docs: update mxroute-mailcow

2026-02-15 02:33:46 +00:00 · 2026-02-15 02:33:46 +00:00 · a2643cd07d
commit a2643cd07d
parent a153c1b294
1 changed files with 168 additions and 40 deletions
--- a/mxroute-mailcow.md
+++ b/mxroute-mailcow.md
@ -2,7 +2,7 @@
 title: Recieving Mail thru MXRoute
 description: Trusted receiver
 published: true
-date: 2026-02-15T01:44:15.683Z
+date: 2026-02-15T02:33:37.376Z
 tags: 
 editor: markdown
 dateCreated: 2026-02-15T01:44:15.683Z
@ -18,10 +18,30 @@ Configuration guide for using MXroute to receive incoming mail for your domains
 ## Architecture

 ```
-Internet → MXroute (receives) → Mailcow (delivers)
+Incoming: Internet → MXroute → Mailcow subdomain → Alias → Mailbox
+Outgoing: Mailbox → Mailcow → MXroute relay → Internet
 ```

-This setup allows MXroute to handle incoming mail filtering, spam protection, and then forward clean mail to your Mailcow server.
+This setup allows MXroute to handle incoming mail filtering, spam protection, and then forward clean mail to your Mailcow server. Users send and receive using clean `@yourdomain.com` addresses.
+
+### Address Structure Explained
+
+**What users see (clean addresses):**
+- `john@yourdomain.com`
+- `jane@yourdomain.com`
+
+**What happens behind the scenes:**
+- Mailboxes actually exist as `john@mail.yourdomain.com`
+- Aliases in Mailcow map `john@yourdomain.com` → `john@mail.yourdomain.com`
+- MXroute forwards to `john@mail.yourdomain.com`
+- Users send FROM `john@yourdomain.com` (configured as default sender)
+- **Users login with `john@yourdomain.com`** (Dovecot auth configured to accept aliases)
+
+**Benefits:**
+- **100% transparent to users** - they only ever see/use `@yourdomain.com`
+- Clean, professional email addresses
+- Easier for users to remember and communicate
+- No confusion about which address to use

 ---

@ -33,19 +53,17 @@ This setup allows MXroute to handle incoming mail filtering, spam protection, an
 2. Navigate to **Email Accounts** → **Email Domains**
 3. Add your domain (e.g., `yourdomain.com`)

-### 2. Create Forwarder Accounts
-
-For each mailbox you want to receive mail:
+### 2. Create Catch-All Forwarder

 1. Navigate to **Email Accounts** → **Forwarders**
-2. Create forwarder:
-   - **Email Address:** user@yourdomain.com
-   - **Forward To:** user@mail.yourdomain.com (your Mailcow server)
-3. Enable **Discard if no forwarders exist** (optional, prevents bounces)
+2. Create catch-all forwarder:
+   - **Email Address:** `*@yourdomain.com`
+   - **Forward To:** `@mail.yourdomain.com`
+3. This forwards all mail to your Mailcow server, preserving the username

-**Alternative: Catch-all Forwarder**
- Create a catch-all forwarder: `*@yourdomain.com` → `@mail.yourdomain.com`
- This forwards all mail to Mailcow regardless of recipient
+**How it works:**
+- Mail to `john@yourdomain.com` → forwarded to `john@mail.yourdomain.com`
+- Mail to `jane@yourdomain.com` → forwarded to `jane@mail.yourdomain.com`

 ---

@ -99,38 +117,112 @@ _dmarc.yourdomain.com → v=DMARC1; p=quarantine; rua=mailto:admin@yourdomain.co

