Open in app

Sign in

Write

Sign in

Spin off an Email Server with Containers using Docker Compose on Google Cloud Platform (Debian 9 Stretch)

MI Cloud
Minds in the Cloud
Published in
4 min readNov 28, 2018

Written by Young Ee, Alex Ling, and John Chan.

Wondering how to build an email server on Google Cloud Platform (GCP)? Herein is a solution with publicly available Docker Hub images!

Configurations on GCP

Start a Debian 9 Stretch based instance with external IP on GCP.

It is recommended to reserve a static external IP so that you do not have to change your configurations when you restart your instance.

Create firewall rules to allow ingress for the instance on ports 25, 143, 465, 587, and 993.

Configurations on Domain Registrar

You should have your own domain name registered for this exercise to work. Add the following records for your domain DNS:

Type      Name                          Value
A         @                             <<instance external IP>>
A         your_email_client_subdomain   <<instance external IP>>
MX        @                             @(Priority:10)

Prerequisites

Docker CE and Docker Compose are required for this exercise.

Install the necessary packages for apt to be able to download packages over https

sudo apt-get install apt-transport-https ca-certificates curl gnupg2 software-properties-common

Add GPG key for Docker repository

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -

Add Docker repository

sudo add-apt-repository “deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable”

Run update with the new repository

sudo apt-get update

Install Docker

sudo apt-get install docker-ce

Install Docker Compose

sudo apt-get install docker-compose

Set up the Mail Server

The relevant docker images from Docker Hub are used:
1. tvial/docker-mailserver
2. hardware/rainloop
3. abiosoft/caddy

Docker-mailserver consists of Postfix, Dovecot, Spam Assassin etc. to form the email service, Rainloop serves as the web client for the email service, and Caddy is the web server.

Please use root user throughout this exercise.

Make a directory for your docker project

mkdir ~/dockerproj

Also make a directory for the email server suite under the docker project directory

mkdir ~/dockerproj/docker-mailserver

Pull the Container Images from Docker Hub into the email server suite directory

cd ~/dockerproj/docker-mailserver
docker pull tvial/docker-mailserver
docker pull hardware/rainloop
docker pull abiosoft/caddy

Also download tvial/docker-mailserver’s configuration files

curl -o setup.sh https://raw.githubusercontent.com/tomav/docker-mailserver/master/setup.sh
chmod a+x ./setup.sh
curl -o docker-compose.yml https://raw.githubusercontent.com/tomav/docker-mailserver/master/docker-compose.yml.dist
curl -o .env https://raw.githubusercontent.com/tomav/docker-mailserver/master/.env.dist

Edit some of the environment parameters in the ‘.env’ file . We will edit this file again when we configure for a relay server (at a later section).

vim ~/dockerproj/docker-mailserver/.envHOSTNAME=mail
DOMAINNAME=commandocloudlet.com
CONTAINER_NAME=mail
SSL_TYPE=manual
SSL_CERT_PATH=/tmp/ssl/ssl.crt
SSL_KEY_PATH=/tmp/ssl/ssl.key

Edit the email server suite’s docker compose startup file

vim ~/dockerproj/docker-mailserver/docker-compose.ymlversion: ‘2’
services:
  rainloop:
    container_name: rainloop
    image: hardware/rainloop
    restart: always
    volumes:
    — rainloop_data:/rainloop/datamail:
    image: tvial/docker-mailserver:latest
    restart: always
    hostname: ${HOSTNAME}
    domainname: ${DOMAINNAME}
    container_name: ${CONTAINER_NAME}
    ports:
    — “25:25”
    — “143:143”
    — “465:465”
    — “587:587”
    — “993:993”
    — “4190:4190”
    volumes:
    — maildata:/var/mail
    — mailstate:/var/mail-state
    — ./config/:/tmp/docker-mailserver/
    — ./ssl:/tmp/ssl:ro
    env_file:
    - .env
    cap_add:
    — NET_ADMIN
    — SYS_PTRACE  entry:
    container_name: entry
    image: abiosoft/caddy:0.10.4
    restart: always
    privileged: true
    ports:
    — “80:80”
    — “443:443”
    volumes:
    — ./entry/Caddyfile:/etc/Caddyfile
    — caddy_data:/root/.caddyvolumes:
  maildata:
    driver: local
  mailstate:
    driver: local
  rainloop_data:
    driver: local
  caddy_data:
    driver: local

Create Caddy’s configuration file

vim ~/dockerproj/docker-mailserver/entry/Caddyfilehttp://youremailclient.com {
  proxy / rainloop:8888 {
    transparent
  }
}

Create Self-Signed SSL Certificate

apt-get install opensslmkdir -p ~/dockerproj/docker-mailserver/sslcd ~/dockerproj/docker-mailserver/sslopenssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out ssl.crt -keyout ssl.key

Create a user account for the Email Server

cd ~/dockerproj/docker-mailserver/
./setup.sh email add username@yourdomain.com password

Start the Containers with Docker Compose

cd ~/dockerproj/docker-mailserver/
docker-compose up -d

If the containers are started successfully, you should see the following prompt

Starting mail … done
Starting rainloop … done
Starting entry … done

Check the postfix/dovecot container logs

docker logs -f mail

Configure Rainloop

Visit http://youremailclient.com to access Rainloop email client.
To configure Rainloop, visit http://youremailclient.com/?admin.
The default root account is

Username: admin
Password: 12345

Change the password after login.

Add your domain using the admin control panel.

Domain setup in Rainloop (change to your domain accordingly)

Setup Email Relay

Google Cloud Platform blocks outbound SMTP. Having an email relay server can help to overcome this limitation.

Create a free account on SendGrid (or any other relay server of your choice). Follow the steps to create an api key and save the key somewhere safe.

Create the `./config/postfix-relaymap.cf` for relay host info. Recommended port is 587.

cd ~/dockerproj/docker-mailserver/
./setup.sh relay add-domain <domainname> <relay-hostname> <port>

Create the `./config/postfix-sasl-password.cf` for relay authentication

cd ~/dockerproj/docker-mailserver/
./setup.sh relay add-auth <domainname> <relay-username> <relay-key>

Add the relay hostname into the ‘.env’ file.

RELAY_HOST=smtp.sendgrip.net

Restart the containers for the new settings to take effect

docker-compose restart

If you are using SendGrid, you can log on to their website and navigate to Sender Authentication tab under settings to authenticate your domain and also to brand your email sender domain. Copy the information over to your domain registrar and you should be able to send emails with your own domain branding.

The End

Awesome! Now go login into your new email server and start spamming your friends.

This article is written based on byeCloud: Building a mailserver with modern webmail.

Docker
Docker Compose
Google Cloud Platform
Email Server
Containers

--

--

MI Cloud
Minds in the Cloud

Written by MI Cloud

6 Followers
Editor for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams