How to install iRedMail on CentOS 7

Learn how to install iRedMail on CentOS 7 with our step-by-step guide. Set up a complete mail server solution for your organization or personal use. #centlinux #linux #mailserver

What is iRedMail?

iRedMail is an Open Source, full featured mail server solution that can save a lot of time for system administrators for complex configurations. iRedMail has support for all major Linux distributions. iRedMail uses other open source software like roundcube, SOGo groupware, Netdata, Nginx and MariaDB to add functionality to it’s mail server.

iRedMail is an open-source mail server solution designed for easy deployment of a full-featured mail server on various Linux distributions, including CentOS 7. It provides a complete suite of tools and components for setting up a robust and secure email server. Here’s a detailed overview of iRedMail:

What is iRedMail?

iRedMail is a free and open-source mail server software that simplifies the process of creating and managing a mail server. It bundles popular and reliable open-source components to offer a comprehensive email solution for both personal and business use.

Key Features of iRedMail

1. Complete Mail Server Suite: iRedMail installs and configures all the essential components needed for a full-fledged mail server, including:
   • Mail Transfer Agent (MTA): Postfix or Exim
   • Mail Delivery Agent (MDA): Dovecot
   • Mail Filter: Amavis with SpamAssassin and ClamAV
   • Webmail Interface: Roundcube or SOGo
   • Admin Panel: iRedAdmin for managing users, domains, and settings
2. User-Friendly Installation: iRedMail offers a straightforward installation wizard that guides you through the setup process with minimal manual configuration.
3. Web-Based Admin Interface: The iRedAdmin panel provides an intuitive web interface for managing mail server settings, user accounts, and domains.
4. Security Features: iRedMail includes built-in security features such as:
   • Spam Filtering: SpamAssassin for filtering out unwanted emails
   • Virus Protection: ClamAV for detecting and eliminating email-borne viruses
   • TLS Encryption: Support for secure email transmission with TLS/SSL certificates
5. Webmail Access: Users can access their email through webmail clients like Roundcube or SOGo, which offer a modern and feature-rich web interface.
6. User Management: iRedMail allows you to manage users, mailboxes, and domains from the iRedAdmin interface, making administrative tasks more efficient.
7. Customizable: While iRedMail provides default configurations, you can customize various components and settings to fit your specific requirements.
8. Support for Multiple Domains: iRedMail supports multiple domain configurations, allowing you to manage email for several domains from a single mail server.

Benefits of Using iRedMail

• Comprehensive Solution: iRedMail integrates all the necessary components into one package, saving time and effort in setting up a mail server.
• Open Source: As a free and open-source tool, iRedMail offers a cost-effective way to manage email without proprietary software expenses.
• Scalability: iRedMail can be scaled to meet the needs of both small and large organizations.
• Active Community: iRedMail has an active user community and support forums for troubleshooting and advice.

Components of iRedMail

How iRedMail Fits in the Email Ecosystem

iRedMail is ideal for those who need a complete, self-hosted mail server solution. It provides the essential tools for managing email services, from sending and receiving emails to filtering spam and protecting against malware.

Use Cases

• Small to Medium Businesses: For businesses needing a reliable and secure email solution without high costs.
• Personal Use: For tech enthusiasts and individuals wanting to host their own email server.
• Educational Institutions: For schools or universities needing a comprehensive email system for staff and students.
• Non-Profits: For organizations looking for cost-effective ways to manage communications.

Recommended Training for You: Build Email Servers: The Great Expert Guidance

Environment Specification

We have configured a CentOS 7 virtual machine with following specifications.

• CPU – 3.4 Ghz (2 cores)
• Memory – 2 GB
• Storage – 40 GB
• Operating System – CentOS 7.6
• Hostname – iredmail-01.example.com
• IP Address – 192.168.116.200 /24

iRedMail is available in two editions, iRedMail (Free) and iRedMail Easy (Commercial). In this article, we are installing iRedMail (free) server on CentOS 7.

Verify DNS Settings for iRedMail Server

Connect with iredmail-01.example.com using ssh as root user.

Before configuring a private mail server, it is mandatory to have an Authoritative DNS Server. The DNS server must answer MX (Mail Exchange) queries, so the emails should be redirected to our iRedMail mail server.

If you have a DNS Server then add MX and A record of iredmail-01.example.com therein.

To verify our DNS settings for our iRedMail server correctly, we can use dig command.

# dig -t MX example.com

; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.2 <<>> -t MX example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40248
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com.                   IN      MX

;; ANSWER SECTION:
example.com.            3600    IN      MX      0 iredmail-01.example.com.

;; AUTHORITY SECTION:
example.com.            3600    IN      NS      dns-01.example.com.

;; ADDITIONAL SECTION:
iredmail-01.example.com. 3600   IN      A       192.168.116.200
dns-01.example.com.     3600    IN      A       192.168.116.4

;; Query time: 1 msec
;; SERVER: 192.168.116.4#53(192.168.116.4)
;; WHEN: Fri Sep 06 19:23:22 PKT 2019
;; MSG SIZE  rcvd: 121

From above output, we can see that, the MX and A records of our iRedMail server are properly added in DNS servers.

