In this guide, we\u2019ll show how to install Modoboa on an UpCloud Cloud Server running Ubuntu 18.04 but the instructions can be easily adapted to other operating systems as well.<\/p>\n\n\n\n
Prerequisites<\/h2>\n\n\n\n
Modoboa can be installed on multiple different operating systems and a wide variety of configurations. However, it does have some requirements you should be aware of:<\/p>\n\n\n\n
- \n
- First, you will need to deploy a clean instance of a cloud server with minimum system requirements of at least 2 GB RAM, 2 CPU cores, and 10 GB of storage.<\/li>\n\n\n\n
- Operating System:<\/b> Debian 8 \u2013 10 \/ Ubuntu 14.04 & Higher \/ CentOS 7<\/li>\n\n\n\n
- Make sure Port 25 is not blocked<\/b>: The port 25 is used for communication between mail servers and it is blocked by default for new users on UpCloud. The port 25 n<\/a>e<\/a>eds to be open<\/a>, otherwise, your server may be not able to receive or\/and send emails.<\/li>\n<\/ul>\n\n\n\n
Note that you don\u2019t need to register a new domain, you can use any existing one. Just make sure you are creating a new DNS Domain entry and the following DNS records exist for your domain. We will be using the domain name \u2018example.com\u2019 as an example, replace it with your own where applicable.<\/p>\n\n\n\n
mail IN A
IN MX mail.example.com.<\/p>\n\n\n\nYou can find out more about how to manage your DNS records in our guide on domain name systems.<\/a><\/p>\n\n\n\n
This is a live example of the DNS records:<\/i><\/p>\n\n\n\n
![\"Live](\"https:\/\/upcloud.com\/media\/1.-Live-example-of-the-DNS-records.png\")
<\/figure>\n\n\n\nLastly, make sure your reverse DNS is set on your email server\u2019s IP address e.g. mail.example.com.<\/p>\n\n\n\n
You can change the reverse DNS name by visiting your UpCloud Control Panel<\/a>. Navigate to the Network<\/em> section under your Cloud Server settings, and click the pencil icon to edit the Reverse DNS Name<\/i> of your public IP address:<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/2.-Change-Reverse-DNS-In-Upcloud-e1607718495467.png\")
<\/figure>\n\n\n\n\nTest hosting on UpCloud!<\/a><\/div>\n<\/div>\n\n\n\nStep 1: Setting Up Modoboa Configuration Installer<\/h2>\n\n\n\n
We will be using the Modoboa installer for the mail server setup. To be able to use it, first, make sure you have Python installed as Modoboa is written in Python. We\u2019ll also need the git utility, so install that at the same time if not already present on your system.<\/p>\n\n\n\n
sudo apt update\nsudo apt install python-virtualenv python-pip git -y<\/pre>\n\n\n\n
Once Python and git are installed and ready, download the modoboa-installer script from its GitHub repository:<\/p>\n\n\n\n
git clone https:\/\/github.com\/modoboa\/modoboa-installer<\/pre>\n\n\n\n
Next, change the directory into the script folder:<\/p>\n\n\n\n
cd modoboa-installer<\/pre>\n\n\n\n
You can customize the configuration before running the installer. Use the following command to generate a new configuration file.<\/p>\n\n\n\n
sudo .\/run.py --stop-after-configfile-check example.com<\/span>\nWelcome to Modoboa installer!\nConfiguration file installer.cfg not found, creating new one.<\/pre>\n\n\n\nThen open the new config file in a text editor.<\/p>\n\n\n\n
sudo nano installer.cfg<\/pre>\n\n\n\n
You can automatically generate a valid SSL certificate for your mail domain using Let\u2019s Encrypt by changing the type under certificate<\/em> from self-signed<\/em> to letsencrypt.<\/em> You should also set your email address which is used for account recovery and other information.<\/p>\n\n\n\n
[certificate]\ngenerate = true\ntype = letsencrypt<\/span>\n\n<\/pre>\n\n\n[letsencrypt]<\/p>\n\n\n\n
\nemail = mail@example.com<\/span><\/p>\n\n\n\n
Modoboa uses Postgres by default. However, if you prefer MariaDB, change the engine in the database section to mysql.<\/p>\n\n\n\n
