In a previous blog post I set up a Yunohost (“YH” moving forward) box with a script so that it would report it’s location back to Cloudflare (“CF” moving forward) automatically using a cron job entry on the box and a cool piece of free software called ddns-cloudflare. That blog was to make sure the website stuff (ie. WordPress blog, Nextcloud, etc) would work. The other neat part about setting up your YH box this way, I was thinking during the process, is that (I guess but haven’t tested yet), you could just unplug it and plug it in at another physical location (with the right ports open at that location, of course) and it should just start ‘magically working’. This would be a real selling feature for getting ‘off the grid’.
Now to attack the part that most people like me avoid – EMAIL!
We have all heard that email servers are complicated and stressful, but, with the CF-YH combo – once I figured it out – it now seems much easier than I had expected. But there weren’t any specific blogs out there for me to follow so I decided it would be super helpful to write one to help others avoid what I just went through.
This tutorial will connect CF to your YH email and give you a few tips to test as you go until it’s all working, since there are a few things in both CF and in YH that are a bit ‘weird’ I discovered. My hope is that this tutorial helps you get setup faster and easier.
This tutorial assumes you already have a CF account setup with the settings from the previous tutorial (www and A record stuff).
KNOWING WHERE YOUR YUNOHOST SETTINGS ARE
You will be able to find the private and unique details for your own Yunohost installation in the following section of your user interface:
Domains / nameofyourdomain.com / DNS Configuration
When you click this it will open up a pane that has all your records from the previous tutorial but also the recommended email settings. If you are like me, none of it will make sense at all.
The parts you are going to need to match up to CF are:
MX, DKIM and DMARC
The way in which you input them into CF is more than half of the battle, and the part where this tutorial should save you about 3 days of messing around.
First, let me give you a link to Cloudflare’s own support page on this topic. This will also give you a list of pretty much any kind of entry you might need in your own setup, if it’s more advanced than this tutorial. It also shows you how to create a records in your CF DNS settings. Here’s the link.
Now that you know how to enter a record in general, let’s enter them.
I’m going to display this like this:
MX RECORD
- WHAT YH SHOWS IN DNS CONFIG PANE: @ 3600 IN MX 10 mylataylor.ca
- HOW TO ENTER AND PASTE IT INTO CF
- TYPE: MX
- NAME: nameofyourdomain.com
- VALUE: SERVER: nameofyourdomain.com PRIORITY: 10
- TTL: AUTOMATIC
DKIM RECORD
- WHAT YH SHOWS IN DNS CONFIG PANE: mail._domainkey 3600 IN TXT “v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA…super_duper_long_long_thing”
- HOW TO ENTER AND PASTE IT INTO CF
- TYPE: TXT
- NAME: mail._domainkey
- VALUE: v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA…super_duper_long_long_thing (NO quotations)
- TTL: AUTOMATIC
DMARC RECORD
- WHAT YH SHOWS IN DNS CONFIG PANE: _dmarc 3600 IN TXT “v=DMARC1; p=none”
- HOW TO ENTER AND PASTE IT INTO CF
- TYPE: TXT
- NAME: _dmarc
- VALUE: v=DMARC1; p=none
- TTL: AUTOMATIC
It was explained to me that I also need to check RDNS, but I have not had any problems yet, and I’m not sure what this is nor how to do it. If you want to add this instruction in the comments that would be great.
If you refresh your page in CF and notice that an orange cloud has re-appeared from grey status, you may not have updated your .yml zone file correctly from previous tutorial. Your script might be updating the DNS records and accidentally forcing it back on. And this will stop your emails from working (the orange cloud). Go back to that tutorial and review the script yml config file setup and make sure you got he hashtags on the right lines…
At this point, it’s the moment of truth: will you be able to send and receive emails?
