traveler/Netgrimoire
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Netgrimoire/mxroute-mailcow.md
Administrator a2643cd07d docs: update mxroute-mailcow
2026-02-15 02:33:46 +00:00

11 KiB
Raw Blame History

title description published date tags editor dateCreated
Recieving Mail thru MXRoute Trusted receiver true 2026-02-15T02:33:37.376Z markdown 2026-02-15T01:44:15.683Z

MXroute Incoming Mail to Mailcow

Overview

Configuration guide for using MXroute to receive incoming mail for your domains and forward to your Mailcow server.

Architecture

Incoming: Internet → MXroute → Mailcow subdomain → Alias → Mailbox
Outgoing: Mailbox → Mailcow → MXroute relay → Internet

This setup allows MXroute to handle incoming mail filtering, spam protection, and then forward clean mail to your Mailcow server. Users send and receive using clean @yourdomain.com addresses.

Address Structure Explained

What users see (clean addresses):

  • john@yourdomain.com
  • jane@yourdomain.com

What happens behind the scenes:

  • Mailboxes actually exist as john@mail.yourdomain.com
  • Aliases in Mailcow map john@yourdomain.comjohn@mail.yourdomain.com
  • MXroute forwards to john@mail.yourdomain.com
  • Users send FROM john@yourdomain.com (configured as default sender)
  • Users login with john@yourdomain.com (Dovecot auth configured to accept aliases)

Benefits:

  • 100% transparent to users - they only ever see/use @yourdomain.com
  • Clean, professional email addresses
  • Easier for users to remember and communicate
  • No confusion about which address to use

MXroute Configuration

1. Add Domain to MXroute

  1. Log into MXroute DirectAdmin panel
  2. Navigate to Email AccountsEmail Domains
  3. Add your domain (e.g., yourdomain.com)

2. Create Catch-All Forwarder

  1. Navigate to Email AccountsForwarders
  2. Create catch-all forwarder:
    • Email Address: *@yourdomain.com
    • Forward To: @mail.yourdomain.com
  3. This forwards all mail to your Mailcow server, preserving the username

How it works:

  • Mail to john@yourdomain.com → forwarded to john@mail.yourdomain.com
  • Mail to jane@yourdomain.com → forwarded to jane@mail.yourdomain.com

DNS Configuration

Update MX Records

Point your domain's MX records to MXroute servers:

yourdomain.com → MX 10 arrow.mxroute.com
yourdomain.com → MX 20 eagle.mxroute.com

Note: Check your MXroute account for the correct server hostnames (arrow, eagle, hermes, etc.)

SPF Record

Update SPF to allow MXroute to send on your behalf:

v=spf1 include:mxroute.com -all

If you also send from Mailcow directly:

v=spf1 ip4:192.168.5.16 include:mxroute.com -all

DKIM Records

  1. Generate DKIM key in MXroute DirectAdmin:

    • Navigate to Email AuthenticationDKIM Keys
    • Generate key for your domain
    • Copy the DNS record

  2. Add DKIM TXT record to your DNS:

    default._domainkey.yourdomain.com → [MXroute DKIM public key]

DMARC Record

_dmarc.yourdomain.com → v=DMARC1; p=quarantine; rua=mailto:admin@yourdomain.com

Note: Start with p=quarantine for testing, then move to p=reject once confirmed working.

Mailcow Configuration

1. Add Domain

Add mail.yourdomain.com as a domain in Mailcow:

  1. Navigate to Mailcow admin → ConfigurationMail setupDomains
  2. Add domain: mail.yourdomain.com
  3. Configure as needed

2. Create Mailboxes

Create mailboxes using the subdomain:

  1. Navigate to Mailboxes
  2. Create mailbox: john@mail.yourdomain.com
  3. Set password and quota
  4. Repeat for each user

3. Create Aliases for Clean Addresses

For each mailbox, create an alias so users can use clean @yourdomain.com addresses:

  1. Navigate to ConfigurationMail setupAliases
  2. Create alias:
    • Alias: john@yourdomain.com
    • Destination: john@mail.yourdomain.com
  3. Repeat for each user

Alternative: Alias Domain (Easier for Multiple Users)

  1. Navigate to ConfigurationMail setupAlias Domains
  2. Add alias domain: yourdomain.com → aliases to → mail.yourdomain.com
  3. This automatically creates aliases for ALL mailboxes:
    • john@yourdomain.comjohn@mail.yourdomain.com
    • jane@yourdomain.comjane@mail.yourdomain.com

4. Configure Default Sender Address

Set users to send FROM their clean address by default:

Method 1: Per-Mailbox Settings

  1. Edit each mailbox in Mailcow
  2. Under Sender addresses, add john@yourdomain.com
  3. Set as default sender address

Method 2: SOGo Webmail Users can configure in SOGo:

  1. Log into webmail
  2. Settings → Mail → Accounts
  3. Set "From" address to john@yourdomain.com

Method 3: Email Client Configure email client (Thunderbird, Outlook, etc.):

  • Identity name: john@yourdomain.com
  • Reply-to: john@yourdomain.com
  • SMTP still authenticates as john@mail.yourdomain.com

5. Enable Login with Alias Addresses (Make Transparent to Users)

Allow users to login with john@yourdomain.com instead of john@mail.yourdomain.com:

  1. SSH into your Mailcow server

  2. Edit the Dovecot configuration:

    cd /opt/mailcow-dockerized
nano data/conf/dovecot/extra.cf

  3. Add the following line:

    auth_username_format = %Ln@%Ld

  4. Restart Dovecot:

    docker-compose restart dovecot-mailcow

Alternative method - Edit via Mailcow UI:

  1. Navigate to SystemConfigurationConfiguration & Details
  2. Under Dovecot, add custom config
  3. Add: auth_username_format = %Ln@%Ld

Result: Users can now login with EITHER address:

  • john@yourdomain.com
  • john@mail.yourdomain.com

Both will work for IMAP, SMTP, and webmail authentication.