 ## Mailcow Configuration

-### 1. Allow MXroute IP Addresses
+### 1. Add Domain

-Add MXroute server IPs to Mailcow's trusted networks:
+Add `mail.yourdomain.com` as a domain in Mailcow:
+
+1. Navigate to Mailcow admin → **Configuration** → **Mail setup** → **Domains**
+2. Add domain: `mail.yourdomain.com`
+3. Configure as needed
+
+### 2. Create Mailboxes
+
+Create mailboxes using the subdomain:
+
+1. Navigate to **Mailboxes**
+2. Create mailbox: `john@mail.yourdomain.com`
+3. Set password and quota
+4. Repeat for each user
+
+### 3. Create Aliases for Clean Addresses
+
+For each mailbox, create an alias so users can use clean `@yourdomain.com` addresses:
+
+1. Navigate to **Configuration** → **Mail setup** → **Aliases**
+2. Create alias:
+   - **Alias:** `john@yourdomain.com`
+   - **Destination:** `john@mail.yourdomain.com`
+3. Repeat for each user
+
+**Alternative: Alias Domain (Easier for Multiple Users)**
+
+1. Navigate to **Configuration** → **Mail setup** → **Alias Domains**
+2. Add alias domain: `yourdomain.com` → aliases to → `mail.yourdomain.com`
+3. This automatically creates aliases for ALL mailboxes:
+   - `john@yourdomain.com` → `john@mail.yourdomain.com`
+   - `jane@yourdomain.com` → `jane@mail.yourdomain.com`
+
+### 4. Configure Default Sender Address
+
+Set users to send FROM their clean address by default:
+
+**Method 1: Per-Mailbox Settings**
+1. Edit each mailbox in Mailcow
+2. Under **Sender addresses**, add `john@yourdomain.com`
+3. Set as default sender address
+
+**Method 2: SOGo Webmail**
+Users can configure in SOGo:
+1. Log into webmail
+2. Settings → Mail → Accounts
+3. Set "From" address to `john@yourdomain.com`
+
+**Method 3: Email Client**
+Configure email client (Thunderbird, Outlook, etc.):
+- Identity name: `john@yourdomain.com`
+- Reply-to: `john@yourdomain.com`
+- SMTP still authenticates as `john@mail.yourdomain.com`
+
+### 5. Enable Login with Alias Addresses (Make Transparent to Users)
+
+Allow users to login with `john@yourdomain.com` instead of `john@mail.yourdomain.com`:

 1. SSH into your Mailcow server
-2. Edit `mailcow.conf`:
+2. Edit the Dovecot configuration:
   ```bash
-   nano /opt/mailcow-dockerized/mailcow.conf
+   cd /opt/mailcow-dockerized
+   nano data/conf/dovecot/extra.cf
   ```