[database]\nengine = mysql<\/span>\nhost = 127.0.0.1\ninstall = true<\/pre>\n\n\n\nOnce you are done with the setting, press CTRL + X, and Y, and Enter to save and exit.<\/p>\n\n\n\n
Lastly, check your hostname using hostnamectl.<\/i> Make sure it matches your MX record value, e.g. mail.example.com.<\/p>\n\n\n\n
sudo hostnamectl\n Static hostname: mail.example.com\n Icon name: computer-vm\n Chassis: vm\n Machine ID: 00650ba6576b432c8ee995979b224ca7\n Boot ID: c22f9c1e5b1a4c00a3a26d25c34dddc5\n Virtualization: kvm\n Operating System: Ubuntu 18.04.5 LTS\n Kernel: Linux 4.15.0-124-generic\n Architecture: x86-64<\/pre>\n\n\n\n
If it is different, change it with the following command while replacing the example mail domain:<\/p>\n\n\n\n
sudo hostnamectl set-hostname mail.example.com<\/span><\/i><\/pre>\n\n\n\nBefore you begin the installation, you should check that your DNS records for the mail server (mail.example.com) have been propagated using dnschecker.org<\/a>. If yes, continue with the next step, otherwise, wait a moment and check again.<\/p>\n\n\n\n
Step 2: Installing Modoboa<\/h2>\n\n\n\n
Once your mail domain has propagated and is generally available you can install Modoboa along with all of its components.<\/p>\n\n\n\n
Simply run the installation script using the following command. Again, replace the example.com domain with your own. Note that the command above automatically appends the \u2018mail\u2019 part for your domain so leave it out here.<\/p>\n\n\n\n
sudo .\/run.py --interactive example.com<\/span><\/pre>\n\n\n\nWelcome to Modoboa installer!\nWarning:\nBefore you start the installation, please make sure the following DNS records exist for domain 'example.com':\n mail IN A <IP ADDRESS OF YOUR SERVER>\n IN MX mail.example.com.\nYour mail server will be installed with the following components:\nmodoboa automx amavis clamav dovecot nginx razor postfix postwhite spamassassin uwsgi radicale opendkim\nDo you confirm? (Y\/n) y<\/pre>\n\n\n\n
Press Y and then enter to confirm. Modoboa will then obtain the SSL certificate from Let\u2019s Encrypt and start the installation process. You should see something similar to the example output below.<\/p>\n\n\n\n
The process can be long, feel free to take a coffee and come back later ;)\n\nStarting...\n\nGenerating new certificate using letsencrypt\n\nInstalling amavis\nInstalling spamassassin\nInstalling razor\nInstalling clamav\nInstalling modoboa\nInstalling automx\nInstalling radicale\nInstalling uwsgi\nInstalling nginx\nInstalling opendkim\nInstalling postfix\nInstalling postwhite\nInstalling dovecot\n\nCongratulations! You can enjoy Modoboa at https:\/\/mail.example.com (admin:password)<\/pre>\n\n\n\n
The installation takes a couple of minutes. For example on a new Cloud Server, it can take roughly 5 minutes.<\/p>\n\n\n\n
Once the installation has finished, go to the URL provided at the end of the installation and log in with admin:password<\/em>.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/3.-Modoboa-Login-Page-e1607718757188.jpg\")
<\/figure>\n\n\n\nWhen logging in for the first time, click on the admin account name in the upper left section and go to -> Setting -> Profile to change your password.<\/p>\n\n\n\n
Enter the default password and then set a new secure one by repeating it and then clicking the Update<\/em> button.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/4.-Change-Modoboa-Passwords-e1607718787132.jpg\")
<\/figure>\n\n\n\nAfter changing the password, you\u2019ll need to relog into the dashboard to continue.<\/p>\n\n\n\n
Step 3: Add Domain To Modoboa<\/h2>\n\n\n\n
With the Modoboa admin account secured with a new password, you can begin configuring the mail domain.<\/p>\n\n\n\n
Goto the Domains section and click the Add button. Then fill in the following details:<\/p>\n\n\n\n
- \n
- Name<\/b> \u2013 The domain name<\/li>\n\n\n\n
- Type<\/b> \u2013 Domain<\/li>\n\n\n\n
