Docker Compose setup¶
Prepare the environment¶
Mailu will store all of its persistent data in a path of your choice
/mailu by default) simply create the directory and move there:
mkdir /mailu cd /mailu
Download the initial configuration file¶
Docker Compose configuration is stored in a file named
docker-compose.yml. Additionally, Mailu
relies on a
.env file for various settings. Download
the proper template files from the git repository. To download the configuration
1.5 branch, use:
wget https://mailu.io/1.5/_downloads/docker-compose.yml wget https://mailu.io/1.5/_downloads/.env
Then open the
.env file to setup the mail server. Modify the
to match your setup directory if different from
VERSION configuration in the
.env file to reflect the version you picked.
Set the common configuration values¶
.env file and set configuration settings after reading the configuration
documentation. Some settings are specific to the Docker Compose setup.
BIND_ADDRESS4 to match the public IP address assigned to your server.
This address should be configured on one of the network interfaces of the server.
If the address is not configured directly (NAT) on any of the network interfaces or if
you would simply like the server to listen on all interfaces, use
BIND_ADDRESS6 to match the public IPv6 address assigned to your server.
The behavior is identical to
TLS_FLAVOR to one of the following
certis the default and requires certificates to be setup manually;
letsencryptwill use the Letsencrypt! CA to generate automatic ceriticates;
certexcept that TLS will only be served for emails (IMAP and SMTP), not HTTP (use it behind reverse proxies);
notlswill disable TLS, this is not recommended except for testing.
Enable optional features¶
Some of Mailu features are not used by every user and are thus not enabled in a default configuration.
A Webmail is a Web interface exposing an email client. Mailu webmails are
bound to the internal IMAP and SMTP server for users to access their mailbox through
the Web. By exposing a complex application such as a Webmail, you should be aware of
the security implications caused by such an increase of attack surface. The
configuration option must be one of the following:
noneis the default value, no Webmail service will be exposed;
roundcubewill run the popular Roundcube Webmail;
rainloopwill run the popular Rainloop Webmail.
The administration interface is not exposed on the public address by default,
you will need to set the
ADMIN variable accordingly:
truewill expose the admin interface in
false(or any other value) will disable this behaviour.
A Webdav server exposes a Dav interface over HTTP so that clients can store contacts or calendars using the mail account. This can be enabled using the WEBDAV setting. The configuration option must be one of the following:
noneis the default value, no webdav service will be exposed;
radicaleexposes the radicale Webdav service.
An antivirus server helps fighting large scale virus spreading campaigns
that leverage e-mail for initial infection. This can be setup using the
setting. The configuration option must be one of the following:
nonedisables antivirus checks;
clamavis the default values, the popular ClamAV antivirus is enabled.
Make sure that you have at least 1GB or memory for ClamAV to load its signature database.
Finish setting up TLS¶
Mailu relies heavily on TLS and must have a key pair and a certificate
available, at least for the hostname configured in the
If you set
cert or if then you must create a
in your root path and setup a key-certificate pair there:
cert.pem contains the certificate,
key.pem contains the key pair.
You may now start Mailu. Move the to the Mailu directory and run:
docker-compose up -d
Finally, you must create the initial admin user account:
docker-compose run --rm admin python manage.py admin root example.net password
This will create a user named
firstname.lastname@example.org with password
password and administration privileges. Connect to the Web admin interface and change the password to a strong one.