This is my installation of Surgemail as I’m experimenting with it.
- I’d recommend vising Surgemails website https://surgemail.com
- I’m installing Surgemail Version 80o, visit the download page for the most current version.
- This is installed in my homelab environment, not a production environment.
VM Settings
- 2vCPU (only need 1 but two feels better)
- 4GB Memory (only need 2)
- 40GB of Disk, Thin Provision
- Ubuntu 24.04.03 Minimized Installation
- Hostname mail.rustysdatabase.com
- Use your own hostname but this should be the same
Server Installation
- Update Server.
- apt -y update && apt-get -y full-upgrade
- Install packages. Only the core packages are needed, however the rest are very useful or can be swapped out, like vim for nano.
- apt -y install nano curl tar unzip openssl ufw fail2ban certbot clamav clamav-daemon htop net-tools dnsutils rsync
- Core Surgemail: curl, tar, unzip
- Security: ufw, fail2ban, certbot
- Virus Scanning: clamav, clamav-daemon
- Admin Tools: nano, htop, net-tools, dnsutils, rsync, logrotate
- apt -y install nano curl tar unzip openssl ufw fail2ban certbot clamav clamav-daemon htop net-tools dnsutils rsync
- Modify hosts file.
- nano /etc/hosts
- Leave the localhost line but change the 127.0.0.1 hostname to the servers internal IP address.
- nano /etc/hosts
- Download Surgemail.
- curl -O https://netwinsite.com/ftp/surgemail/surgemail_80o_linux64.tar.gz
- Extract the tarball.
- tar -xvzf surgemail_80o_linux64.tar.gz
- Change to the extracted directory.
- cd mtemp
- Run the installer.
- ./install.sh
- Press enter to accept the defaul install location.
- Set the domain name, for example, mine will be rustysdatabase.com.
- Enter the hostname, for example, mine will be mail.rustysdatabase.com.
- Type “Yes” to enable SPAM Handling Features.
- Enter a username for Webadmin.
- Enter a password and confirm it.
- Enter an email address.
- The Admin interface is now accessible by the domain name (if setup in DNS and accessible to the internet) or by the private IP
- mail.rustysdatabase.com:7026
- 192.168.1.75:7026
- ./install.sh
- Start Surgemail and enable it
- systemctl start surgemail
- systemctl enable surgemail
- Set UFW rules
- ufw reset
- ufw default deny incoming
- ufw default allow outgoing
- ufw allow 25/tcp comment ‘SMTP inbound’
- ufw allow 587/tcp comment ‘SMTP submission (auth clients)’
- ufw allow 465/tcp comment ‘SMTP over SSL’
- ufw allow 110/tcp comment ‘POP3’
- ufw allow 995/tcp comment ‘POP3S’
- ufw allow 143/tcp comment ‘IMAP’
- ufw allow 993/tcp comment ‘IMAPS’
- ufw allow from 192.168.1.0/24 to any port 22 comment ‘SSH LAN only’
- ufw allow from 192.168.1.0/24 to any port 7026 comment ‘SurgeMail admin HTTPS LAN only’
- In the commands above, we reset the firewall to defaults (should already be but I like to do it anyways), set the default rules, then set the ports used by Surgemail, and finally set our internal administrative rules.
- Enable ufw
- ufw enable
Leave a Reply
You must be logged in to post a comment.