Deploying iRedMail

Introduction

iRedMail is a comprehensive, open-source mail server solution that provides everything you need to run a professional email infrastructure. It bundles Postfix for mail transfer, Dovecot for IMAP/POP3, Roundcube for webmail, and integrates spam filtering with SpamAssassin and Amavisd-new, plus antivirus protection via ClamAV.

Designed for system administrators who want a complete mail server without the complexity of configuring each component individually, iRedMail automates the installation and configuration of all necessary services. It supports multiple mail domains, unlimited mailboxes, and provides a web-based administration panel for day-to-day management.

Key highlights of iRedMail:

Complete Mail Stack: Includes SMTP, IMAP, POP3, webmail, spam filtering, and antivirus in one package
Multiple Backend Support: Choose between OpenLDAP, MySQL/MariaDB, or PostgreSQL for user storage
Webmail Interface: Roundcube provides a modern, responsive webmail experience
Admin Panel: iRedAdmin offers web-based administration for domains, users, and aliases
Spam Protection: SpamAssassin and Amavisd-new work together to filter unwanted emails
Antivirus Scanning: ClamAV scans all incoming and outgoing messages
DKIM/SPF/DMARC: Full support for email authentication standards
Per-User Settings: Users can manage their own spam settings and vacation responses
SSL/TLS Encryption: Secure connections for all protocols
100% Open Source: Free to use with optional professional support

This guide walks through deploying iRedMail on Klutch.sh using Docker, configuring persistent storage for mail data, and setting up the complete mail server stack.

Why Deploy iRedMail on Klutch.sh

Deploying iRedMail on Klutch.sh provides several advantages for running your mail infrastructure:

Simplified Deployment: Klutch.sh automatically detects your Dockerfile and builds iRedMail without complex orchestration. Push to GitHub, and your mail server deploys automatically.

Persistent Storage: Attach persistent volumes for mail storage, configuration, and databases. Your emails and settings survive container restarts and redeployments.

HTTPS by Default: Klutch.sh provides automatic SSL certificates for webmail and admin interfaces, ensuring secure access from any browser.

GitHub Integration: Connect your configuration repository directly from GitHub. Updates to your Dockerfile trigger automatic redeployments.

Scalable Resources: Allocate CPU and memory based on your expected mail volume. Start small and scale as your organization grows.

Environment Variable Management: Securely store sensitive configuration like database passwords and admin credentials through Klutch.sh’s environment variable system.

Custom Domains: Assign your mail domain to your iRedMail instance for professional email addresses.

Always-On Availability: Your mail server remains accessible 24/7 for sending and receiving emails.

Prerequisites

Before deploying iRedMail on Klutch.sh, ensure you have:

A Klutch.sh account
A GitHub account with a repository for your iRedMail configuration
A registered domain name with DNS control for MX records
Basic familiarity with Docker and email server concepts
(Optional) SSL certificates for your mail domain

Understanding iRedMail Architecture

iRedMail integrates multiple components into a cohesive mail server:

Postfix: The Mail Transfer Agent (MTA) handles SMTP for sending and receiving emails. It manages mail queuing, routing, and delivery.

Dovecot: Provides IMAP and POP3 access for email clients. Handles mailbox storage and authentication.

Roundcube: A modern webmail client accessible from any browser. Supports contacts, calendars, and advanced mail features.

Amavisd-new: Acts as a content filter between Postfix and the mail delivery system, coordinating spam and virus scanning.

SpamAssassin: Analyzes emails for spam characteristics using pattern matching, Bayesian filtering, and DNS blocklists.

ClamAV: Open-source antivirus engine that scans attachments for malware and viruses.

iRedAdmin: Web-based administration panel for managing domains, users, aliases, and server settings.

Preparing Your Repository

Create a GitHub repository containing your Dockerfile and configuration for iRedMail deployment.

Repository Structure

iredmail-deploy/
├── Dockerfile
├── README.md
└── .dockerignore

Creating the Dockerfile

Create a Dockerfile in the root of your repository:

FROM iredmail/mariadb:stable

# Set environment variables
ENV HOSTNAME=${HOSTNAME}
ENV FIRST_MAIL_DOMAIN=${FIRST_MAIL_DOMAIN}
ENV FIRST_MAIL_DOMAIN_ADMIN_PASSWORD=${FIRST_MAIL_DOMAIN_ADMIN_PASSWORD}
ENV MLMMJADMIN_API_TOKEN=${MLMMJADMIN_API_TOKEN}
ENV ROUNDCUBE_DES_KEY=${ROUNDCUBE_DES_KEY}

# Optional: Set MySQL root password
ENV MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}

# Expose required ports
# SMTP
EXPOSE 25
# Submission
EXPOSE 587
# SMTPS
EXPOSE 465
# IMAP
EXPOSE 143
# IMAPS
EXPOSE 993
# POP3
EXPOSE 110
# POP3S
EXPOSE 995
# HTTP for webmail
EXPOSE 80
# HTTPS for webmail
EXPOSE 443

