[Support] Poste.io Free version


Recommended Posts

Application Name: Poste.io  <==>  "SMTP + IMAP + POP3 + Antispam + Antivirus + Web administration + Web email ... on your server in ~5 minutes."

Application Site: https://poste.io/

Docker Hub: https://hub.docker.com/r/analogic/poste.io/

Template-Repository: https://github.com/Jcloud67/Docker-Templates

 

INITIAL SETUP:
      0.  Requires registered FQDN to send/receive external email.
      1.  Following ports are used by container for mail: 25, 110, 143, 443, 465, 587, 993, 995
      2.  Following ports are used by container for webui: 443, 8280    (These may conflict, check your ports)
      3.  Make a user share for mail data, default is  /mnt/user/poste
      4.  Some or all mail ports may need to be opened, forwarded, or dmz for  mail send/receive to work.
 

Optional arguments
-e "HTTPS=OFF" To disable all redirects to encrypted HTTP, its useful when you are using some kind of reverse proxy (place this argument before image name!)

 

NOTE: Marked as BETA, simply because author is not an expert in email exchange servers -- software itself looks pretty good.

Link to comment

Just keep in mind if you set this up, you need to be able to set the PTR record for your public IP. Many if not most ISP's will NOT want to do this, resulting in your outgoing emails being tagged as spam and / or immediately bounced on almost every major email provider.

 

Sending email from a normal consumer ISP connection without it being tagged as spam is difficult to impossible.

  • Like 1
Link to comment
7 hours ago, jonathanm said:

Just keep in mind if you set this up, you need to be able to set the PTR record for your public IP. Many if not most ISP's will NOT want to do this, resulting in your outgoing emails being tagged as spam and / or immediately bounced on almost every major email provider.

 

Sending email from a normal consumer ISP connection without it being tagged as spam is difficult to impossible.

Good call. I had seen requests in forums, and was just trying to fulfill, I may have I opened a large can of worms.  I've actually run into the issue you mention, GMAIL flags everything I've sent as SPAM. The bigger issue has been receiving email. Emailing from outside to Poste has resulted in no delivery/stuck in mailserver queue (not bounced). It's been over 15 years from the last time I've worked on a mail server, DNS, and delivery systems.

Link to comment

You may want to flag this container as advanced users only or post other warnings. I can definitely see it being useful for some folks, but not on a normal consumer level ISP.

Fixed IP is a must, as is the ability to set PTR records to match the mail DNS name. A business internet account with a fixed IP would probably be a minimum requirement.

Trying to get this working with a dynamic IP would be an automatic fail on all levels.

  • Like 1
  • Upvote 1
Link to comment
  • 3 weeks later...

I can't enter the web interface screen. Port 8280 (webui port) only forwards me to  https://myserver/admin/install/server. The problem is that this then shows my unraid interface.

Adding the port like https://myserver:8280/admin/install/server or even changing it to http doesn't do anything.

 

Is there anything I'm missing?

Link to comment
  • 1 month later...

I have got this mostly working but when setting up a smarthost to use (my isp requires this) the mailserver just ignores the setting and still try to send the mails out on port 25 instead of 465 that I have specified. Anyone know how to fix this?

 

Also when trying to fix this issue I read on poste.io page that there should be logs for the smtp stuff in the following location, but there is no qpsmtpd folder in the logs dir.

/your-data-dir/logs/qpsmtpd - logs from all smtpd communications

Any help would be greatly appreciated.

Link to comment

Yeah, this is starting to get annoying

I think I have everything set up, I can receive email, I just can't send.

Seriously, nothing sends. It all ends up in a queue and I don't know why it won't send.
And the logs don't seem to give any clue. IT just shows them being added to the queue and then... nothing. Doesn't seem to be any attempt to send.

Any suggestions?

Link to comment
2 hours ago, Ryonez said:


It says it's found a DNS record. Why do you ask?

Does the DNS record it found match your domain precisely?

 

When you ping the domain that you are using for your email, it returns an IP address. When you get the info on that IP, if the domain that is returned doesn't match the pinged domain exactly, you will have issues with providers bouncing your email as spam.

Link to comment
  • 3 weeks later...

After filling out the initial config page i get:

Oops! An Error Occurred
The server returned a "500 Internal Server Error".
Something is broken. Please let us know what you were doing when this error occurred. We will fix it as soon as possible. Sorry for any inconvenience caused. 

returned, is this a conman issue ?

Link to comment
  • 1 month later...
  • 4 months later...

I'm running into the problem that all sent emails end up as "250 - Message queued".
All ports are open and confirmed to be open using an online tool.

 

When configuring SMTP relay to my local IP they get sent, but immediately return a Delivery Failure email (because it checks if the domain is configured on my own mailserver, instead of looking up what mailserver to send it to).
Wasn't this supposed to be an all-in-one solution? Right now it seems like it's just completely incapable of sending emails and only capable of receiving them.

 

So, for clarification, emails aren't being sent, seemingly not even an attempt to send them is being made. Not to be confused with emails getting rejected or ending up in SPAM (which isn't one of my concerns since it's for personal use only anyway).

 

Tried checking log files, but they don't tell me anything useful either, only that the message got queued, but nothing after that.

EDIT: Turns out my ISP is blocking the outgoing port 25 somewhere along the way. I didn't bother to check at first since I never ran into a similar issue before with my ISP so figured they weren't blocking anything.

Edited by xorinzor
Link to comment
  • 1 month later...

Most common residential ISP's in the past millennium turn and even at this present time participate in banning outgoing port 25 with absolutely no support to accommodate your request to open it. Make sure you thank the people who spam and send out 10's of thousands of news letters a day promoting bed bath and beyond coupons. If you are lucky and have a registered business in a residential area paying for Business Class service in a residential area Then this should not be an issue.. 

