š§ InstalaĆ§Ć£o do Mailcow
Guia completo de instalaĆ§Ć£o do Mailcow Dockerized no servidor de email FSociety.pt
š Ćndice
- Requisitos de Sistema
- InformaĆ§Ć£o da VM
- PreparaĆ§Ć£o do Sistema
- InstalaĆ§Ć£o do Docker
- InstalaĆ§Ć£o do Mailcow
- ConfiguraĆ§Ć£o Inicial
- InicializaĆ§Ć£o dos Containers
- VerificaĆ§Ć£o PĆ³s-InstalaĆ§Ć£o
š» Requisitos de Sistema
Hardware MĆnimo
| Recurso | Recomendado | Implementado | DescriĆ§Ć£o |
|---|---|---|---|
| vCPU | 2+ | 2 | Processadores virtuais |
| RAM | 6 GB+ | 6 GB | MemĆ³ria para 18 containers |
| Disco | 20 GB+ | 24 GB | Sistema + dados + logs |
| Rede | 1 Gbps | 1 Gbps | Interface na DMZ |
Software
| Componente | VersĆ£o MĆnima | DescriĆ§Ć£o |
|---|---|---|
| Sistema Operativo | Ubuntu 20.04+ / Debian 11+ | Linux 64-bit |
| Docker | 20.10+ | Container runtime |
| Docker Compose | 2.0+ | OrquestraĆ§Ć£o de containers |
| Kernel | 4.18+ | Suporte completo a containers |
Portas NecessƔrias
| Porta | Protocolo | ServiƧo | DescriĆ§Ć£o |
|---|---|---|---|
| 25 | TCP | SMTP | Email submission (MTA-to-MTA) |
| 80 | TCP | HTTP | Redirect para HTTPS |
| 110 | TCP | POP3 | Email retrieval (inseguro) |
| 143 | TCP | IMAP | Email retrieval |
| 443 | TCP | HTTPS | Web interface, API |
| 465 | TCP | SMTPS | SMTP over SSL |
| 587 | TCP | SMTP Submission | SMTP com STARTTLS |
| 993 | TCP | IMAPS | IMAP over SSL |
| 995 | TCP | POP3S | POP3 over SSL |
| 4190 | TCP | Sieve | Filtros de email |
š„ļø InformaĆ§Ć£o da VM
ConfiguraĆ§Ć£o no Proxmox
# CriaĆ§Ć£o da VM no Proxmox VE
qm create 108 \
--name mailcow \
--memory 6144 \
--cores 2 \
--sockets 1 \
--net0 virtio,bridge=vmbr0,tag=10 \
--scsihw virtio-scsi-pci \
--scsi0 local-lvm:24 \
--ide2 local:iso/ubuntu-24.04-live-server-amd64.iso,media=cdrom \
--boot order=scsi0;ide2
ParĆ¢metros da VM
| ParĆ¢metro | Valor | DescriĆ§Ć£o |
|---|---|---|
| VM ID | 108 | Identificador no Proxmox |
| Nome | mailcow | Hostname da VM |
| IP | 10.0.0.20 | EndereƧo na DMZ |
| Gateway | 10.0.0.1 | pfSense DMZ interface |
| DNS | 192.168.1.10 | Domain Controller |
| Bridge | vmbr0 (VLAN 10) | DMZ network |
| Hostname | mail.fsociety.pt | FQDN pĆŗblico |
š ļø PreparaĆ§Ć£o do Sistema
1. Atualizar o Sistema
# Atualizar lista de pacotes
sudo apt update
# Atualizar pacotes instalados
sudo apt upgrade -y
# Instalar pacotes essenciais
sudo apt install -y curl wget git nano vim htop net-tools
2. Configurar Hostname
# Definir hostname
sudo hostnamectl set-hostname mail.fsociety.pt
# Adicionar entrada no /etc/hosts
echo "10.0.0.20 mail.fsociety.pt mail" | sudo tee -a /etc/hosts
# Verificar
hostnamectl
SaĆda esperada:
Static hostname: mail.fsociety.pt
Icon name: computer-vm
Chassis: vm
3. Configurar Rede EstƔtica
# Editar netplan
sudo nano /etc/netplan/00-installer-config.yaml
ConteĆŗdo:
network:
version: 2
ethernets:
ens18:
addresses:
- 10.0.0.20/24
routes:
- to: default
via: 10.0.0.1
nameservers:
addresses:
- 192.168.1.10
- 1.1.1.1
search:
- fsociety.pt
# Aplicar configuraĆ§Ć£o
sudo netplan apply
# Verificar
ip addr show ens18
4. Configurar Timezone
# Definir timezone para Europa/Lisboa
sudo timedatectl set-timezone Europe/Lisbon
# Verificar
timedatectl
š³ InstalaĆ§Ć£o do Docker
1. Remover VersƵes Antigas (se existirem)
sudo apt remove -y docker docker-engine docker.io containerd runc
2. Instalar DependĆŖncias
sudo apt update