-3. Add MXroute IPs to `SKIP_CLAMD` or trusted networks
-4. Restart Mailcow:
-   ```bash
-   docker-compose down
-   docker-compose up -d
+3. Add the following line:
+   ```
+   auth_username_format = %Ln@%Ld
   ```

-### 2. Configure Mailboxes
+4. Restart Dovecot:
+   ```bash
+   docker-compose restart dovecot-mailcow
+   ```

-Create mailboxes in Mailcow for each user:
+**Alternative method - Edit via Mailcow UI:**
+1. Navigate to **System** → **Configuration** → **Configuration & Details**
+2. Under **Dovecot**, add custom config
+3. Add: `auth_username_format = %Ln@%Ld`

-1. Navigate to Mailcow admin → **Mailboxes**
-2. Create mailbox: `user@yourdomain.com`
-3. Set password and quota
+**Result:** Users can now login with EITHER address:
+- `john@yourdomain.com` ✓
+- `john@mail.yourdomain.com` ✓

-### 3. Disable Greylisting (Optional)
+Both will work for IMAP, SMTP, and webmail authentication.
+
+### 6. Allow MXroute IP Addresses
+
+Add MXroute server IPs to Mailcow's trusted networks to skip spam filtering:
+
+1. Navigate to **Configuration** → **Configuration & Details** → **Options**
+2. Under **mynetworks**, add MXroute IPs
+3. Or edit via command line in `data/conf/postfix/extra.cf`:
+   ```
+   mynetworks = 127.0.0.0/8 [::1]/128 192.168.0.0/16 [MXroute IPs]
+   ```
+
+### 7. Disable Greylisting for MXroute (Optional)

 If you experience delays:

 1. Navigate to **Configuration** → **Configuration & Details**
 2. Find your domain
-3. Disable greylisting for MXroute IPs
+3. Under **Greylisting**, add MXroute IPs to whitelist

 ---

@ -141,18 +233,30 @@ If you experience delays:
 Send test email from external provider (Gmail, Outlook):
 ```
 From: test@gmail.com
-To: user@yourdomain.com
+To: john@yourdomain.com
 ```

 **Expected Flow:**
-1. Mail arrives at MXroute
-2. MXroute forwards to Mailcow
-3. Mail appears in Mailcow inbox
+1. Mail arrives at MXroute for `john@yourdomain.com`
+2. MXroute forwards to `john@mail.yourdomain.com`
+3. Mailcow receives at `john@mail.yourdomain.com`
+4. Mailcow alias delivers to `john@mail.yourdomain.com` mailbox
+5. Mail appears in John's inbox

-### 2. Check Headers
+### 2. Test Reply
+
+Have John reply to a message:
+
+**Expected behavior:**
+- Reply FROM: `john@yourdomain.com` (clean address)
+- Reply goes through Mailcow → MXroute relay → Internet
+
+### 3. Check Headers

 Review email headers in Mailcow to verify:
 - `Received:` headers show MXroute server
+- `To:` shows `john@yourdomain.com`
+- `Delivered-To:` shows `john@mail.yourdomain.com`
 - SPF, DKIM, DMARC all pass
 - No spam flags

@ -173,12 +277,27 @@ Look for incoming connections from MXroute IPs.

 ## Example Configuration: gnarlypandaproductions.com

-### MXroute Forwarders
-| MXroute Address | Forwards To |
-|-----------------|-------------|
-| admin@gnarlypandaproductions.com | admin@mail.gnarlypandaproductions.com |
-| contact@gnarlypandaproductions.com | contact@mail.gnarlypandaproductions.com |
-| *@gnarlypandaproductions.com | @mail.gnarlypandaproductions.com |
+### Mailcow Setup
+**Domain:** `mail.gnarlypandaproductions.com`
+
+**Mailboxes:**
+- `admin@mail.gnarlypandaproductions.com`
+- `contact@mail.gnarlypandaproductions.com`
+- `info@mail.gnarlypandaproductions.com`
+
+**Alias Domain:**
+`gnarlypandaproductions.com` → aliases to → `mail.gnarlypandaproductions.com`
+
+This automatically creates:
+- `admin@gnarlypandaproductions.com` → `admin@mail.gnarlypandaproductions.com`
+- `contact@gnarlypandaproductions.com` → `contact@mail.gnarlypandaproductions.com`
+- `info@gnarlypandaproductions.com` → `info@mail.gnarlypandaproductions.com`
+
+### MXroute Setup
+**Catch-all Forwarder:**
+```
+*@gnarlypandaproductions.com → @mail.gnarlypandaproductions.com
+```

 ### DNS Records
 | Record Type | Name | Value |
@ -190,6 +309,15 @@ Look for incoming connections from MXroute IPs.
 | TXT | _dmarc | v=DMARC1; p=reject; rua=mailto:admin@gnarlypandaproductions.com |
 | TXT | default._domainkey | [MXroute DKIM key] |

+### User Experience
+**Users use clean addresses for EVERYTHING (completely transparent):**
+- Send FROM: `admin@gnarlypandaproductions.com`
+- Receive AT: `admin@gnarlypandaproductions.com`
+- Login with: `admin@gnarlypandaproductions.com` (and password)
+- SMTP/IMAP Server: `mail.gnarlypandaproductions.com`
+
+**Users never need to know about the `mail.` subdomain!**
+
 ---

 ## Troubleshooting