docs: rename mxroute-mailcow to Netgrimoire/Services/MailCow/mxroute_mailcow

2026-02-20 04:23:20 +00:00 · 2026-02-20 04:23:20 +00:00 · 69814a7f44
commit 69814a7f44
parent fe8466e7e1
1 changed files with 0 additions and 0 deletions
--- a/Netgrimoire/Services/MailCow/mxroute_mailcow.md
+++ b/Netgrimoire/Services/MailCow/mxroute_mailcow.md
@ -0,0 +1,399 @@
+---
+title: Recieving Mail thru MXRoute
+description: Trusted receiver
+published: true
+date: 2026-02-15T02:33:37.376Z
+tags: 
+editor: markdown
+dateCreated: 2026-02-15T01:44:15.683Z
+---
+
+# MXroute Incoming Mail to Mailcow
+
+## Overview
+Configuration guide for using MXroute to receive incoming mail for your domains and forward to your Mailcow server.
+
+---
+
+## Architecture
+
+```
+Incoming: Internet → MXroute → Mailcow subdomain → Alias → Mailbox
+Outgoing: Mailbox → Mailcow → MXroute relay → Internet
+```
+
+This setup allows MXroute to handle incoming mail filtering, spam protection, and then forward clean mail to your Mailcow server. Users send and receive using clean `@yourdomain.com` addresses.
+
+### Address Structure Explained
+
+**What users see (clean addresses):**
+- `john@yourdomain.com`
+- `jane@yourdomain.com`
+
+**What happens behind the scenes:**
+- Mailboxes actually exist as `john@mail.yourdomain.com`
+- Aliases in Mailcow map `john@yourdomain.com` → `john@mail.yourdomain.com`
+- MXroute forwards to `john@mail.yourdomain.com`
+- Users send FROM `john@yourdomain.com` (configured as default sender)
+- **Users login with `john@yourdomain.com`** (Dovecot auth configured to accept aliases)
+
+**Benefits:**
+- **100% transparent to users** - they only ever see/use `@yourdomain.com`
+- Clean, professional email addresses
+- Easier for users to remember and communicate
+- No confusion about which address to use
+
+---
+
+## MXroute Configuration
+
+### 1. Add Domain to MXroute
+
+1. Log into MXroute DirectAdmin panel
+2. Navigate to **Email Accounts** → **Email Domains**
+3. Add your domain (e.g., `yourdomain.com`)
+
+### 2. Create Catch-All Forwarder
+
+1. Navigate to **Email Accounts** → **Forwarders**
+2. Create catch-all forwarder:
+   - **Email Address:** `*@yourdomain.com`
+   - **Forward To:** `@mail.yourdomain.com`
+3. This forwards all mail to your Mailcow server, preserving the username
+
+**How it works:**
+- Mail to `john@yourdomain.com` → forwarded to `john@mail.yourdomain.com`
+- Mail to `jane@yourdomain.com` → forwarded to `jane@mail.yourdomain.com`
+
+---
+
+## DNS Configuration
+
+### Update MX Records
+
+Point your domain's MX records to MXroute servers:
+
+```
+yourdomain.com → MX 10 arrow.mxroute.com
+yourdomain.com → MX 20 eagle.mxroute.com
+```
+
+**Note:** Check your MXroute account for the correct server hostnames (arrow, eagle, hermes, etc.)
+
+### SPF Record
+
+Update SPF to allow MXroute to send on your behalf:
+
+```
+v=spf1 include:mxroute.com -all
+```
+
+If you also send from Mailcow directly:
+```
+v=spf1 ip4:192.168.5.16 include:mxroute.com -all
+```
+
+### DKIM Records
+
+1. Generate DKIM key in MXroute DirectAdmin:
+   - Navigate to **Email Authentication** → **DKIM Keys**
+   - Generate key for your domain
+   - Copy the DNS record
+
+2. Add DKIM TXT record to your DNS:
+   ```
+   default._domainkey.yourdomain.com → [MXroute DKIM public key]
+   ```
+
+### DMARC Record
+
+```
+_dmarc.yourdomain.com → v=DMARC1; p=quarantine; rua=mailto:admin@yourdomain.com
+```
+
+**Note:** Start with `p=quarantine` for testing, then move to `p=reject` once confirmed working.