sudo apt install -y \
ca-certificates \
curl \
gnupg \
lsb-release
3. Adicionar RepositĆ³rio Docker
# Adicionar chave GPG oficial do Docker
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \
sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
# Adicionar repositĆ³rio
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
4. Instalar Docker Engine
# Atualizar Ćndice de pacotes
sudo apt update
# Instalar Docker e plugins
sudo apt install -y docker-ce docker-ce-cli containerd.io \
docker-buildx-plugin docker-compose-plugin
# Verificar instalaĆ§Ć£o
docker --version
docker compose version
SaĆda esperada:
Docker version 24.0.7, build afdd53b
Docker Compose version v2.23.0
5. Configurar PermissƵes
# Adicionar utilizador ao grupo docker
sudo usermod -aG docker $USER
# Ativar e iniciar Docker
sudo systemctl enable docker
sudo systemctl start docker
# Verificar status
sudo systemctl status docker
6. Testar Docker
# Executar container de teste
docker run hello-world
š¦ InstalaĆ§Ć£o do Mailcow
1. Criar DiretĆ³rio Base
# Criar diretĆ³rio de instalaĆ§Ć£o
sudo mkdir -p /opt/mailcow-dockerized
cd /opt/mailcow-dockerized
2. Clonar RepositĆ³rio
# Clonar a Ćŗltima versĆ£o estĆ”vel
sudo git clone https://github.com/mailcow/mailcow-dockerized.git .
# Verificar branch
git branch
3. Gerar ConfiguraĆ§Ć£o
O script generate_config.sh cria o ficheiro mailcow.conf com configuraƧƵes personalizadas:
# Executar script de configuraĆ§Ć£o
sudo ./generate_config.sh
InteraĆ§Ć£o durante execuĆ§Ć£o:
Mail server hostname (FQDN) - this is not your mail domain,
but your mail server's hostname: mail.fsociety.pt
Timezone [Europe/Berlin]: Europe/Lisbon
Which branch of mailcow do you want to use?
Available Branches:
- master branch (stable updates) | default, recommended [1]
- nightly branch (unstable updates, testing) | not-production ready [2]
Choose the Branch with itĀ“s number [1/2] 1
4. Verificar ConfiguraĆ§Ć£o Gerada
# Ver configuraĆ§Ć£o principal
cat mailcow.conf | grep -v "^#" | grep -v "^$"
Principais variƔveis:
MAILCOW_HOSTNAME=mail.fsociety.pt
MAILCOW_TZ=Europe/Lisbon
āļø ConfiguraĆ§Ć£o Inicial
1. Ajustar mailcow.conf
Editar configuraƧƵes adicionais antes da primeira inicializaĆ§Ć£o:
sudo nano mailcow.conf
ConfiguraƧƵes importantes:
# Hostname pĆŗblico
MAILCOW_HOSTNAME=mail.fsociety.pt
# Timezone
MAILCOW_TZ=Europe/Lisbon
# Let's Encrypt (produĆ§Ć£o)
SKIP_LETS_ENCRYPT=n
ACME_CONTACT=admin@fsociety.pt
# Bind IPs (0.0.0.0 para aceitar todas)
HTTP_PORT=80
HTTPS_PORT=443
HTTP_BIND=0.0.0.0
HTTPS_BIND=0.0.0.0
# SQL
DBNAME=mailcow
DBUSER=mailcow
DBPASS=<gerada_automaticamente>
DBROOT=<gerada_automaticamente>
# ConfiguraƧƵes de email
MAILDIR_SUB=Maildir
2. Configurar Limites de Sistema
# Aumentar limites de file descriptors
echo "* soft nofile 65536" | sudo tee -a /etc/security/limits.conf
echo "* hard nofile 65536" | sudo tee -a /etc/security/limits.conf
# Configurar sysctl
sudo nano /etc/sysctl.conf
Adicionar:
vm.overcommit_memory=1
net.core.somaxconn=65535
# Aplicar
sudo sysctl -p
š InicializaĆ§Ć£o dos Containers
1. Pull das Imagens Docker
cd /opt/mailcow-dockerized
# Download de todas as imagens (pode demorar 10-15 minutos)
sudo docker compose pull
2. Iniciar Mailcow
# Iniciar todos os containers em background
sudo docker compose up -d
SaĆda esperada:
[+] Running 18/18
ā Container mailcowdockerized-unbound-mailcow-1 Started
