Email and mail server
How do I setup internal mail to be sent over SMTP?
By default, emails generated by Hestia (Notifications, Forgot password, update logs, etc.) are sent the internal mail. If you want, you can setup mail to be send over a SMTP account.
Execute the following script and follow the instructions:
I am unable to send email
First, check that port 25 is open for outgoing traffic. A lot of providers block port 25 by default to combat spam.
To do so, run the following command:
telnet ASPMX.L.GOOGLE.COM 25
If the connection was successful you will see something similar to this:
Trying 2a00:1450:400c:c00::1b... Connected to ASPMX.L.GOOGLE.COM. Escape character is '^]'. 220 mx.google.com ESMTP a7si1253985wrr.455 - gsmtp
If not, you have 2 options:
- Contact you provider and ask them to open port 25 for outgoing traffic.
- Setup a mail relay under the mail domain settings or set it up generally for the server in system settings. For this you need to use an SMTP relay service like:
What is an SMTP relay service and how to set it up
SMTP mail relay is the process of transferring an email from one server to another for delivery. Often email from a server is blocked by de service provider due to fear of spam. Or the IP reputation is so low that all email go straight into the spam box. To prevent such issues a lot of companies offer a SMTP relay that takes care of the delivery part. As they send a lot email via the same ip addresses they have a better reputation.
To setup create a account by the provider you want or use and follow their instruction to update your DNS. When completed you can enter the SMTP user account they provider in the settings under "Global SMTP" or under the "Edit mail domain" -> "SMTP relay"
I am unable to receive email
If you are unable to receive emails, make sure you have setup your DNS properly. If you are using Cloudflare, disable the use of the proxy for
When you are done you can check the configuration via MXToolBox.
How do I install Rainloop?
You can install Rainloop by running the following command:
Can I login into the backend of Rainloop
In the root folder, there is an file called
.rainloop containing the username and password:
Username: admin_f0e5a5aa Password: D0ung4naLOptuaa Secret key: admin_f0e5a5aa
You can access the admin by navigating to
https://webmail.domain.tld/?admin_f0e5a5aa, and login by using the data you found in the file. Once it’s not needed anymore, remove the file, for security reasons.
Can I use Cloudflare Proxy with email
No, Cloudflare’s Proxy does not work with email. If you use email hosted on you server, make sure the proxy for the A record
mail.domain.tld is switched off. Otherwise, you will not be able receive emails. The following records are suggested if you want to use Hestia as your mail server:
- A record with name mail pointing to your server IP.
- A record with name webmail pointing to your server IP.
- MX record with name @ with pointing to
- TXT record with name @ containing
v=spf1 a mx ip4:your ip; \~all
- TXT record with name _domainkey containing
- TXT record with name mail._domainkey containing
t=y; o=~DKIM key;
- TXT record with name _dmarc containing
v=DMARC1; p=quarantine; sp=quarantine; adkim=s; aspf=s;
The DKIM key and SPF record can be found in the Mail Domains list (documentation).
When sending send emails from my server, they end up in the spam folder
Make sure you have set up the correct RDNS, SPF records and DKIM records.
If this doesn’t work, it’s be possible that your IP address is on one or more blacklists. You can try to unblock yourself, but often the easier method is to use SMTP and SMTP Relay with Amazon SES or another SMTP provider.
How can I enable ManageSieve?
During Hestia’s installation, use the
--sieve flag. If Hestia is already installed, there is a an upgrade script provided at the following path:
Can I allow access to ManageSieve via an external mail client?
Open port 4190 in the firewall. Read the firewall documentation.
How can I enable ManageSieve for Rainloop?
/etc/rainloop/data/_data_/_default_/domains/default.ini and modify the following settings:
sieve_use = On sieve_allow_raw = Off sieve_host = "localhost" sieve_port = 4190 sieve_secure = "None"