Running a production Mail-in-a-Box on a VM (virtualbox w/ vagrant)

dave · October 7, 2014, 4:09pm

Has anyone tried using the supplied Vagrantfile as the base for a production (non-test) Mail-in-a-Box install?

I have a long lease on a dedicated server, upon which I’d like to run a mail server (multiple domains, multiple virtual users), as well as a bunch of other services (websites, jabber, fileserver, and general user logins.

I was hoping to use a VM on the dedicated server to run Mail-in-a-Box, then have another VM or two for all the other services.

I’ve been trying this out, and it doesn’t look impossible at least, but I’d like to hear if anyone else has got it all to work.

My host OS is Debian stable, and I’m using an edited version of the Vagrantfile from https://github.com/mail-in-a-box/mailinabox to get the various ports forwarded to the guest OS. I’m using nginx on the host OS to proxy /admin and /mail to the guest.

JoshData · October 7, 2014, 6:45pm

Hello,

I haven’t tried it, but I can’t think of a reason it wouldn’t work if you proxy/forward all of the services:

SMTP on 25 and 587
IMAP on 993
Web on 80 and 443
DNS by either port-forwarding port 53 for both UDP and TCP or using external DNS

If you get it to work let’s get your changes merged into the Vagrant file.

Josh

dave · October 7, 2014, 9:59pm

So far, I’ve added the following port forward rules to the Vagrantfile. I can successfully use /admin and /mail, and have set up users and sent and received mail.

# HTTP port forwarding - X <= X + 2000
config.vm.network "forwarded_port", guest: 80,  host: 2080
config.vm.network "forwarded_port", guest: 443, host: 2443

# DNS forwarding - X <= X (until I move this back onto host OS)
config.vm.network "forwarded_port", guest: 53,  host: 53   # DNS

# Email port forwarding: X <= X
config.vm.network "forwarded_port", guest: 25,  host: 25   # SMTP
config.vm.network "forwarded_port", guest: 110, host: 110  # POP3
config.vm.network "forwarded_port", guest: 143, host: 143  # IMAP
config.vm.network "forwarded_port", guest: 465, host: 465  # Secure SMTP (SSMTP)
config.vm.network "forwarded_port", guest: 585, host: 585  # Secure IMAP (IMAP4-SSL)
config.vm.network "forwarded_port", guest: 993, host: 993  # IMAP4 over SSL
config.vm.network "forwarded_port", guest: 995, host: 995  # Secure POP3 (SSL-POP)

JoshData · October 11, 2014, 12:12am

Great. Keep us posted?

dave · December 18, 2014, 9:40pm

Hi Josh,

Running under my own VM did seem to work, but in the end I found it was easier to go with the recommendations and just run on a third-party one. I chose the AWS free tier as they claim to have improved their deliverability with reverse DNS changes, and active scanning of the blocklists to check if their IP addresses are on them.

Cheers,

Dave

JoshData · December 19, 2014, 10:14pm

Let us know if AWS works out well.

vzsigmond · August 31, 2016, 6:54am

If you plan to use vagrant with virtualbox provider for production, I recommend adding an option for nataliasmode to proxyonly. This way, the log files will get the real IP addresses so fail2ban and spamassassin will work correctly.

Example config:

  config.vm.provider "virtualbox" do |v|
    v.customize ["modifyvm", :id, "--nataliasmode1", "proxyonly"]
  end

JoshData · August 31, 2016, 10:29am

@vzsigmond Hey, would you submit a pull request to the Vagrantfile in the Mail-in-a-Box github repo that adds that and has a comment explaining why (exactly what you said here)?

vzsigmond · September 1, 2016, 6:18pm

Sure, pull request sent, including required ports.

JoshData · September 1, 2016, 10:34pm

Thanks! Now we won’t lose track of the advice.