Q: What about using a SMTP relay, i.e sendgrid, sending 100 emails p/day for free possible with Poste.io Free version?
FQ: Does Poste.io Free version provide support [in its GUI for an SMTP relay?
[EDIT]
A: yes!
image.png.d27c6063b0e92bdf08f449ab3feca707.pngA:


Q: MX records, Pointing to DuckDNS, achieve Static results?
[EDIT]
A: yes!
FQ: what would you put for a SPF record?

Q: How much Ram are we talking about when using Poste.io?
MS Exchange 2019 Memory Varies depending on Exchange roles that are installed: • Mailbox: 128GB • Edge Transport: 64GB minimum recommended. 
MS Exchange 2016 requires 8 GB of RAM for the mailbox role and 4 GB for the Edge Transport role minimum recommended. 
A: Using the Poste.io demo is showing "Used memory 6GB" I am assuming that can go higher!
image.png.2e7070251bf6b2dd54cd23ced6fce5a4.png

 

Edited by h3xcmd
Answers
  • Like 1
Link to comment
  • 2 weeks later...

So I was able to get this working sending and receiving mail (static ip, ptr record set by my isp, all ports forwarded and working) but I'm having issues getting this working with my nginx reverse proxy.. keep getting a 502 error

Here's my proxy conf

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name mail.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /login;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_mail mail;
        proxy_pass http://$upstream_mail:4433;
    }
}

and here's the container setup

0fd0306ffb7865a098b1a46b3866bd63.png

Link to comment

Is there a way on the backend to default it to use port 587? If I wanted to use the web interface it seems by default it uses port 25 and I haven't found a way to change it.. Since my ISP blocks outbound port 25 this is an issue.. Emails get delivered if i setup an SMTP relay with port 587 but i cannot use that solution going forward it was for a test... I also cannot receive any emails which I am not sure why yet but am able to telnet to my server and can see a connection on the interface so i know inbound port 25/587 is open and working. Looks like most stuff is ending up in the "queue" and just stays there.

Link to comment
  • 4 months later...

MXToolbox is reporting that my server does not support TLS. My knowledge in this sort of thing is limited, but I think I have pinpointed the problem.

 

After issuing the EHLO command myself, it returned the following.

 

250-PIPELINING

250-8BITMIME

250-SMTPUTF8

250-SIZE 25214400

250 STARTTLS

 

That last line is what draws my attention. It's got a space instead of a dash. MXToolbox is expecting "250-STARTTLS" and I'm guessing that's why it's marking it as not supported since that's not in the response that it's getting.

 

I imagine this is something more for the original developer of the software to deal with--just hoping that it makes its way up the chain from here.

Edited by Phastor
Link to comment

Hi,

 

I have Poste.io set up on my Unraid server which is behind my firewall. I have a reverse proxy (NGINX) set up for web access. Mail ports are forwarded.

 

All this is working.

 

My problem is with using Let's Encrypt for certificates.

 

I created a wildcard cert for my domain and, if I manually copy the certs, it "kind-of" works. Problem is that I have to manually renew this and then copy a bunch of certificates around. If I try to use Poste.io's internal certificate setup, then I hit a road-block.

 

I don't know how this is working, but if I go to the URL for my Unraid box, then I get the Unraid interface. Same URL, but with /webmail or /admin gets me Poste.io. I have no idea where this redirect is being set up. I don't really care, however when I use the Cert setup, it tries to set up a challenge on http://<mydomain>/.well-known/acme-challenge/IyfGN5K7ZHtYnV198g5g-phW219wh73eMjddgVvhrmg and that is NOT redirected, so fails.

 

Can anyone help?

Link to comment

Ok, after much digging as well as not a little hair-pulling, I now have it working.

If anyone else stumbles across this post and has the same problem, it seems that when you access the web interface using port 8280, it redirects the browser to use https on port 443, changing the location to be /webmail. I hadn't noticed the switch.... The Let's Encrypt challenge works on http on port 80. So, what I did was to set my reverse proxy to forward all http requests to mail.<mydomain> port 80 to https on my Unraid box and it was able to verify everything....

Link to comment
  • 4 months later...

For users who want the letsencrypt in Poste IO working but are already using a letsencrypt docker, all you need to do is share the .well-known folders between your Poste IO and letsencrypt docker i.e. in the Poste IO docker config:
image.png.4862db97996c5f5977f151808390ee98.png

 

This will not work if your domain has HSTS turned on with redirects to HTTPS (or this was the case with the version of letsencypt in the docker a while ago as it was reported here: https://bitbucket.org/analogic/mailserver/issues/749/lets-encrypt-errors-with-caprover )


You can instead mount the default certificate files in the docker directly to the certificates from the letsencrypt/SWAG docker.

To be explicit with my volume mounts for SSL working:

 

/data/ssl/server.crt → /mnt/user/appdata/letsencrypt/etc/letsencrypt/live/mailonlycert.DOMAIN.com/cert.pem
/data/ssl/ca.crt → /mnt/user/appdata/letsencrypt/etc/letsencrypt/live/mailonlycert.DOMAIN.com/chain.pem
/data/ssl/server.key → /mnt/user/appdata/letsencrypt/etc/letsencrypt/live/mailonlycert.DOMAIN.com/privkey.pem


I do not recall the exact details of why the above is optimal but I suspect that Poste is handling making it's own full chain cert which results in some cert mangling if you do give it your fullchain cert rather than each separately (various internal services inside the docker need different formats) - I believe that without the mounts as above the administration portal will be unable to log you in.

Edited by aterfax
Updating info
  • Like 2
  • Thanks 1
Link to comment
  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.