# Health check
HEALTHCHECK --interval=60s --timeout=30s --start-period=120s --retries=3 \
  CMD postfix status && dovecot status || exit 1

Environment Variables Reference

Variable	Required	Description
`HOSTNAME`	Yes	Fully qualified domain name for the mail server
`FIRST_MAIL_DOMAIN`	Yes	Primary mail domain (e.g., example.com)
`FIRST_MAIL_DOMAIN_ADMIN_PASSWORD`	Yes	Password for postmaster@domain admin account
`MLMMJADMIN_API_TOKEN`	Yes	API token for mailing list management
`ROUNDCUBE_DES_KEY`	Yes	Encryption key for Roundcube sessions
`MYSQL_ROOT_PASSWORD`	Yes	Root password for the MariaDB database

Deploying iRedMail on Klutch.sh

Generate Security Tokens

Before deployment, generate secure tokens for your configuration:

# Generate Roundcube DES key (24 characters)
openssl rand -base64 24

# Generate MLMMJ API token
openssl rand -hex 32

# Generate strong passwords for admin and MySQL
openssl rand -base64 32

Save these securely for the environment variables configuration.

Configure DNS Records

Set up the following DNS records for your mail domain:

Type	Name	Value
MX	@	mail.yourdomain.com (priority 10)
A	mail	Your Klutch.sh IP address
TXT	@	v=spf1 mx ~all
TXT	_dmarc	v=DMARC1; p=quarantine; rua=mailto:postmaster@yourdomain.com

Push Your Repository to GitHub

Initialize and push your repository:

git init
git add Dockerfile .dockerignore README.md
git commit -m "Initial iRedMail deployment configuration"
git remote add origin https://github.com/yourusername/iredmail-deploy.git
git push -u origin main

Create a New Project on Klutch.sh

Navigate to the Klutch.sh dashboard and create a new project named “iredmail” or “mail-server”.

Create a New App

Within your project, create a new app. Connect your GitHub account and select the repository containing your iRedMail Dockerfile.

Configure HTTP Traffic

In the deployment settings:

Select HTTP as the traffic type
Set the internal port to 443 for webmail access

Set Environment Variables

Add the following environment variables:

Variable	Value
`HOSTNAME`	mail.yourdomain.com
`FIRST_MAIL_DOMAIN`	yourdomain.com
`FIRST_MAIL_DOMAIN_ADMIN_PASSWORD`	Your generated admin password
`MLMMJADMIN_API_TOKEN`	Your generated API token
`ROUNDCUBE_DES_KEY`	Your generated DES key
`MYSQL_ROOT_PASSWORD`	Your generated MySQL password

Attach Persistent Volumes

Add the following volumes for data persistence:

Mount Path	Recommended Size	Purpose
`/var/vmail`	100+ GB	User mailboxes and email storage
`/var/lib/mysql`	10 GB	MariaDB database files
`/var/lib/clamav`	5 GB	ClamAV virus definitions
`/var/lib/spamassassin`	2 GB	SpamAssassin rules and Bayes database
`/opt/iredmail/ssl`	1 GB	SSL certificates

Deploy Your Application

Click Deploy to start the build process. Klutch.sh will build the container and start your mail server.

Access iRedMail

Once deployed, access the webmail at https://your-app-name.klutch.sh/mail/ and the admin panel at https://your-app-name.klutch.sh/iredadmin/.

Initial Configuration

Accessing the Admin Panel

Log into iRedAdmin using your postmaster credentials:

Navigate to https://your-app-name.klutch.sh/iredadmin/
Username: postmaster@yourdomain.com
Password: The FIRST_MAIL_DOMAIN_ADMIN_PASSWORD you set

Creating Mail Users

Add new email accounts through iRedAdmin:

Go to Add → User
Select the domain
Enter username and password
Set mailbox quota if needed
Click Add

Setting Up DKIM

Configure DKIM signing for email authentication:

Access the DKIM keys generated during setup
Add the DKIM TXT record to your DNS
Test with online DKIM validators

Security Best Practices

Strong Passwords: Use generated passwords for all accounts
Regular Updates: Keep the container image updated for security patches
Backup Strategy: Regularly backup /var/vmail and database
Monitor Logs: Review mail logs for suspicious activity
Firewall Rules: Limit SMTP access to prevent abuse

Troubleshooting

Mail Not Sending

Verify MX records are correctly configured
Check Postfix logs for errors
Ensure port 25 is accessible

Webmail Not Loading

Confirm HTTP traffic is configured for port 443
Check Roundcube logs for PHP errors
Verify database connectivity

Spam Filter Issues

Update SpamAssassin rules
Check Amavisd-new configuration
Review quarantine settings

Additional Resources

Conclusion

Deploying iRedMail on Klutch.sh gives you a complete, professional mail server with webmail, spam filtering, and antivirus protection. With persistent storage for your mailboxes and automatic HTTPS for web interfaces, you can run a reliable email infrastructure without managing your own hardware.

Whether you’re setting up email for a small team or an entire organization, iRedMail on Klutch.sh provides the features and reliability you need for professional email communication.