Turkey (Türkçe)
Germany (German)
Worldwide (English)
Mailcow is a modern, open source, and Docker-based email server solution. It combines components such as Postfix, Dovecot, SoGo, and Rspamd into a single Docker structure, offering a powerful and fully-featured mail platform. It can operate independently of hosting control panels like Plesk. In this article, we will explain in detail how to configure Mailcow from scratch, along with the Docker infrastructure, and performance & security optimizations.
1. Requirements
-
Ubuntu 20.04/22.04 or Debian 11+ is recommended.
-
At least 2 vCPU, 4 GB RAM, 40+ GB disk space
-
root SSH access
-
Domain name (e.g.,
mail.yourdomain.com) and DNS control -
Docker and Docker Compose must be installed
2. Installing Docker and Docker Compose on the Server
apt update && apt upgrade -y
apt install curl git docker.io docker-compose -y
systemctl enable docker --now
3. Downloading and Starting Mailcow
cd /opt
git clone https://github.com/mailcow/mailcow-dockerized
cd mailcow-dockerized
cp mailcow.conf.example mailcow.conf
mailcow.conf Settings:
-
MAILCOW_HOSTNAME=mail.yourdomain.com -
TZ=Europe/Istanbul -
SKIP_LETS_ENCRYPT=n -
ADDITIONAL_SAN=webmail.yourdomain.com
4. DNS Settings
Create the following records from your DNS management panel:
| Record Type | Name | Value |
|---|---|---|
| A | your server's IP address | |
| MX | @ | mail.yourdomain.com (10) |
| TXT | @ | SPF: v=spf1 mx ~all |
| TXT | mail._domainkey | DKIM: (generated after installation) |
| TXT | _dmarc | v=DMARC1; p=quarantine; |
5. Starting the Docker Service
./generate_config.sh
sudo docker compose pull
sudo docker compose up -d
You can access the Mailcow interface at:
https://mail.yourdomain.com
Default user:
admin / moohoo
6. Firewall and Ports
The following ports must be opened:
-
25 (SMTP)
-
587 (Submission)
-
993 (IMAP SSL)
-
465 (SMTPS)
-
80, 443 (Webmail, Let’s Encrypt)
ufw allow 25,465,587,993,80,443/tcp
7. Optimization and Security Settings
A) Create Swap Space (for RAM insufficiency)
fallocate -l 2G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo '/swapfile none swap sw 0 0' >> /etc/fstab
B) Fail2ban + Rspamd Brute Force Blocking
Mailcow Rspamd integrates anti-spam, greylisting, rate limit, and brute force protections. Installing Fail2Ban is recommended:
apt install fail2ban -y
C) Daily Automatic Update (Optional)
0 4 * * * cd /opt/mailcow-dockerized && ./update.sh --force-pull && docker compose up -d
D) Docker Resource Usage Limiting (In Docker compose.yml):
mem_limit: 512m
cpus: 0.5
8. Usage on External Servers Without Plesk
Mailcow operates independently without the need for panels like Plesk or cPanel. If you wish, you can provide only email service under mail.yourdomain.com and host your website on a different server.
If you are using Plesk:
-
Websites run on the Plesk server, and Mailcow runs on a separate VPS/dedicated server.
-
DNS records should be directed to the Mailcow IP (MX, A, SPF, DKIM).
9. Backup Recommendation
docker exec -it mysql-mailcow mysqldump -u root -p mailcow > mailcow-backup.sql
tar czf /root/mailcow-full-backup.tar.gz /opt/mailcow-dockerized
Mailcow, with its Docker-based structure, provides a flexible, modern, and secure mail server. It is ideal for users who want full control without the need for Plesk or similar panels. It can be easily used in both small-scale and corporate systems. You can create a powerful email infrastructure with correct configuration and DNS integration.