands:

    firewall-cmd --zone=public --permanent --add-port=80/tcp
    firewall-cmd --zone=public --permanent --add-port=443/tcp
    firewall-cmd --zone=public --permanent --add-port=25/tcp
    firewall-cmd --zone=public --permanent --add-port=465/tcp
    firewall-cmd --zone=public --permanent --add-port=587/tcp
    firewall-cmd --zone=public --permanent --add-port=993/tcp
    firewall-cmd --zone=public --permanent --add-port=995/tcp
    firewall-cmd --reload
    • Ports 80 and 443 are required for the Let's Encrypt validation (the acme-challenge).
    • Ports 993 and 995 are respectively the IMAP and POP3 ports that Dovecot uses for TLS connections.
    • Ports 25, 465 and 587 are the ports that Exim uses to send and receive email.

    Optional tip: do you want to be able to close port 25 completely? Then, an adjustment to /etc/services is needed and to the variable daemon_smtp_ports in /etc/exim/exim.conf


     

    Selinux

    Do you use Selinux (can be checked with 'sestatus')? Then, also add the necessary ports here with:

    semanage port --add -t ssh_port_t -p tcp 80
    semanage port --add -t ssh_port_t -p tcp 443
    semanage port --add -t ssh_port_t -p tcp 25
    semanage port --add -t ssh_port_t -p tcp 465
    semanage port --add -t ssh_port_t -p tcp 587
    semanage port --add -t ssh_port_t -p tcp 993
    semanage port --add -t ssh_port_t -p tcp 995

     

    Opening outgoing mail ports

    For new VPSs, the mail ports are closed in the TransIP control panel for security reasons. In this article, we show you how to open them.


     

    VPS firewall

    Do you use the VPS firewall in the TransIP control panel? Then, open the ports 80, 443, 993, 995 and 587 therein.


     

    Fail2ban

    Do you use Fail2Ban? The logpath for the Exim-jail is /var/log/exim/main.log


    Adding an SSL certificate

    The basic configuration of Exim and Dovecot has been completed, but in the earlier steps, we have adjusted the configuration to require SSL (TLS). In this section, you create an SSL certificate and automate the renewal thereof.

     

    Step 1

    As SSL (TLS) certificate, we use a Let's Encrypt certificate. If you have not yet installed Let's Encrypt, first install it with the command:

    yum -y install certbot

     

    Step 2

    In this step, you generate a standalone certificate with the command below. Replace mail.example.com with the subdomain that you will use to send and receive mail to/from (the same subdomain you used in step 5 of the Exim configuration).

    You will be asked for an email address and permission for the terms and conditions, and for sharing your email address with the Electronic Frontier Foundation (optional).

    certbot certonly --standalone -d mail.example.com

     

    Step 3

    Your Let's Encrypt certificate and keyfile are stored in /etc/letsencrypt/live/<hostname>/ (the exact location is in the output of the command in step 2).

    The advantage of Let's Encrypt is that you can automate certificate renewal. You do this with a cron job which you create with:

    crontab -e

     

    Step 4

    If you've never opened Crontab before, it'll ask you which editor you'd like to use. Depending on your experience either select nano or vi(m). Assuming you selected vi(m), crontab opens in command mode and you switch to insert mode with the 'i' key. Then, add the content below.

    SHELL=/bin/bash
    HOME=/
    @monthly certbot -q renew >> /var/log/le.log
    • The cron job is performed every month at 0:00.
    • -q ensures that no output is generated, except for errors.
    • renew renews all Let's Encrypt certificates that expire within 30 days. Let's Encrypt certificates are valid for 90 days, so a new certificate is generated every two months.
    • >> /var/log/le.log sends the output to the le.log file. You create this with the command: touch /var/log/le.log

    By successively typing esc>:wq! the crontab closes and your changes are saved. If all goes well, you will see the following confirmation:


     

    Step 5

    Exim and Dovecot have no rights to the folders in which the certificates are stored and to the privkey1.pem file. Change the permissions so both can use it:

    chmod 755 /etc/letsencrypt/archive
    chmod 755 /etc/letsencrypt/archive/mail.example.com
    chmod 644 /etc/letsencrypt/archive/mail.example.com/privkey1.pem
    chmod 755 /mail.example.com

    Creating email addresses

     

    The final preparation

    Before you can create email addresses, some preparation is still required: creating the Vmail user and group. All mail is stored in this user's home directory, for example, /home/vmail/mail@example.com/.

    In addition, you create the file in which the authentication data of users end up and you set a location to which all mail sent to the root user on your VPS can go.

     

    Step 1

    Earlier in this manual, we have set that all mail is stored in the /home/vmail/<mailaddress> directories. To be able to use this, first create the vmail user and group:

    useradd vmail
    usermod -a -G vmail vmail

    The home directory for Vmail is created automatically.


     

    Step 2

    Then, create the file in which the names of the email addresses and associated log-in data are stored.

    touch 

     

    Step 3

    Open the /etc/aliases file. This sets where mail to specific system users is sent to.

    nano /etc/aliases

     

    Step 4

    Scroll to the end of this file. You see an uncommented rule here. Above that line, it says that it determines who receives the mail for the root user.

