How To Set Up Apache Server

Setting upwardly an IMAP server

This document will present how to prepare a James server in order to serve every bit a personal IMAP + SMTP server. We will cover:

DNS resolution and essential DNS records for post commitment
Server components clarification
Generation of a custom keystore
Starting James
Basic James assistants
Boosted features 1 might desire to enable...

This guide rely on the JPA Guice Docker paradigm. To run information technology, one demand to have docker installed.

DNS resolution

For a public facing postal service server to send and receive mail properly, it is necessary to configure your public DNS records so that other mailservers can find and send post to your users, and for other mailservers to trust and receive your mail service.

MX Record

Someone willing to send you an email will start have to observe which IP your mail server has. The style this is achieved is through MX (means Mail substitution) DNS record.

Imagine bob@domain.org sends a postal service to alice@visitor.com. Bob will:

Enquire company.com DNS server its MX entries
visitor.com respond that it is mx.company.com
Bob resolves mx.visitor.com ip address...
...and can establish a connection to mx.company.com to send an email to Alice

All you need is to create a MX Record in your Domain Control Console and signal it to the IP of your James server.

PTR Record

So you want to ship an e-mail to friends in another domain. Their mailserver volition not trust mail coming from your server unless they tin do a reverse DNS lookup.

That is what PTR Record practise - A reverse lookup which maps the mailserver IP accost to domain name.

PTR Record can just be created past your ISP - And so don't hesitate to inquire them to create information technology for you.

For Security and Spam Protection, delight check our other documents SPF Record and DKIM Record.

For testing and checking vulnerabilities, send an e-mail to mail-tester. It's a free tool that analyze your message, mail service server, sending IP... and show yous a detailed study of what's configured properly and what'south not.

JAMES architecture

JPA guice docker image relies on an embedded Derby database for storing information. Note that Apache Lucene library is used for email search. A postal service queue is implemented on peak of an embedded Apache ActiveMQ. Hence James do not need any external service for being running.

JPA guice offers the following protocols:

SMTP For receiving emails
IMAP For reading emails
WebAdmin is a REST API allowing yous to manage Apache JAMES

The following protocols are too bachelor:

LMTP local version of SMTP
POP3 For reading emails. Lacks tests
JMX is used past a command line for administrating Apache James
And more...

Generation of a custom keystore

In order to maintain a good level of privacy and security, James is relying on TLS cryptography for securing exchanges. We thus need to generate our own personal keystore. Note that this guide do not cover generating a keystore from SSL certificates. A security exception might be configured on the Postal service User Agent.

In order to create a keystore, please run: keytool -genkey -alias james -keyalg RSA -keystore /path/to/james/conf/keystore. James is configured with a default countersign james72laBalle (used to read the keystore). Even so, we will be overriding the configuration of the docker image, so yous can be defining your own.

Starting james

We want to override the configuration of the docker image with a volume.

Get-go let's remember a valid configuration:

          $ git clone https://github.com/apache/james-project $ cp -rf james-project/server/apps/jpa-app/sample-configuration conf $ mv keystore conf/keystore

Alter all protocol configuration files to match your keystore password (imapserver.xml, lmtpserver.xml, managesieveserver.xml, pop3server.xml, smtpserver.xml).

We will create a local folder for holding data out of the container:

          mkdir var

Then, let's start James:

          docker run \ --name james_run \ -p "25:25" -p "465:465" -p "587:587" \ -p "143:143"  -p "993:993" \ --volume "$PWD/conf:/root/conf/" \ --volume "$PWD/var:/root/var/" \ linagora/james-jpa-guice:latest

Administrating James

We at present accept a running James server. We just need to tell him which users and domains information technology should be handling mails for. We volition, in order to do this, use the command line:

          docker exec james_run java -jar /root/james-cli.jar AddDomain domain.tld docker exec james_run java -jar /root/james-cli.jar AddUser user@domain.tld secretPassword

The command line customer tin exist used for several other purposes like managing quota, setting addresses redirections, etc.

Configuring thunderbird

Given that the domain james.local is created and that user user01@james.local accept countersign 1234 (which is the setup of the demo prototype), nosotros volition configure thunderbird (here version 78.eleven.0).

Beginning go to the Account setting folio and click on Add mail service account.

So certificate the IP, and ports, username credentials and account name, through the advanced configuration. Note that the username should include the domain. Nosotros recommend using SSL ports for IMAP and SMTP.

Review your accounting settings, especially be conscientious to pick the right outgoing server...

If you are relying on cocky signed certificate, you lot might be prompted to confirm a security exception. Have.

You tin and so savour this Thunderbird account!

Additional features

Check this example on Mail service user agents autoconfiguration.

James is a large project with many features. You can go further and complete your installation with an AntiSpam system, or set up metric display, collect logs in ElasticSearch for a display in Kibana, and much more!

Also, James offers support for SPF and DKIM standards, which increase the trust external people can get in your mail system.