- Quota<\/b> \u2013 The whole quota shared by all mailboxes, it is expressed in MB by default, use 0 for no quota (unlimited).<\/li>\n\n\n\n
- Default mailbox quota<\/b> \u2013 This is the default quota applied to new mailboxes, the default is 0 for no quota. However, the value cannot exceed the shared quota.<\/li>\n\n\n\n
- Alias(es):<\/b> Domain aliases allow users to receive mail with another email address. For example, if you have a primary domain you@abc.com<\/em> and an alias others@abc.com<\/em> the domain alias will direct all emails from the alias domain into the user account for the primary domain (you@abc.com). So, all emails sent to others@abc.com will go to you@abc.com and the same for all other users on the domain. Leave blank if you are not using an alias.<\/li>\n\n\n\n
- Enabled<\/b> \u2013 Check \u2713<\/b><\/li>\n\n\n\n
- Enable DNS checks<\/b> \u2013 Check \u2713<\/b><\/li>\n\n\n\n
- Enable DKIM Signing<\/b> \u2013 Check \u2713<\/strong><\/li>\n\n\n\n
- Key selector<\/b> \u2013 Can be anything, for simplicity use your domain name without the TLD. This will be used later for implementing the DKIM record.<\/li>\n\n\n\n
- Key Length<\/b> \u2013 1024 or 2048<\/li>\n<\/ul>\n\n\n\n
Once set, click the Next button.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/5.-Modoboa-adding-new-domain-e1607718818883.jpg\")
<\/figure>\n\n\n\nIn the next screen, use the following:<\/p>\n\n\n\n
- \n
- Create a domain administrator<\/b> \u2013 Choose Yes<\/li>\n\n\n\n
- Name<\/b> \u2013 Use the postmaster (postmaster@example.com), a postmaster<\/b> is the administrator of a mail server. Errors in email processing are directed to this address.<\/li>\n\n\n\n
- Random password<\/b> \u2013 No<\/li>\n\n\n\n
- With a mailbox<\/b> \u2013 Yes<\/li>\n\n\n\n
- Create aliases<\/b> \u2013 Yes<\/li>\n<\/ul>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/6.-Modoboa-Adding-New-Domain-Second-Screen-e1607718846538.jpg\")
<\/figure>\n\n\n\nOnce you are done, click the Submit button to create the email domain. Modoboa will then perform some DNS checks to ensure you have the right records.<\/p>\n\n\n\n
Afterwards, you can continue to step 4 for configuring additional records to improve your mail deliverability.<\/p>\n\n\n\n
Step 4: Configuring Email For Better Deliverability<\/h2>\n\n\n\n
In this step, we will implement DKIM, SPF, and DMARC records for our email domain. This is to ensure your mail server is authenticated which will enable ISPs, mail services, and other receiving mail servers to trust that your email server is authorized to send the email.<\/p>\n\n\n\n
Just doing these steps will significantly boost your email deliverability. This is because the three records are used to prove that the sender is legitimate, that their identity has not been compromised, and that they\u2019re not sending emails on behalf of someone else.<\/p>\n\n\n\n
Setting SPF records<\/h3>\n\n\n\n
SPF or Sender Policy Framework is a DNS TXT record that is used to specify which IP addresses and\/or servers are allowed to send email \u201cfrom\u201d that particular domain. It is designed to detect forging sender addresses during the delivery of the email.<\/p>\n\n\n\n
To create an SPF record, go to your DNS manager and create the following new TXT record:<\/p>\n\n\n\n
- \n
- v=spf1 \u2013 The version of SPF being used, this is the only version available<\/li>\n\n\n\n
- mx \u2013 This means all hosts listed in the MX records are allowed to send emails for your domain and all other hosts are disallowed.<\/li>\n\n\n\n
- ip4:609.30.62.257 \u2013 This is the IP address of the mail server or domain that is authorized to send emails for that domain. Replace the IP in the example with your mail server\u2019s public IP address.<\/li>\n\n\n\n