ā Container mailcowdockerized-mysql-mailcow-1 Started
ā Container mailcowdockerized-redis-mailcow-1 Started
ā Container mailcowdockerized-clamd-mailcow-1 Started
ā Container mailcowdockerized-olefy-mailcow-1 Started
ā Container mailcowdockerized-memcached-mailcow-1 Started
ā Container mailcowdockerized-postfix-mailcow-1 Started
ā Container mailcowdockerized-dovecot-mailcow-1 Started
ā Container mailcowdockerized-rspamd-mailcow-1 Started
ā Container mailcowdockerized-php-fpm-mailcow-1 Started
ā Container mailcowdockerized-sogo-mailcow-1 Started
ā Container mailcowdockerized-nginx-mailcow-1 Started
ā Container mailcowdockerized-acme-mailcow-1 Started
ā Container mailcowdockerized-netfilter-mailcow-1 Started
ā Container mailcowdockerized-watchdog-mailcow-1 Started
ā Container mailcowdockerized-dockerapi-mailcow-1 Started
ā Container mailcowdockerized-ofelia-mailcow-1 Started
ā Container mailcowdockerized-postfix-tlspol-mailcow-1 Started
3. Verificar Status dos Containers
# Listar containers
sudo docker compose ps
Todos os 18 containers devem estar com status Up:
- nginx-mailcow
- postfix-mailcow
- dovecot-mailcow
- rspamd-mailcow
- clamd-mailcow
- sogo-mailcow
- mysql-mailcow
- redis-mailcow
- php-fpm-mailcow
- acme-mailcow
- unbound-mailcow
- netfilter-mailcow
- watchdog-mailcow
- dockerapi-mailcow
- ofelia-mailcow
- olefy-mailcow
- memcached-mailcow
- postfix-tlspol-mailcow
ā VerificaĆ§Ć£o PĆ³s-InstalaĆ§Ć£o
1. Verificar Logs
# Ver logs de todos os containers
sudo docker compose logs --tail=50
# Ver logs de um container especĆfico
sudo docker compose logs -f nginx-mailcow
2. Testar Acesso Web
# Teste local
curl -I http://localhost
# Teste HTTPS (apĆ³s Let's Encrypt)
curl -I https://mail.fsociety.pt
3. Aceder Ć Interface Web
URL: https://mail.fsociety.pt
Credenciais padrĆ£o:
- Utilizador:
admin - Password:
moohoo
ā ļø IMPORTANTE: Alterar a password imediatamente apĆ³s o primeiro login!
4. Verificar Portas Abertas
# Verificar portas em escuta
sudo ss -tlnp | grep -E ':(25|80|110|143|443|465|587|993|995|4190)'
5. Verificar Letās Encrypt
# Ver logs do ACME (Let's Encrypt)
sudo docker compose logs acme-mailcow
# Certificado deve ser gerado automaticamente
sudo docker compose exec acme-mailcow ls -la /var/lib/acme/certs/
6. Comandos Ćteis
# Parar todos os containers
sudo docker compose down
# Reiniciar Mailcow
sudo docker compose restart
# Ver uso de recursos
sudo docker stats
# Atualizar Mailcow
sudo ./update.sh
š Primeiros Passos PĆ³s-InstalaĆ§Ć£o
1. Alterar Password de Admin
- Aceder a https://mail.fsociety.pt
- Login:
admin/moohoo - Ir a System ā Administrator
- Alterar password para uma forte
2. Adicionar DomĆnio
Seguir o guia 03-dominios-mailboxes.md
3. Configurar DNS
Seguir o guia 07-dns-records.md
4. Configurar Rspamd
Seguir o guia 04-rspamd.md
š InformaĆ§Ć£o AcadĆ©mica
| Campo | InformaĆ§Ć£o |
|---|---|
| InstituiĆ§Ć£o | ESTG - Instituto PolitĆ©cnico do Porto |
| Unidade Curricular | AdministraĆ§Ć£o de Sistemas II |
| Ano Letivo | 2025/2026 |
| Autores | Ryan Barbosa, Hugo Correia, Igor AraĆŗjo |
**[ā¬
ļø Anterior: README](/fsociety-infrastructure/08-mailcow/)** | **[Ćndice](/fsociety-infrastructure/08-mailcow/)** | **[PrĆ³ximo: ConfiguraĆ§Ć£o ā”ļø](/fsociety-infrastructure/08-mailcow/02-configuracao.html)**
Ćltima atualizaĆ§Ć£o: Dezembro 2025