Setting Up Accounts
You can review your settings by browsing the iRedMail.tips file – wherever you moved it to for safe keeping:
It will tell you your initial administrator account information as well as the URL for logging into the administrative console.
With my example domain, it’s generally https://mail.yourdomain.com/iredadmin/. This administrative console looks like this:
Go ahead and add a user account for your personal use. e.g. firstname.lastname@example.org.
Configuring a Catch-All Mailbox
Commercial websites and advertisers regularly collaborate your online activity without your knowledge. One of the ways they do this is with cookies; another way is with the email addresses you use at their websites. Third party services can cross-reference information about you by your email address and sell it to other advertisers.
I recommend you set up a catch-all mailbox with your iRedMail server. Whenever I sign up at websites, I use email@example.com as the email registration address. This helps somewhat with minimizing the data mining between advertising services by email address. It can also help you identify the source of spam generated from third parties.
Follow these steps to configure a catch-all mailbox for your domain. Log in to your EC2 instance. Then, log into mysql with your administrator password (also in the iRedMail.tips file listed above).
mysql -u root -p
use vmail; INSERT INTO alias (address, goto) VALUES ('@yourdomain.com','firstname.lastname@example.org');
By not using your personal name (and personal domain name), you can isolate your identity a bit further from these services.
You might also consider using the WhoIs guard privacy services that conceal your identity from the DNS registration of your email domain. If you receive email at email@example.com for all your commercial websites, services can easily identify you and aggregate your data. But if instead you receive email at firstname.lastname@example.org, email@example.com and firstname.lastname@example.org, that’s a bit more masked. And, if you secure the WhoIs listing so it’s private, it makes it more difficult for people to trace you by your email address.
You can also use addresses such as email@example.com to aid in filtering inbound mail.
Securing Your Mail Server
Your mail server is your responsibility. Now, you’re responsible to make sure your server isn’t hacked, that your mail engine isn’t used to broadcast anonymous spam and that your email is regularly backed up.
I don’t go into scheduled backups of your server in this tutorial but there are several ways to do it. This thread in the Amazon AWS support forum describes several options: Deploy a script, Skeddly or Ylastic. You can also manually snapshot your volume on a weekly or monthly basis.
You can also use some of the GMail and IMAP backup services that we describe later.
Test your server at the Open Relay Test site to make sure you haven’t left open any giant holes for spammers. When it says it couldn’t connect to your server, that’s a good test result.
Review the Optimizing Your Setup steps when you’ve completed the tutorial. And, you’ll want to browse: Securing an Ubuntu Server and Hardening a Linux Server.
Please feel free to post corrections, questions or comments below. You can also reach me on Twitter @reifman or email me directly. If you like this tutorial, please share it on Twitter.