diff --git a/mailcow-mxroute.md b/mailcow-mxroute.md new file mode 100644 index 0000000..11f4e08 --- /dev/null +++ b/mailcow-mxroute.md @@ -0,0 +1,154 @@ +--- +title: Forwarding Mailcow through MXRoute +description: Maintaining reputation +published: true +date: 2026-02-15T01:42:12.478Z +tags: +editor: markdown +dateCreated: 2026-02-15T01:42:12.478Z +--- + +# MXroute as Forwarder for Mailcow + +## Overview +Configuration guide for setting up MXroute as an email forwarder for Mailcow-hosted domains. + +--- + +## Mailcow Configuration + +### 1. Create Domain +1. Navigate to Mailcow admin panel → Domains +2. Add new domain +3. Select the previously created sender-dependent transport +4. Record the generated DKIM key + +### 2. Add DKIM Key +- Configure DKIM for both Mailcow and MXroute +- Use different selectors for each (e.g., `default` for Mailcow, `mxroute` for MXroute) + +--- + +## DNS Configuration + +### Required DNS Records + +#### A Record +``` +mail.yourdomain.com → [Your Mailcow Server IP] +``` + +#### MX Record +``` +yourdomain.com → hermes.netgrimoire.com (Priority: 10) +``` + +#### CNAME Records +``` +imap.yourdomain.com → mail.yourdomain.com +smtp.yourdomain.com → mail.yourdomain.com +webmail.yourdomain.com → mail.yourdomain.com +autodiscover.yourdomain.com → mail.yourdomain.com +autoconfig.yourdomain.com → mail.yourdomain.com +``` + +#### TXT Records + +**SPF Record** +``` +v=spf1 ip4:192.168.5.16 ip4:24.249.193.115 include:mxroute.com -all +``` + +**DMARC Record** (`_dmarc.yourdomain.com`) +``` +v=DMARC1; p=reject; rua=mailto:admin@netgrimoire.com +``` + +**DKIM Record** (`default._domainkey.yourdomain.com`) +``` +v=DKIM1; t=s; p=[YOUR_PUBLIC_KEY] +``` + +--- + +## Example: gnarlypandaproductions.com + +| Record Type | Name | Value | +|-------------|------|-------| +| MX | @ | hermes.netgrimoire.com (Priority: 10) | +| A | mail | [Mailcow Server IP] | +| CNAME | webmail | mail.gnarlypandaproductions.com | +| CNAME | imap | mail.gnarlypandaproductions.com | +| CNAME | smtp | mail.gnarlypandaproductions.com | +| CNAME | roundcube | roundcube.netgrimoire.com | +| TXT | @ | v=spf1 ip4:192.168.4.11 ip4:24.249.193.114 include:mxroute.com -all | +| TXT | _dmarc | v=DMARC1; p=reject; rua=mailto:admin@gnarlypandaproductions.com | +| TXT | default._domainkey | v=DKIM1; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3D3vyPoBHB4eMSMq8HygVWHzYbketRX4yjk9wV4bdaar0/c89dK230FMOW6zVXEsY1sXKFk1kBxerHVw0wY8qnQyooHgINEQcEXrtB/x93Sl/cqBQXk+PHOIOymQwgni8WCUhCSnvunxXK8qX5f9J56qzd0/wpY2WSEHho+XrnQjc+c7HMvkcC3+nKJe59ZNgvQW/Y9B/L6zFDjAp+QOUYp9wwX4L+j1T4fQSygYxAJZ0aIoR8FsbOuXc38pht99HyUnYwH08HoK7xv3DL2BrVo3KVZ7xMe2S4YMxd1HkJz2evbV/ziNsJcKW/le3fFS7mza09yJXDLDcLOKLXbYUQIDAQAB | + +--- + +## Port Configuration + +**IMAP (SSL/TLS)** +- Port: 993 + +**SMTP (SSL/TLS)** +- Port: 465 + +--- + +## Relay Accounts + +Configuration for sender-dependent transports: + +| Domain | Username | Password | +|--------|----------|----------| +| pncharris.com | relay@pncharris.com | H@rv3yD)G123 | +| pncharris.com | forwarder@pncharris.com | (see password history) | +| pncharris.com | passer@pncharris.com | bBJtPhrGkHvvhxhukkae | +| wasted-bandwidth.net | relay@wasted-bandwidth.net | dZ4yLYznVvgSJtqWZJFA | +| netgrimoire.com | relay@netgrimoire.com | TVGCnJp9SxRbWU8EhkMw | +| florosafd.org | relay@florosafd.org | 2Fe8XMyaeh6Z5dvdHYdq | +| gnarlypandaproductions.com | relay@gnarlypandaproductions.com | vG5ZsUQhRWD2UyzLPsqA | + +### Password History (passer@pncharris.com) +Latest passwords (most recent last): +- !5!,_\*zDyLEhhR4 +- sh7dXWnTPqbkDGsTcwtn +- MY3V8p69b2HYksygxhXX +- RS6U2GU6rcYe3THKKgYx +- yzqNysrd73yzWptVEZ5H (current) + +### Additional Credentials +- kylr pncharris: -,68,incTeR +- G4@rlyf1ng3r + +--- + +## Troubleshooting + +### Common Issues + +1. **Email not sending through MXroute** + - Verify SPF record includes MXroute IPs + - Check sender-dependent transport is selected in Mailcow + - Confirm relay account credentials are correct + +2. **DKIM verification failing** + - Ensure both Mailcow and MXroute DKIM records are published + - Verify different selectors are used + - Check for DNS propagation (24-48 hours) + +3. **DMARC failures** + - Confirm SPF and DKIM are properly aligned + - Review DMARC reports sent to rua address + +--- + +## References + +- [Mailcow Documentation](https://docs.mailcow.email/) +- [MXroute Documentation](https://mxroutedocs.com/) +- [SPF Record Syntax](https://www.rfc-editor.org/rfc/rfc7208) +- [DKIM Documentation](https://www.rfc-editor.org/rfc/rfc6376) +- [DMARC Documentation](https://www.rfc-editor.org/rfc/rfc7489)