CREATE ACCOUNTS (AND EMAIL ACCOUNTS) IN YUNOHOST
This part created some issues for me because there may (or may not) be either a bug or an interface issue in the YH account setup. It appears, as you create the YH user that the email can be separate, however, from my experience, you should keep the username and the ’email name’ to be exactly the same – let YH auto-fill it and keep that as your email name. So, if you want your email to be johndoe@nameofyourdomain.com, make your YH username as johndoe at the top and let that auto-fill into the email field below. It seems like YH can’t take periods/dots in the username so john.doe won’t work. There appears to be email aliases that are supposed to work so probably you can figure this out but for me, for this tutorial, I would just avoid dots/periods, keep a simple username and make sure it auto-fills into the email field.
TEST YOUR SETUP
Once your username / email is set up in YH, now move on to test the email, in the client of your choice, but I strongly recommend Thunderbird to at least test to make sure things are working because it definitely works, I can confirm. Once this test is confirmed and you can send, receive emails with a basic thunderbird setup, then can feel confidence about all your settings above.
THUNDERBIRD SETUP
Literally, just follow this link exactly. If your settings are right, it will work. If they aren’t, they won’t. Also, be sure to wait at least 30 minutes for your cron jobs (if you are continuing from the Cloudflare tutorial) to run because the cron job can mess up your settings as well, I discovered. Once you have run a cycle or two of cron jobs and all is well, go wild with the hottest new technology – email…
TIP: when you get to the manual config, Thunderbird puts a period / dot before the serverhostname which is easy to miss. If your email is in the main domain root, then make sure to remove these dots.
Now send a test email to another account you have access to. One important thing to check is that you aren’t ending up in spam folders…
TIP: If you press send on your test email and it hangs on sending, go into your account settings of Thunderbird and you might have some old Outoing (SMTP) servers from previous YH email tests in there. I found after I deleted these old test servers and tried again, it worked perfectly, but if there were other ones in there it hung and failed.
Assuming you got your test email, now send a reply back to it and make sure you get that too. If you’re excited and bored or both, do this step over and over again perhaps with nursery rhyme verses…but make sure no one is watching you… I can’t emphasize enough that you need to wait at least a cycle or two of your cron jobs running to make sure it’s not messing things up over at Cloudflare.
All good? Nice. Another consideration now that you are a warrior hosting your own email is that by using Thunderbird you can back up your emails easily enough by simply connecting and synching your emails across multiple devices.
UBUNTU TOUCH DEKKO SETUP
Now let’s set this up on our Ubuntu Touch device with Dekko.
- Select the left hamburger menu
- Select the top right settings cogwheel on dark panel
- Select ‘mail’
- Select ‘accounts’
- Select the top right + plus sign
- Select IMAP
- Enter ‘whatever you want’ for the first two name options
- IMAP hostname: overwrite example with your yunhost server email location
- ENCRYPTION: should already default to this: ‘force encryption (SSL/TLS)’. if not, do it.
- username/password: auto-filled from first step
- authentication: change to ‘login’ (defaults to ‘plain’)
- SMTP server: overwrite example with your yunohost server email location
- SMTP port: 587
- ENCRYPTION: ‘use encryption (STARTTLS)
- AUTHENTICATION: change to ‘login’ (it defaults to ‘plain’)
Last and final and very important or your outbound email will literally break for this account and, I think, all your email accounts. You need to go back into the settings for this new email address and to this step:
- Select top left hamburger menu
- Select top right settings cogwheel on dark panel
- Select ‘mail’
- Select ‘accounts’
- Select Your newly-created yunohost email account
- Select Outgoing Server
- Scroll down under the LOGIN field and turn on the switch that says ‘Authenticate from server capabilities’
- Press left arrow at top of screen to save settings
CONCLUSION
Now, you should be in business sending and receiving emails from a Yunohost server, in your house, using Dekko email client on your Ubuntu Touch device.
This may be due to newer versions of yunohost, but in setting up any accounts now, you need to add ‘imap’ to the server addresses. so instead of yourwebsite.com it needs to now be imap.yourwebsite.com for any apps to work with the email account(s).
Great! and thanks for your feedback / help too.
Fantastic. Thank you.
Rdns or reverse DNS is very important for email deliverability. The big email providers will mark your server for spam if you don’t have this configured. Using a home based server I had to upgrade to a business connection and get my ISP to update the reverse DNS record for me since they do not have a self service portal. Your domain registrar can’t configure the reverse dns.