I have a number of static IPs for my router. If I forward all ports to an internal server on my network. Will I be able to install mail-in-a-box?
As we have multiple static IP’s and enough hardware internally, I don’t want to have to pay for a service like Digital Ocean.
Best practices, and I personally would refrain from forward all ports (e.g. not put the box in a dmz) but fwd just the ports you see when issuing the “ufw status numbered” command (e.g. 53, 25, 587, 993) and 80 and 443 if you plan to want outside your network access. Also I think the biggest issue you may have is setting your PTR record for the static IP, if you network host can get those set for you, or they gave you the ability to set it yourself, I recommend you check those IP addresses against known blacklists, and if they are clear, build them up and open the ports.
I agree with @usachris. Use MXToolbox to determine if your IP is on a blacklist. You would do well to dedicate one of your external IPs to the box, and put it in a DMZ. This will create the fewest potential issues. Port forwarding will work, but it might get messy with regard to forward-confirmed reverse DNS checks that receiving mail servers run on your incoming email to them.
At a minimum, for MIAB to give you a pass on the installation network checks, you can’t have your domain or IP listed at Spamhaus, and you cannot have port 25 blocked. (see https://github.com/mail-in-a-box/mailinabox/blob/master/setup/network-checks.sh)
@J376A & @usachris
Many thanks for your quick response.
Sorry in my first post I should of stated forward all ports that MIAB would need not actually all of them.
I am not sure about PTR records and things like that. I have checked and the IP is not on any blacklists and our ISP doesn’t block anything.
Maybe for the time being, a DO site would be best to get things running, and then look at getting it hosts internally.
Many thanks Again
DO route is far less of a challenge of course, but you have static iPs and hardware just sitting there, I totally understand… but depending on your ISP, it may just be a phone call away to get them to set the PTR records (reverse IP to name) — maybe some ISPs are just not going to do it or play dumb, some charge, some do it for free — worth a shot----- if you don’t have this PTR record set, a lot of mail you send out will be flagged as spam, because you’ll be sending from your IP address, and when the receiving server looks it up, the ip will be nnn.yourispname.com instead of nnn.yourdomainname.com and when you’re sending from @yourdomainname.com they think you’re spamming.
@usachris - Really Appreciate your info and advice on this. I am fairly new to the linux and open source culture. I was in a job that was microsoft to the bitter end. But no i am free!
So all of this is great info/knowledge I can use.
This site is great by the way!
Learning more about the internals of MIAB was definitely easier for me thanks to these forums. You can checkout the code from GitHub and browse it on your own time to learn more about how it works.
Keeping in mind it’s unsupported… you could run a local copy to play with by commenting out the network-checks.sh file content. That’s how I did it to begin with. That gives you the freedom of a sandbox that isn’t the company’s production mail server
Also, word of caution, we’ve had consistent troubles with Z-Push (the Exchange EAS/EWS component), and OwnCloud, the WebDAV/CalDAV component. Those issues are being explored mostly on the GitHub tracker. In my opinion it’s best to stick with straight SMTP and IMAP for the time being, which have proven themselves completely stable.
Not sure what the exhange EAS/EWS part is?
Shame that OwnCloud and the Calendar part aren’t working well, that is one of the features i liked about this solution
I’ll install and keep on with it, and see if the problems get resolved.
The EAS/EWS component allows Exchange ActiveSync connections, so for example in iOS Mail or Outlook you can connect to the MIAB as if it were an Exchange server. We’ve had some trouble with it in the past, but as of v0.15a it should be fixed. OwnCloud has given us troubles and the code contributors are discussing how to best supplant it with another solution. I have used it for transferring a handful of contacts between devices and it does work, but we’re anchored to an older version as I recall. Someone else can correct me where I am mistaken.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.