- ~all \u2013 The \u201call\u201d tag tells the receiving server how it should handle messages sent from a domain that is not listed in the SPF record. The tilde (~) with the \u2018a\u2019 is a soft fail, this would mark a server that is not listed in the SPF as spam, you can use -a for a flat-out rejection.<\/li>\n<\/ul>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/12.-SPF-record-e1607718875716.jpg\")
<\/figure>\n\n\n\nSetting DKIM records<\/h3>\n\n\n\n
DKIM or Domain Keys Identified Mail is an email authentication method that allows mail services to check that an email was indeed sent and authorized by the owner of that domain. In order to achieve this, you give the email a digital signature. This DKIM signature is a header that is added to the message and is secured with encryption.<\/p>\n\n\n\n
The difference between DKIM and SPF is that DKIM is used to verify that the contents of the message are trustworthy. This is used to check that the email hasn\u2019t been tampered with since the moment it left the initial mail server.<\/p>\n\n\n\n
Luckily, Modoboa already provides this option and if you follow the instruction in step 3, you should have it checked.<\/p>\n\n\n\n
To apply the DKIM records for your email server, go to the Domains<\/em> section and click on your domain name:<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/7.-Click-Domain-Name.jpg\")
<\/figure>\n\n\n\nThen in the DNS sections, click Show key<\/em> button for the DKIM key:<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/8.-Show-DKIM-key.jpg\")
<\/figure>\n\n\n\nThis will show your DKIM public key which can be used to create the required DNS record.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/9.-DKIM-Public-Keys-e1607718909999.jpg\")
<\/figure>\n\n\n\nNext, go to your DNS manager and create another TXT record. Enter your domain name followed by \u201c_domainkey\u201d in the Name field, e.g. example._domainkey. This is what we added at the key selector in step 3 while configuring the domain.<\/p>\n\n\n\n
Then copy everything in the parentheses and paste it into the value field. Make sure to delete all double quotes besides the first and last one.<\/p>\n\n\n\n
Below is an example of how the DKIM record should look like:<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/10.-TXT-record-for-DKIM.jpg\")
<\/figure>\n\n\n\nYou can check if the key is valid using DKIM key checker<\/a><\/span>, just paste the value without any quotes. The checker will report if it is valid or not:<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/11.-Check-DKIM-key-using-a-key-checker.jpg\")
<\/figure>\n\n\n\nSetting DMARC records<\/h3>\n\n\n\n
DMARC or Domain-based Message Authentication Reporting and Conformance extends DKIM and SPF to determine the authenticity of an email message.<\/p>\n\n\n\n
Most major email providers perform DMARC checks by default before accepting the email. By performing these checks, the email provider knows what authentication methods should be present (SPF, DKIM, etc.) and reject messages that fail the checks as specified by the domain\u2019s DMARC record.<\/p>\n\n\n\n
Unlike SPF and DKIM that doesn\u2019t provide reports on sources sending emails, you can get aggregated reports when DMARC is implemented.<\/p>\n\n\n\n
To create a DMARC record, again go to your DNS manager and create a new TXT record as below:<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/13.-DMARC-Reports-e1607719097868.jpg\")
<\/figure>\n\n\n\nThe above record states that any email which fails the authentication with the \u201cFrom\u201d domain is put in the spam folder 100% of the time and activity is reported to the dmarc-reports@example.com. You can also flat-out reject any email that fails the DMARC authentication by setting \u2018p=reject\u2019.<\/p>\n\n\n\n
Step 5: Sending Test Email<\/h2>\n\n\n\n
At this point, you should have everything in place to create a new mailbox account to test sending mail.<\/p>\n\n\n\n