Stop Existing MTA service

By default CentOS 7 installs Postfix as MTA (Mail Transfer Agent). We need to disable it before moving on to iRedMail server installation.

Stop and disable postfix.service.

# systemctl stop postfix.service
# systemctl disable postfix.service
Removed symlink /etc/systemd/system/multi-user.target.wants/postfix.service.
# systemctl mask postfix.service
Created symlink from /etc/systemd/system/postfix.service to /dev/null.

Disable SELinux on CentOS 7

iRedMail server is not compatible with SELinux and it is recommended in it’s documentation to disable the SELinux before moving on to installation.

# setenforce 0
# sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config && cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Install EPEL Yum Repository

iRedMail software requires some packages from EPEL (Extra Packages for Enterprise Linux) yum repository. Therefore, we are installing EPEL before moving forward.

# yum install -y epel-release

Install iRedMail on CentOS 7

iRedMail 0.9.9 (Stable) version is available to download at iRedMail official website.

Download iRedMail software using wget command.

# cd /tmp
# wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-0.9.9.tar.bz2
--2019-09-06 19:40:13--  https://bbuseruploads.s3.amazonaws.com/e392fe45-c2cf-4346-aa1e-6c05d480ba75/downloads/fccd5eb1-6858-4e62-a228-c97b5619b5ed/iRedMail-0.9.9.tar.bz2?Signature=vhsfH3P5VJi1Jp4ptRKow53AXXg%3D&Expires=1567782055&AWSAccessKeyId=AKIAIQWXW6WLXMB5QZAQ&versionId=m_D7CqHrpm4t_pmJmxXSzqz9kk3V4qkd&response-content-disposition=attachment%3B%20filename%3D%22iRedMail-0.9.9.tar.bz2%22
Resolving bbuseruploads.s3.amazonaws.com (bbuseruploads.s3.amazonaws.com)... 52.217.37.172
Connecting to bbuseruploads.s3.amazonaws.com (bbuseruploads.s3.amazonaws.com)|52.217.37.172|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 162676 (159K) [application/x-tar]
Saving to: âiRedMail-0.9.9.tar.bz2â

100%[======================================>] 162,676      133KB/s   in 1.2s

2019-09-06 19:40:24 (133 KB/s) - âiRedMail-0.9.9.tar.bz2â saved [162676/162676]

Extract downloaded zip file using tar command, to install iRedMail on CentOS 7.

# tar xf iRedMail-0.9.9.tar.bz2

Start iRedMail server installation as follows.

# cd iRedMail-0.9.9/
# bash iRedMail.sh

The iRedMail installer automatically installs required packages from CentOS 7 yum repositories and downloads iRedMail’s components from it’s website.

You are now at the welcome screen of iRedMail installer. Select Yes and press <ENTER>.

Provide the path to store the users’ mailboxes, if you have planned a different disk/partition to store the mailboxes. Otherewise, you can go with the default path as provided by the iRedMail installer.

Select Next and press <ENTER>.

The iRedMail installer is now asking to select a preferred web server. Select the Nginx using <SPACE> key.

Select Next and press <ENTER>.

Select a backend store for email accounts according to your preference. Since the administration is performed by a common iRedAdmin management console, therefore, you may not feel any big difference in functionality.

Select Next and press <ENTER>.

Because, we have select OpenLDAP as our backend store, therefore, it is asking for a LDAP suffix. Provide the LDAP suffix according to your environment.

Press <ENTER>.

Although, we don’t have selected MariaDB as backend store, but the iRedMail server still uses it internally. Therefore, provide a strong password for MySQL root user. Press <ENTER> to continue.

Provide your mail domain and press <ENTER>.

Provide a strong password for Mail Domain Administrator.

Press <ENTER> to continue.

Install any optional components based on your requirement.

Press <ENTER> to continue.

*************************************************************************
***************************** WARNING ***********************************
*************************************************************************
*                                                                       *
* Below file contains sensitive infomation (username/password), please  *
* do remember to *MOVE* it to a safe place after installation.          *
*                                                                       *
*   * /tmp/iRedMail-0.9.9/config
*                                                                       *
*************************************************************************
********************** Review your settings *****************************
*************************************************************************

* Storage base directory:               /var/vmail
* Mailboxes:
* Daily backup of SQL/LDAP databases:
* Store mail accounts in:               OpenLDAP
* Web server:                           Nginx
* First mail domain name:               example.com
* Mail domain admin:                    postmaster@example.com
* Additional components:                Roundcubemail SOGo netdata iRedAdmin Fail2ban

< Question > Continue? [y|N]

The iRedMail installer is confirming the settings, that we have provided in previous screens.

Enter y if you are happy with the settings.

The iRedMail installer will do all the work of installing packages and dependencies automatically.

