Before this install, I had never installed mail-in-a-box, but I’m am not new to linux. I knew it needed ubuntu 18.04 and a properly sized system all to itself. Simple enough requirements.

In addition to the mail-in-a-box constraints, I wanted a VPS provider in Switzerland (a country with good privacy laws and doesn’t participate in 14 eyes [government intelligence and surveillance sharing]).

I picked COIN.HOST which met all the criteria (it was a better than average system for a lower than average price). The underlying provider is Solar Communications GmbH, so I’m sure what I post here is relevant for SWISSMADE.HOST or any other reseller of Solar Communications GmbH service.

So, if you picked this provider (or are considering it)… read on. I want to save you some frustration. It is, indeed, possible to get mail-in-a-box working on their VPS (with the caveat you have to serve the DNS records elsewhere).

There are two main issues to solve. I’ll explain both problems and then describe the solutions.

First, COIN.HOST filters UDP port 53 on their network which is DNS. (They also filter NTP, UDP 123, but this was inconsequential).

So, if you just fire up mail-in-abox using curl it gets through a few modules and then craps out about the time it installs NSD and rewrites “/etc/resolv.conf.” From that moment forward you can’t resolve anything. The host is pretty much hosed if you didn’t record the default DNS servers beforehand.

The second issue is that IPv6 is not enabled on the loopback interface and this is a dependency for NSD which isn’t quite enough to stop most of the installation, but it makes a mess of late installation phases (e.g. system status and ssl certs).

Here is a general guide on how to install mail-in-a-box on this VPS. I used nano in my example but substitute your favorite editor.

Provision the VPS and ssh in as root. (this is the account they give you)

get the base packages up to date

apt-get update
apt-get upgrade

replace the ssh keys

rm -v /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
systemctl restart ssh

set the hostname with your IP address to whatever you plan to use

nano /etc/hosts

add ipv6 to lo

sysctl -w net.ipv6.conf.all.disable_ipv6=0
sysctl -w net.ipv6.conf.default.disable_ipv6=0

to make this persistent on reboots edit this file (you will see the previous commands… change the 1 to a 0)

nano /etc/sysctl.conf

You need to know what DNS the current system is using

systemd-resolve --status

You will eventually see something like this… just jot these numbers down

DNS Servers:

At this point we need mail-in-a-box scripts. so…

cd /root/
curl -s | sudo bash

CTRL-C at very first dialog box. Don’t type anything in. Don’t continue with the install. You just want to get right back to a command prompt after the scripts are acquired

now you edit a script you just downloaded

cd /root/mailinabox/setup

look for

echo "nameserver" > /etc/resolv.conf

add two lines after it with the DNS servers you jotted down earlier… it will look something like this…

echo "nameserver" > /etc/resolv.conf
echo "nameserver" > /etc/resolv.conf
echo "nameserver" >> /etc/resolv.conf

I did mean to use a single “>” to overwrite the file on the first new DNS and # a double “>>” to add the second.

At this point the machine is ready to run and it will look like an ordinary mail-in-a-box installation. Except you will have to replicate your DNS records elsewhere. So… install…

cd /root/

Everything should run to completion

I hate rebooting linux machines (my patron Saint is St Uptime), but I recommend it in this case to ensure all the services start as expected.


use the web administrative interface for your remaining configuration

good for troubleshooting

root@host:~# /root/mailinabox/management/
root@host:~# service nsd status
root@host:~# service nsd restart

At this point you have a working mail-in-a-box server BUT you need to copy the records from the admin console external DNS section to another DNS server. I just used my registrar, but giving DNS advice is really beyond the scope of this post and particular to your circumstances.


While poking through logs I noticed opendkim was failing key retrieval. As libunbound cannot make direct DNS queries, I had to add a nameserver for opendkim.

nano /etc/opendkim.conf

Then restart opendkim
systemctl status opendkim.service

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.