Comprehensive answers to common questions about mail servers, covering both complete mail server solutions (mailcow, iRedMail, Mail-in-a-Box, Modoboa) and individual components (Postfix, Dovecot, Exim, etc.).
| Topic | Section |
|---|---|
| Complete Solutions | What complete mail server suites exist? |
| Components | What are the components of a mail server? |
| Protocols | What protocols and ports are used? |
| Setup | Which solution should I choose? |
| Security | How do I secure my mail server? |
| Operations | What daily tasks are required? |
A complete mail server system consists of several components working together:
Purpose: Responsible for sending and receiving emails between mail servers.
Popular Options:
Purpose: Handles delivery of email to the recipient’s mailbox.
Popular Options:
Purpose: Provides mailbox access for email clients.
Popular Options:
Purpose: Email client used by end users.
Examples: Outlook, Thunderbird, Apple Mail, mobile email apps
Purpose: Browser-based email access.
Popular Options: Roundcube, SOGo, RainLoop, SnappyMail
Purpose: Protect users from unwanted and malicious emails.
Popular Options: Rspamd, SpamAssassin, ClamAV, Amavis
Complete mail server suites integrate all components into a single, easy-to-deploy package:
Best for: Modern Docker deployments, full groupware
Best for: Enterprise, traditional installations
Best for: Ubuntu appliances, simplicity
👉 Full Mail-in-a-Box Documentation
Best for: Python/Django environments, modern UI
Purpose: Sending emails between servers and from clients to server.
| Port | Usage | Encryption |
|---|---|---|
| 25 | Server-to-server relay | STARTTLS (opportunistic) |
| 587 | Mail submission (clients) | STARTTLS (required) |
| 465 | Legacy SMTPS | SSL/TLS (deprecated but used) |
| 2525 | Alternative submission | STARTTLS (when 587 blocked) |
Note: Port 587 is the standard for mail submission. Port 465 is deprecated but still widely used.
Purpose: Reading and managing email on the server.
| Port | Usage | Encryption |
|---|---|---|
| 143 | Standard IMAP | STARTTLS |
| 993 | IMAPS | SSL/TLS (recommended) |
Purpose: Downloading email to local device.
| Port | Usage | Encryption |
|---|---|---|
| 110 | Standard POP3 | STARTTLS |
| 995 | POP3S | SSL/TLS (recommended) |
| Protocol | Port | Purpose |
|---|---|---|
| CalDAV | 443 | Calendar synchronization |
| CardDAV | 443 | Contact synchronization |
| ActiveSync | 443 | Mobile device sync |
| ManageSieve | 4190 | Sieve filter management |
┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐
│ MUA │ ───► │ MTA │ ───► │ MTA │ ───► │ MTA │
│ (Client) │ │ (Sender) │ │(Relay 1) │ │(Recipient)│
└──────────┘ └──────────┘ └──────────┘ └──────────┘
SMTP SMTP SMTP SMTP
┌──────────┐ ┌──────────┐ ┌──────────┐
│ MUA │ ◄─── │ MDA │ ◄─── │ MTA │
│ (Client) │ │(Delivery)│ │(Receive) │
└──────────┘ └──────────┘ └──────────┘
IMAP Local Network
POP3
Recommended: Use a complete mail server suite
Best Choices:
Advantages:
Custom Build: Combine individual components
Typical Stack:
Advantages:
Disadvantages:
TLS/SSL Encryption
Authentication
Email Authentication
Spam Filtering
Virus Scanning
Firewall
Regular Updates
example.com. IN TXT "v=spf1 mx a -all"
dkim._domainkey.example.com. IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkq..."
_dmarc.example.com. IN TXT "v=DMARC1; p=quarantine; rua=mailto:dmarc@example.com"
Monitor Server Health:
Security Monitoring:
Maintenance:
User Support:
Review and Optimization:
Backup Verification:
| Frequency | Task | Time |
|---|---|---|
| Daily | Monitoring | 15-30 min |
| Daily | Security checks | 15-20 min |
| Weekly | Updates | 15-30 min |
| Weekly | User support | 30-60 min |
| Monthly | Review | 1-2 hours |
Total: Approximately 1-2 hours per day for routine tasks
# /etc/spamassassin/local.cf
required_score 5.0
rewrite_subject 1
subject_tag ***SPAM***
Via mailcow UI or directly:
# /etc/rspamd/local.d/worker-normal.inc
bind_socket = "*:11333";
# /etc/rspamd/local.d/classifier-bayes.conf
learn_condition = "return true";
| Tool | Type | Difficulty |
|---|---|---|
| Rspamd | Modern filter | Moderate |
| SpamAssassin | Classic filter | Easy |
| Spamhaus DNSBL | Blacklist | Easy |
| Greylisting | Technique | Easy |
| Provider | Daily Limit |
|---|---|
| Gmail | 500 recipients |
| Outlook.com | 300 recipients |
| Self-hosted | Start with 50-100/day |
Check:
/var/log/mail.log)mailq or postqueue -p)Check:
Check:
Check:
Any questions?
Feel free to contact us. Find all contact information on our contact page.