    Delete the # and change the name to the email address on which you want to receive the email. For example, the result looks like this:

    # Person who should get root's mail
    root:           mail@voorbeeld.nl

    Then, save the changes and close the file (ctrl + x> y> enter).


     

    Step 5

    Finally, enable Exim and Dovecot and set both to start automatically with a reboot of your VPS:

    systemctl enable exim
    systemctl enable dovecot
    systemctl start exim
    systemctl start dovecot

     

    Step 6 - optional

    When writing this manual, after installation, Exim had no rights to write to one of its own log files (main.log) because Exim itself was not the owner of the file. The consequence of this is that Exim does not want to start and does not show an error message of why Exim does not start.

    You correct the rights with the commands:

    chown exim:exim /var/log/exim/main.log
    systemctl restart exim

     

    Creating email addresses

    To make things easy for yourself, it is useful to create a shell script that you can use to create new addresses. This saves you the trouble of having to type all associated code every time you create an email address. You create such a script as follows:

     

    Step 1

    Open / create the file /etc/dovecot/create_mail.sh:

    nano /etc/dovecot/create_mail.sh

    Replace the location / name of the file as you wish, but the .sh extension must be retained.


     

    Step 2

    Give the file the content below.

    #!/bin/bash
    read -p " Enter user's mailaddress: " mailaddress
    read -sp " Enter password: " passwd
    
    sudo mkdir /home/vmail/$mailaddress
    sudo chown vmail:vmail /home/vmail/$mailaddress
    sudo chmod go-rwx /home/vmail/$mailaddress
    sudo echo $mailaddress:`dovecot pw -s SHA256-CRYPT -p $passwd` >> /etc/dovecot/imap.passwd

    Then, save the changes and close the file (ctrl + x> y> enter).

    Explanation

    • read - p: These rules prompt you for the new address and the corresponding password, respectively. Your input is stored as a variable ($mailaddress and $passwd). By using -s, the password is not displayed.
       
    • mkdir /home/vmail/$mailaddress: creates the directory /home/vmail/$mailaddress, where $mailaddress is the new email address.
       
    • chown etc: makes the user and group vmail the owner of /home/vmail/$mailaddress. This is necessary because this user and group are used by Exim and Dovecot for processing mail.
       
    • chmod etc: removes read, write and execute permissions from the group and other users. Vmail does retain the rights.
       
    • echo $mailaddress:'dovecot pw etc: places a line below the newest line in the file /etc/dovecot/imap.passwd with the structure: mail@example.com:{SHA256-CRYPT}$5$eNq1qHXAgVmetc//

      Dovecot pw -s SHA256-CRYPT -p $passwd` converts the $passwd variable into an SHA256 encrypted string. For example, you can change this to SHA512-CRYPT if you want to add a little extra.
    • There are more options than in the example above. For example, you could include an additional prompt to confirm the password: read -sp "Confirm password:" passwd1. You can then create an if then else construction where $passwd and $passwd1 are compared. If they do not match, you let the user specify it again for example.
       
    • You could also create a second script to change passwords (e.g. with an SED command). Please note that you also use dovecot pw for this.

     

    Step 3

    Give yourself permission to execute the script with:

    chmod 700 /etc/dovecot/create_mail.sh

    Using this command, only the owner has permission to execute the script. If you'd like to give more users permission to run the script, you could for example add a seperate group and use chmod to give the group execute rights (chmod 750) and use chown to change ownership of the file. Using usermod you can add users to the group.


    Setting up email in mail software and apps

    For this tutorial, we used a domain where the MX record has the value 10 mail and the subdomain mail refers to the VPS. We assume that you maintain the same structure, if not, adjust the following to your own scenario.

    Use the following information to set up your email address in your email software:

    • Email address: the desired email address with which you want to email. It must exist in /etc/dovecot/imap.passwd
    • Username: the same email address as above
    • Password: the corresponding (non-encrypted) password
    • Account name: the same email address again
    • Send message using the name: The name that you want to show for your emails.
       
    • Incoming server:example.com (the subdomain that refers to your VPS)
    • Account type: imap or pop3. The differences are explained here.
    • Incoming port: 993 (IMAP) or 995 (POP3)
    • Require SSL: yes, or SSL / TLS
       
    • Outgoing (smtp) server:example.com (the subdomain that refers to your VPS)
    • Outgoing port: 465 or 587
    • Require SSL: yes, or SSL / TLS
    • Outgoing server requires authentication: yes
    • Use the same username and password for sending mail: yes

     

    This brings us to the end of this article. We have discussed the basics of setting up a mail server with Exim and Dovecot with TLS security via Let's Encrypt. For the security of your mail server we also recommend consulting the following tutorials:

    Should you have any questions left regarding this article, do not hesitate to contact our support department. You can reach them via the ‘Contact Us’ button at the bottom of this page.

    Need help?

    Receive personal support from our supporters

    Contact us