First, go to the Domain<\/em> section and click on the domain name:<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/14.-Click-On-Domain-Name.jpg\")
<\/figure>\n\n\n\nNext, click Mailboxes text in the Summary view.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/15.-Click-Mailboxes.jpg\")
<\/figure>\n\n\n\nThen click on \u2018Add\u2019 -> Account and fill in the following details:<\/p>\n\n\n\n
- \n
- Role<\/b> \u2013 Simple User<\/li>\n\n\n\n
- Username <\/b> \u2013 user@domain.com<\/li>\n\n\n\n
- First Name and Last Name<\/b> \u2013 Self Explanatory<\/li>\n\n\n\n
- Random Password<\/b> \u2013 Don\u2019t Check<\/li>\n\n\n\n
- Password and Confirm Password<\/b> \u2013 Strong Passwords<\/li>\n\n\n\n
- Enabled<\/b> \u2013 Check<\/li>\n<\/ul>\n\n\n\n
Once set, click the Next button to continue.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/16.-Add-New-Account-e1607719167901.jpg\")
<\/figure>\n\n\n\nOn the following page, you can add an alias plus an additional sender address. With these, the user can be allowed to send emails using other addresses besides the email attached to this mailbox. Leave them blank if you have no use cases for that.<\/p>\n\n\n\n
Then click the Submit button to create the mailbox.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/17.-Add-New-Account_Next-Page-e1607719192114.jpg\")
<\/figure>\n\n\n\nAfterwards, log out of the admin account and log in with the new simple user account.<\/p>\n\n\n\n
Once logged in, go to the Webmail section and click the Compose button. Use the webmail to test sending a mail to any other email address you have. If successful, you should see something like the below confirming the mail was sent.<\/p>\n\n\n\n
![\"-\"](\"https:\/\/upcloud.com\/media\/18.-Email-Successully-sent.jpg\")
<\/figure>\n\n\n\nThen check your recipient email to see if the mail was delivered. Even with the appropriate sender and email authenticator records set, the mail might still arrive in the spam folder so don\u2019t forget to check there if the message doesn\u2019t appear momentarily.<\/p>\n\n\n\n
If you are having difficulty sending mail, refer to the Troubleshooting section below.<\/p>\n\n\n\n
Step 6: Auto-Renew Let’s Encrypt TLS Certificate<\/h2>\n\n\n\n
Let\u2019s Encrypt issues certificates that are valid for 3-month periods. Once the certificate is within 30 days of expiry, Let\u2019s Encrypt will allow the certificates to be renewed. After renewing, the new certificates will be valid for another 90 days.<\/p>\n\n\n\n
Fortunately, the Let\u2019s Encrypt client called certbot<\/em> comes with a script to renew an existing certificate. By default, Ubuntu 16.04 and above will automate the renewal for you. However, this might not work when installing certbot with Modoboa.<\/p>\n\n\n\n
Instead, let\u2019s stop the certbot.timer service and create the standard cron job to do the task for us. Use the following command to disable the default renewal service.<\/p>\n\n\n\n
sudo systemctl disable certbot.timer && sudo systemctl stop certbot.timer<\/pre>\n\n\n\n
If you get the following error you did not have the service installed and can just create the new automation.<\/p>\n\n\n\n
Failed to disable unit: Unit file certbot.timer does not exist.<\/i><\/p>\n\n\n\n
Next, open the crontab for edit with the command below. Choose your preferred text editor if asked.<\/p>\n\n\n\n
sudo crontab -e<\/pre>\n\n\n\n
Then add the following configuration line at the end of the file:<\/p>\n\n\n\n
0 *\/12 * * * \/opt\/certbot-auto renew -q && systemctl reload nginx postfix dovecot<\/pre>\n\n\n\n
Save and close using CTRL + X, and Y, and enter.<\/p>\n\n\n\n
This will tell cron to run the certbot renew script twice a day which is the recommended method. Most of the time the renewal command will simply verify that the certificates are still valid but once the certificate is within 30 days of expiry, LetsEncrypt will allow renewal. Lastly, it will restart the necessary services for the renewed certificate to take effect.<\/p>\n\n\n\n