6. Allow MXroute IP Addresses

Add MXroute server IPs to Mailcow's trusted networks to skip spam filtering:

  1. Navigate to ConfigurationConfiguration & DetailsOptions
  2. Under mynetworks, add MXroute IPs
  3. Or edit via command line in data/conf/postfix/extra.cf: 
    mynetworks = 127.0.0.0/8 [::1]/128 192.168.0.0/16 [MXroute IPs]

7. Disable Greylisting for MXroute (Optional)

If you experience delays:

  1. Navigate to ConfigurationConfiguration & Details
  2. Find your domain
  3. Under Greylisting, add MXroute IPs to whitelist

Testing

1. Test Mail Flow

Send test email from external provider (Gmail, Outlook):

From: test@gmail.com
To: john@yourdomain.com

Expected Flow:

  1. Mail arrives at MXroute for john@yourdomain.com
  2. MXroute forwards to john@mail.yourdomain.com
  3. Mailcow receives at john@mail.yourdomain.com
  4. Mailcow alias delivers to john@mail.yourdomain.com mailbox
  5. Mail appears in John's inbox

2. Test Reply

Have John reply to a message:

Expected behavior:

  • Reply FROM: john@yourdomain.com (clean address)
  • Reply goes through Mailcow → MXroute relay → Internet

3. Check Headers

Review email headers in Mailcow to verify:

  • Received: headers show MXroute server
  • To: shows john@yourdomain.com
  • Delivered-To: shows john@mail.yourdomain.com
  • SPF, DKIM, DMARC all pass
  • No spam flags

3. Monitor Logs

MXroute Logs:

  • Check DirectAdmin → Email Logs
  • Verify forwarding is occurring

Mailcow Logs:

docker-compose logs -f postfix-mailcow

Look for incoming connections from MXroute IPs.

Example Configuration: gnarlypandaproductions.com

Mailcow Setup

Domain: mail.gnarlypandaproductions.com

Mailboxes:

  • admin@mail.gnarlypandaproductions.com
  • contact@mail.gnarlypandaproductions.com
  • info@mail.gnarlypandaproductions.com

Alias Domain: gnarlypandaproductions.com → aliases to → mail.gnarlypandaproductions.com

This automatically creates:

  • admin@gnarlypandaproductions.comadmin@mail.gnarlypandaproductions.com
  • contact@gnarlypandaproductions.comcontact@mail.gnarlypandaproductions.com
  • info@gnarlypandaproductions.cominfo@mail.gnarlypandaproductions.com

MXroute Setup

Catch-all Forwarder:

*@gnarlypandaproductions.com → @mail.gnarlypandaproductions.com

DNS Records

Record Type Name Value
MX @ 10 arrow.mxroute.com
MX @ 20 eagle.mxroute.com
A mail 192.168.5.16
TXT @ v=spf1 ip4:192.168.5.16 include:mxroute.com -all
TXT _dmarc v=DMARC1; p=reject; rua=mailto:admin@gnarlypandaproductions.com
TXT default._domainkey [MXroute DKIM key]

User Experience

Users use clean addresses for EVERYTHING (completely transparent):

  • Send FROM: admin@gnarlypandaproductions.com
  • Receive AT: admin@gnarlypandaproductions.com
  • Login with: admin@gnarlypandaproductions.com (and password)
  • SMTP/IMAP Server: mail.gnarlypandaproductions.com

Users never need to know about the mail. subdomain!

Troubleshooting

Mail Not Being Forwarded

  1. Check MXroute forwarder configuration

    • Verify forwarder exists in DirectAdmin
    • Check destination address is correct
    • Review MXroute email logs

  2. Verify DNS propagation

    dig MX yourdomain.com
dig TXT yourdomain.com

  3. Check Mailcow firewall

    • Ensure port 25 is open
    • Verify MXroute IPs aren't blocked

SPF/DKIM Failures

  1. SPF not passing

  2. DKIM not passing

    • Confirm DKIM record published in DNS
    • Verify selector matches (usually default)
    • Check DKIM record format (no spaces in key)

Mail Delayed or Bouncing

  1. Greylisting delays

    • Disable greylisting in Mailcow for MXroute IPs
    • Or wait 5-15 minutes for retry

  2. Mailbox full

    • Check quota in Mailcow
    • Increase quota or clean mailbox

  3. Spam filtering

    • Check Mailcow spam folder
    • Whitelist MXroute IPs in Rspamd

MXroute Server Information

Common MXroute Mail Servers

  • arrow.mxroute.com
  • eagle.mxroute.com
  • hermes.mxroute.com
  • zen.mxroute.com

Your assigned server: Check MXroute DirectAdmin welcome email or DNS settings

MXroute IP Ranges

Consult MXroute documentation for current IP ranges to whitelist in Mailcow.

Advantages of This Setup

  • Spam filtering: MXroute handles initial spam filtering
  • DDoS protection: MXroute absorbs mail-based attacks
  • Reliability: If Mailcow is down, mail queues at MXroute
  • Deliverability: MXroute IPs have good reputation
  • Offload processing: Reduces load on your Mailcow server

References