+
+---
+
+## Mailcow Configuration
+
+### 1. Add Domain
+
+Add `mail.yourdomain.com` as a domain in Mailcow:
+
+1. Navigate to Mailcow admin → **Configuration** → **Mail setup** → **Domains**
+2. Add domain: `mail.yourdomain.com`
+3. Configure as needed
+
+### 2. Create Mailboxes
+
+Create mailboxes using the subdomain:
+
+1. Navigate to **Mailboxes**
+2. Create mailbox: `john@mail.yourdomain.com`
+3. Set password and quota
+4. Repeat for each user
+
+### 3. Create Aliases for Clean Addresses
+
+For each mailbox, create an alias so users can use clean `@yourdomain.com` addresses:
+
+1. Navigate to **Configuration** → **Mail setup** → **Aliases**
+2. Create alias:
+   - **Alias:** `john@yourdomain.com`
+   - **Destination:** `john@mail.yourdomain.com`
+3. Repeat for each user
+
+**Alternative: Alias Domain (Easier for Multiple Users)**
+
+1. Navigate to **Configuration** → **Mail setup** → **Alias Domains**
+2. Add alias domain: `yourdomain.com` → aliases to → `mail.yourdomain.com`
+3. This automatically creates aliases for ALL mailboxes:
+   - `john@yourdomain.com` → `john@mail.yourdomain.com`
+   - `jane@yourdomain.com` → `jane@mail.yourdomain.com`
+
+### 4. Configure Default Sender Address
+
+Set users to send FROM their clean address by default:
+
+**Method 1: Per-Mailbox Settings**
+1. Edit each mailbox in Mailcow
+2. Under **Sender addresses**, add `john@yourdomain.com`
+3. Set as default sender address
+
+**Method 2: SOGo Webmail**
+Users can configure in SOGo:
+1. Log into webmail
+2. Settings → Mail → Accounts
+3. Set "From" address to `john@yourdomain.com`
+
+**Method 3: Email Client**
+Configure email client (Thunderbird, Outlook, etc.):
+- Identity name: `john@yourdomain.com`
+- Reply-to: `john@yourdomain.com`
+- SMTP still authenticates as `john@mail.yourdomain.com`
+
+### 5. Enable Login with Alias Addresses (Make Transparent to Users)
+
+Allow users to login with `john@yourdomain.com` instead of `john@mail.yourdomain.com`:
+
+1. SSH into your Mailcow server
+2. Edit the Dovecot configuration:
+   ```bash
+   cd /opt/mailcow-dockerized
+   nano data/conf/dovecot/extra.cf
+   ```
+
+3. Add the following line:
+   ```
+   auth_username_format = %Ln@%Ld
+   ```
+
+4. Restart Dovecot:
+   ```bash
+   docker-compose restart dovecot-mailcow
+   ```
+
+**Alternative method - Edit via Mailcow UI:**
+1. Navigate to **System** → **Configuration** → **Configuration & Details**
+2. Under **Dovecot**, add custom config
+3. Add: `auth_username_format = %Ln@%Ld`
+
+**Result:** Users can now login with EITHER address:
+- `john@yourdomain.com` ✓
+- `john@mail.yourdomain.com` ✓
+
+Both will work for IMAP, SMTP, and webmail authentication.
+
+### 6. Allow MXroute IP Addresses
+
+Add MXroute server IPs to Mailcow's trusted networks to skip spam filtering:
+
+1. Navigate to **Configuration** → **Configuration & Details** → **Options**
+2. Under **mynetworks**, add MXroute IPs
+3. Or edit via command line in `data/conf/postfix/extra.cf`:
+   ```
+   mynetworks = 127.0.0.0/8 [::1]/128 192.168.0.0/16 [MXroute IPs]
+   ```
+
+### 7. Disable Greylisting for MXroute (Optional)
+
+If you experience delays:
+
+1. Navigate to **Configuration** → **Configuration & Details**
+2. Find your domain
+3. Under **Greylisting**, add MXroute IPs to whitelist
+
+---
+
+## Testing
+
+### 1. Test Mail Flow
+
+Send test email from external provider (Gmail, Outlook):
+```
+From: test@gmail.com
+To: john@yourdomain.com
+```
+
+**Expected Flow:**
+1. Mail arrives at MXroute for `john@yourdomain.com`
+2. MXroute forwards to `john@mail.yourdomain.com`
+3. Mailcow receives at `john@mail.yourdomain.com`
+4. Mailcow alias delivers to `john@mail.yourdomain.com` mailbox
+5. Mail appears in John's inbox
+
+### 2. Test Reply
+
+Have John reply to a message:
+
+**Expected behavior:**
+- Reply FROM: `john@yourdomain.com` (clean address)
+- Reply goes through Mailcow → MXroute relay → Internet
+
+### 3. Check Headers
+
+Review email headers in Mailcow to verify:
+- `Received:` headers show MXroute server
+- `To:` shows `john@yourdomain.com`
+- `Delivered-To:` shows `john@mail.yourdomain.com`
+- SPF, DKIM, DMARC all pass
+- No spam flags
+
+### 3. Monitor Logs
+
+**MXroute Logs:**
+- Check DirectAdmin → Email Logs
+- Verify forwarding is occurring
+
+**Mailcow Logs:**
+```bash
+docker-compose logs -f postfix-mailcow
+```
+
+Look for incoming connections from MXroute IPs.