Optional: Create a Swap File For Little Improvement<\/h2>\n\n\n\n
Modoboa comes bundled with SpamAssassin, Clamav, and Amavis, which can consume a lot of memory. By default, Cloud Servers on UpCloud are deployed without a swap partition but you can create a swap space if your mail server is running at capacity. Swapfile serves as an extension of the system memory so, for example, if the system doesn\u2019t have enough RAM to perform a certain function it swaps it to the swap area on the storage device.<\/p>\n\n\n\n
Follow the following steps to add a swapfile:<\/p>\n\n\n\n
For example, on a system that has 2GB of RAM, you can use the fallocate<\/em> command to create a file size of 2GB as shown below.<\/p>\n\n\n\n
sudo fallocate -l 2G \/swapfile<\/pre>\n\n\n\n
You also need to prevent other users from being able to read potentially sensitive information from the swap file. Use the following command to restrict permissions.<\/p>\n\n\n\n
sudo chmod 600 \/swapfile<\/pre>\n\n\n\n
Next, format the swapfile so it\u2019s usable.<\/p>\n\n\n\n
sudo mkswap \/swapfile<\/pre>\n\n\n\n
Then enable the swap file.<\/p>\n\n\n\n
sudo swapon \/swapfile<\/pre>\n\n\n\n
Afterwards, check the swap space is working using the swapon<\/em> command underneath.<\/p>\n\n\n\n
sudo swapon<\/pre>\n\n\n\n
NAME TYPE SIZE USED PRIO\n\/swapfile file 2G 362.3M -2<\/pre>\n\n\n\n
If you see something like this in the example output above, your swap file is working.<\/p>\n\n\n\n
You\u2019ll also want to make the swap file permanent by enabling it at system boot. You can do so by running the following command.<\/p>\n\n\n\n
echo '\/swapfile none swap sw 0 0' | sudo tee -a \/etc\/fstab<\/pre>\n\n\n\n
You might also want to adjust the rate at which your server will utilise the swap file. This is done by setting a swappiness value. The higher the value, the more likely your server will utilise swap. For example at value 100, it will use swap as much as possible. If it is set to 0, the system won\u2019t use swap at all.<\/p>\n\n\n\n
A good starting point is to use a value in the range of 20 \u2013 30.<\/p>\n\n\n\n
To set the swappiness value, open your sysctl.conf file in a text editor.<\/p>\n\n\n\n
sudo nano \/etc\/sysctl.conf<\/pre>\n\n\n\n
By default, the swappiness line isn\u2019t included. Add it manually by appending the sysctl.conf file with the following line:<\/p>\n\n\n\n
vm.swappiness=25<\/pre>\n\n\n\n
Then save the file and exit with CTRL + X, and Y, and enter.<\/p>\n\n\n\n
Utilising swappiness is one of the useful tools when performance tuning. In certain situations where you don\u2019t want your application to swap, you can lower the swappiness value. Try out different values and see the one that works best for your use case.<\/p>\n\n\n\n
Troubleshooting<\/h2>\n\n\n\n
If for some reason, you can\u2019t get Modoboa to work or you have an issue sending emails, you can check mail logs (\/var\/log\/mail.log) for clues. To speed up the troubleshooting, you might want to use Multitail, which allows you to view multiple logs in real time.<\/p>\n\n\n\n
Install Multitail using the command below.<\/p>\n\n\n\n
sudo apt install multitail<\/pre>\n\n\n\n
To use multitail, simply use the following syntax:
sudo multitail file1 file2 \u2026<\/i><\/p>\n\n\n\nFor example, you can view your mail log with the following command.<\/p>\n\n\n\n
sudo multitail \/var\/log\/mail.log<\/pre>\n\n\n\n
If you get can\u2019t connect to a UNIX socket \/var\/run\/clamav\/clamd.ctl\u2026<\/h3>\n\n\n\n
If you are seeing an error like below or something similar, your ClamAV-daemon is likely not running.<\/p>\n\n\n\n
amavis[12991]: (12991-01) (!)connect to \/var\/run\/clamav\/clamd.ctl failed, attempt #1: Can\u2019t connect to a UNIX socket \/var\/run\/clamav\/clamd.ctl<\/i>:\u2019<\/p>\n\n\n\n