********************************************************************
* Start iRedMail Configurations
********************************************************************
[ INFO ] Generate self-signed SSL cert (2048 bits, expire in 10 years).
[ INFO ] Generate Diffie Hellman Group with openssl, please wait.
[ INFO ] Create required system accounts.
[ INFO ] Configure Nginx web server.
[ INFO ] Configure PHP.
[ INFO ] Configure LDAP server: OpenLDAP.
[ INFO ] Setup daily cron job to backup LDAP data with /var/vmail/backup/backup_openldap.sh
[ INFO ] Configure MySQL database server.
[ INFO ] Setup daily cron job to backup SQL databases with /var/vmail/backup/backup_mysql.sh
[ INFO ] Configure Postfix (MTA).
[ INFO ] Configure Dovecot (POP3/IMAP/Managesieve/LMTP/LDA).
[ INFO ] Configure mlmmj (mailing list manager).
[ INFO ] Configure ClamAV (anti-virus toolkit).
[ INFO ] Configure Amavisd-new (interface between MTA and content checkers).
[ INFO ] Configure SpamAssassin (content-based spam filter).
[ INFO ] Configure iRedAPD (postfix policy daemon).
[ INFO ] Configure iRedAdmin (official web-based admin panel).
[ INFO ] Configure Fail2ban (authentication failure monitor).
[ INFO ] Configure Roundcube webmail.
[ INFO ] Configure SOGo Groupware (Webmail, Calendar, Address Book, ActiveSync).

*************************************************************************
* iRedMail-0.9.9 installation and configuration complete.
*************************************************************************

[ INFO ] Disable SELinux in /etc/selinux/config.
< Question > Would you like to use firewall rules provided by iRedMail?
< Question > File: /etc/firewalld/zones/iredmail.xml, with SSHD ports: 22. [Y|n]
[ INFO ] Copy firewall sample rules: /etc/firewalld/zones/iredmail.xml.
< Question > Restart firewall now (with ssh ports: 22)? [y|N]
< Question > Would you like to use MySQL configuration file shipped within iRedMail now?
< Question > File: /etc/my.cnf. [Y|n]
[ INFO ] Copy MySQL sample file: /etc/my.cnf.
[ INFO ] Enable SSL support for MySQL server.
[ INFO ] Updating ClamAV database (freshclam), please wait ...
ClamAV update process started at Fri Sep  6 20:56:33 2019
Downloading main.cvd [100%]
main.cvd updated (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Downloading daily.cvd [100%]
daily.cvd updated (version: 25564, sigs: 1751582, f-level: 63, builder: raynman)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 330, sigs: 94, f-level: 63, builder: neo)
Database updated (6317925 signatures) from database.clamav.net (IP: 104.16.219.84)
********************************************************************
* URLs of installed web applications:
*
* - Roundcube webmail: https://iredmail-01.example.com/mail/
* - SOGo groupware: https://iredmail-01.example.com/SOGo/
* - netdata (monitor): https://iredmail-01.example.com/netdata/
*
* - Web admin panel (iRedAdmin): https://iredmail-01.example.com/iredadmin/
*
* You can login to above links with below credential:
*
* - Username: postmaster@example.com
* - Password: Ahmer@1234
*
*
********************************************************************
* Congratulations, mail server setup completed successfully. Please
* read below file for more information:
*
*   - /tmp/iRedMail-0.9.9/iRedMail.tips
*
* And it's sent to your mail account postmaster@example.com.
*
********************* WARNING **************************************
*
* Please reboot your system to enable all mail services.
*
********************************************************************

Remove config file that was used by iRedMail installer, because it contains some critical information like Admin password.

# rm -f config

Restart our CentOS 7 server now using following command.

# systemctl reboot

Allow HTTPS service in CentOS 7 firewall.

# firewall-cmd --permanent --add-service=https
success
# firewall-cmd --reload
success

Verify iRedMail installation

After restart, browse URL https://iredmail-01.example.com/mail/ in a client’s browser to access RoundCube WebMail.

Login using credentials as provided in above command.

• Username: postmaster@example.com
• Password: Ahmer@1234

We are now at the inbox of postmaster@example.com user.

Now browse URL https://iredmail-01.example.com/sogo/ to connect to SOGo web client.

Login using same credentials that we have used above.

We reached at the inbox of SOGo web client.

Now browse URL https://iredmail-01.example.com/netdata/ to connect to Netdata monitor.

Login using the same credentials again.

We are now at the dashboard of Netdata monitor.

Now browse URL https://iredmail-01.example.com/iredadmin/ to connect to iRedAdmin administration console.

Login again using same credentials.

We are now at the dashboard of the iRedAdmin administration console.

All four components are working fine. We have successfully install iRedMail on CentOS 7.

If you are new to Linux and facing difficulty in working at Linux Bash prompt. We recommend that, you should read The Linux Command Line, 2nd Edition: A Complete Introduction by William Shotts.

Final Thoughts

You’ve successfully taken the first step towards setting up a powerful mail server with iRedMail on CentOS 7! By following this guide, you now have the knowledge to create a secure and reliable email solution for your organization or personal use.

If you’re looking for expert assistance or a more customized approach, I’m here to help! Check out my Fiverr gig for professional services, including: Linux VPS Administrator

Let’s work together to ensure your mail server runs smoothly and efficiently. Feel free to reach out with any questions or to get started on your project!