Skip to main content

Mailcow (mx1.thomassen.pm)

What the f*** is Mailcow!?

Mailcow is a software stack for running an email server, which is currently running on a dedicated server here in Norway (through a provider) that I manage.
Compared to my other servers, my Mailcow instance has the "cleanest" IP address, making it perfect for personal email and such as long as your domain has been set up correctly.

Webmail

Webmail is provided through a software called "SOGo". The link to that is: https://mx1.thomassen.pm/SOGo/
SOGo allows you to set up your identity (the name and signature sent with every email, for instance), but it also has some nice features like managing your calendar, contacts and changing your password.

You are also able to change your password through the main Mailcow page: https://mx1.thomassen.pm/

Email clients

The incoming and outgoing mail servers support all the default encryption settings and network ports, so if you know those you're good to go. The hostname for both incoming and outgoing is the same: mx1.thomassen.pm

For those of you that need specific details:

Incoming (IMAP)

  • Host: mx1.thomassen.pm
  • Port(s): 143 (Unencrypted/STARTTLS), 993 (SSL/TLS)
  • Authentication: Required.
  • Username: Your full email address, example: alex@chipset.no
  • Password: Your password.

Outgoing (SMTP)

  • Host: mx1.thomassen.pm
  • Port: 25 (Unencrypted), 465 (SSL/TLS), 587 (STARTTLS)
  • Authentication method (if requested): LOGIN
  • Username: Your full email address, example: alex@chipset.no
  • Password: Your password.

Incoming (POP)

I don't even know if Mailcow supports this and I don't even know what the settings would be here.
If you really wanna use POP instead of IMAP, just go with the same hostname (using default POP ports) and username/password as IMAP and see if it works.

DNS

If you know your way around managing the DNS settings, these are the common settings that all domains through Mailcow uses.
Make sure that you've talked to me before changing these settings as they could potentially break your email. Mailcow only accepts emails from domains and addresses I've added.

DNS records

For the DNS records, I'll be using @ for the root/main domain and for example mail for a subdomain.
That means, if your root/main domain is chipset.no, then @ would imply chipset.no and mail would imply mail.chipset.no.
Depending on your DNS provider, this might be important to note or else your DNS settings will be wrong.

MX type records are specified in the format <Priority> <Hostname>. Some DNS providers have a "Priority" field separate from the "Content" field. So keep this is mind when looking at MX records.

TTL or Time-To-Live specifies how long a record (in seconds) should be cached by DNS servers (like Google, Cloudflare or your ISP). I will specify a common default, but you're free to choose whatever you want.
3600 (seconds) = 1 hour.

NameTypeContentTTLComment
@MX10 mx1.thomassen.pm3600Priority: 10 and hostname: mx1.thomassen.pm
@TXTv=spf1 include:spf.thomassen.xyz -all3600[SPF] Important if you want your email to not go into spam.
mailCNAMEmx1.thomassen.pm3600Optional, can be used for easy-to-remember access to Mailcow/SOGo. Let me know if you add this subdomain/alias.

DKIM

DKIM is used for additional 'authentication' of email when sent to other mail providers (Gmail, Hotmail, Yahoo etc). It's used in addition to SPF to prevent spam.
I highly recommend setting this up, but that requires that I generate a DKIM key pair via Mailcow.
Please contact me at Decicus#0001 (Discord) or email (alex@chipset.no) if I haven't sorted this out with you yet.

DMARC: If you enable DKIM, I also recommend adding a record for DMARC which allows you to specify a policy for email providers to follow when receiving an email from your domain.
This will also specify an email address for them to send reports.
By default it specifies to send the reports to my email address (alex@chipset.no) every 24 hours.
The settings used by the DMARC record I've specified are also the most strict possible. So if your SPF or DKIM is misconfigured, your email won't go through.
Double-check with me before adding DMARC.

DKIM/DMARC will typically be added through DNS in this format:

NameTypeContentTTLComment
mailcow._domainkeyTXTv=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG....3600DKIM public key example. Snipped because they're usually really long (~400 characters)
_dmarcTXTv=DMARC1; p=reject; sp=reject; rua=mailto:alex@chipset.no; ruf=mailto:alex@chipset.no; rf=afrf; pct=100; ri=864003600Optional, see comment about DMARC. Alternatively use DMARC generator