It doesn\u2019t mean your mail won\u2019t be sent, you just don\u2019t get an antivirus to scan files or mail.<\/p>\n\n\n\n
First, check if ClamAV is running using the command below.<\/p>\n\n\n\n
systemctl status clamav-daemon.service<\/pre>\n\n\n\n
If you see the following, the daemon isn\u2019t up.<\/p>\n\n\n\n
* clamav-daemon.service - Clam AntiVirus userspace daemon\n Loaded: loaded (\/lib\/systemd\/system\/clamav-daemon.service; enabled; vendor preset: enabled)\n Drop-In: \/etc\/systemd\/system\/clamav-daemon.service.d\n `-extend.conf\n Active: failed (Result: signal) since Thu 2020-07-30 00:00:16 UTC; 2 days ago\n Docs: man:clamd(8)\n man:clamd.conf(5)\n https:\/\/www.clamav.net\/documents\/\n Process: 23563 ExecStart=\/usr\/sbin\/clamd --foreground=true (code=killed, signal=KILL)\n Main PID: 23563 (code=killed, signal=KILL)<\/pre>\n\n\n\n
Start it again using the next command.<\/p>\n\n\n\n
systemctl restart clamav-daemon.service<\/pre>\n\n\n\n
Afterwards, your email scanner should start working again.<\/p>\n\n\n\n
If you can\u2019t allocate memory<\/h3>\n\n\n\n
This means ClamAV doesn\u2019t have enough memory to run. If you are running a server with less than 2GB of memory, you might want to resize your server to increase the RAM to at least 2GB.<\/p>\n\n\n\n
Then restart the Clamav daemon and check that it\u2019s able to run normally.<\/p>\n\n\n\n
systemctl restart clamav-daemon.service<\/pre>\n\n\n\n
Can\u2019t Send Mail?<\/h3>\n\n\n\n
If your server is not able to send mail, you might want to check that port 25 (outbound) is not blocked. On UpCloud, port 25 is blocked by default but can be opened upon request. You can read more about how to request port 25 to be opened in our guides on the best practices for hosting your own mail server<\/a>.<\/p>\n\n\n\n
Additionally, if you are using a mail client to send mail and connecting via a VPN, you might wish to check if your VPN connection allows transfer to port 25. Some VPN providers may also block port 25.<\/p>\n","protected":false},"author":31,"featured_media":19170,"comment_status":"open","ping_status":"closed","template":"","community-category":[223],"class_list":["post-2086","tutorial","type-tutorial","status-publish","has-post-thumbnail","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/upcloud.com\/global\/wp-json\/wp\/v2\/tutorial\/2086","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/upcloud.com\/global\/wp-json\/wp\/v2\/tutorial"}],"about":[{"href":"https:\/\/upcloud.com\/global\/wp-json\/wp\/v2\/types\/tutorial"}],"author":[{"embeddable":true,"href":"https:\/\/upcloud.com\/global\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/upcloud.com\/global\/wp-json\/wp\/v2\/comments?post=2086"}],"version-history":[{"count":1,"href":"https:\/\/upcloud.com\/global\/wp-json\/wp\/v2\/tutorial\/2086\/revisions"}],"predecessor-version":[{"id":4549,"href":"https:\/\/upcloud.com\/global\/wp-json\/wp\/v2\/tutorial\/2086\/revisions\/4549"}],"wp:attachment":[{"href":"https:\/\/upcloud.com\/global\/wp-json\/wp\/v2\/media?parent=2086"}],"wp:term":[{"taxonomy":"community-category","embeddable":true,"href":"https:\/\/upcloud.com\/global\/wp-json\/wp\/v2\/community-category?post=2086"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
- Username <\/b> \u2013 user@domain.com<\/li>\n\n\n\n
- Role<\/b> \u2013 Simple User<\/li>\n\n\n\n
- Name<\/b> \u2013 Use the postmaster (postmaster@example.com), a postmaster<\/b> is the administrator of a mail server. Errors in email processing are directed to this address.<\/li>\n\n\n\n
- Type<\/b> \u2013 Domain<\/li>\n\n\n\n
- Make sure Port 25 is not blocked<\/b>: The port 25 is used for communication between mail servers and it is blocked by default for new users on UpCloud. The port 25 n<\/a>e<\/a>eds to be open<\/a>, otherwise, your server may be not able to receive or\/and send emails.<\/li>\n<\/ul>\n\n\n\n