+
+---
+
+## Example Configuration: gnarlypandaproductions.com
+
+### Mailcow Setup
+**Domain:** `mail.gnarlypandaproductions.com`
+
+**Mailboxes:**
+- `admin@mail.gnarlypandaproductions.com`
+- `contact@mail.gnarlypandaproductions.com`
+- `info@mail.gnarlypandaproductions.com`
+
+**Alias Domain:**
+`gnarlypandaproductions.com` → aliases to → `mail.gnarlypandaproductions.com`
+
+This automatically creates:
+- `admin@gnarlypandaproductions.com` → `admin@mail.gnarlypandaproductions.com`
+- `contact@gnarlypandaproductions.com` → `contact@mail.gnarlypandaproductions.com`
+- `info@gnarlypandaproductions.com` → `info@mail.gnarlypandaproductions.com`
+
+### MXroute Setup
+**Catch-all Forwarder:**
+```
+*@gnarlypandaproductions.com → @mail.gnarlypandaproductions.com
+```
+
+### DNS Records
+| Record Type | Name | Value |
+|-------------|------|-------|
+| MX | @ | 10 arrow.mxroute.com |
+| MX | @ | 20 eagle.mxroute.com |
+| A | mail | 192.168.5.16 |
+| TXT | @ | v=spf1 ip4:192.168.5.16 include:mxroute.com -all |
+| TXT | _dmarc | v=DMARC1; p=reject; rua=mailto:admin@gnarlypandaproductions.com |
+| TXT | default._domainkey | [MXroute DKIM key] |
+
+### User Experience
+**Users use clean addresses for EVERYTHING (completely transparent):**
+- Send FROM: `admin@gnarlypandaproductions.com`
+- Receive AT: `admin@gnarlypandaproductions.com`
+- Login with: `admin@gnarlypandaproductions.com` (and password)
+- SMTP/IMAP Server: `mail.gnarlypandaproductions.com`
+
+**Users never need to know about the `mail.` subdomain!**
+
+---
+
+## Troubleshooting
+
+### Mail Not Being Forwarded
+
+1. **Check MXroute forwarder configuration**
+   - Verify forwarder exists in DirectAdmin
+   - Check destination address is correct
+   - Review MXroute email logs
+
+2. **Verify DNS propagation**
+   ```bash
+   dig MX yourdomain.com
+   dig TXT yourdomain.com
+   ```
+
+3. **Check Mailcow firewall**
+   - Ensure port 25 is open
+   - Verify MXroute IPs aren't blocked
+
+### SPF/DKIM Failures
+
+1. **SPF not passing**
+   - Verify `include:mxroute.com` in SPF record
+   - Check for typos in SPF syntax
+   - Use SPF checker: https://mxtoolbox.com/spf.aspx
+
+2. **DKIM not passing**
+   - Confirm DKIM record published in DNS
+   - Verify selector matches (usually `default`)
+   - Check DKIM record format (no spaces in key)
+
+### Mail Delayed or Bouncing
+
+1. **Greylisting delays**
+   - Disable greylisting in Mailcow for MXroute IPs
+   - Or wait 5-15 minutes for retry
+
+2. **Mailbox full**
+   - Check quota in Mailcow
+   - Increase quota or clean mailbox
+
+3. **Spam filtering**
+   - Check Mailcow spam folder
+   - Whitelist MXroute IPs in Rspamd
+
+---
+
+## MXroute Server Information
+
+### Common MXroute Mail Servers
+- arrow.mxroute.com
+- eagle.mxroute.com  
+- hermes.mxroute.com
+- zen.mxroute.com
+
+**Your assigned server:** Check MXroute DirectAdmin welcome email or DNS settings
+
+### MXroute IP Ranges
+Consult MXroute documentation for current IP ranges to whitelist in Mailcow.
+
+---
+
+## Advantages of This Setup
+
+- **Spam filtering:** MXroute handles initial spam filtering
+- **DDoS protection:** MXroute absorbs mail-based attacks
+- **Reliability:** If Mailcow is down, mail queues at MXroute
+- **Deliverability:** MXroute IPs have good reputation
+- **Offload processing:** Reduces load on your Mailcow server
+
+---
+
+## References
+
+- [MXroute Documentation](https://mxroutedocs.com/)
+- [Mailcow Documentation](https://docs.mailcow.email/)
+- [Email Forwarding Best Practices](https://www.rfc-editor.org/rfc/rfc5321)