Author Topic: How to use only e-mail in CWP7?  (Read 765 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
How to use only e-mail in CWP7?
« on: January 06, 2024, 07:08:19 PM »
The website is running on another server. Is it possible to host only emails in cwp7? I will direct the mx settings from the domain company to cwp7. (like mx.***.com -> 123.123.123.123) So what should I do in CWP7? Thank you in advance for your guidance.

Offline
****
Re: How to use only e-mail in CWP7?
« Reply #1 on: January 06, 2024, 07:43:56 PM »
This has been answered before. Please check the forum for similar threads; I'll try to dig up some links meanwhile.

Offline
****
Re: How to use only e-mail in CWP7?
« Reply #2 on: January 06, 2024, 07:49:43 PM »
It has been answered several times, but it's simple.

On CWP you will create the domain as mail.domain.com
It will still create a webspace, etc. But you can ignore those.

In the DNS you will create an MX record for mail.domain.com, then an A record for mail. pointing to the IP of the CWP server.

To access webmail, you will do mail.domain.com/webmail

Offline
****
Re: How to use only e-mail in CWP7?
« Reply #3 on: January 06, 2024, 11:48:46 PM »
And for good measure, make sure ports 80 and 443 are blocked on the CSF firewall.
And disable Apache:
Code: [Select]
sudo systemctl disable httpd(This would mean you would have to access your webmail via the :2096 service port.)
« Last Edit: January 06, 2024, 11:50:19 PM by overseer »

Offline
****
Re: How to use only e-mail in CWP7?
« Reply #4 on: January 07, 2024, 07:32:02 PM »
@overseer, the problem with blocking TCP ports 80 & 443 is that Let Encrypt won't work to create & renew the mail server certificate.  :(

We had that problem on a FTP only server.
Unless you want to drop the firewall and renew the SSL, and bring the firewall back up. All Manually.

Offline
****
Re: How to use only e-mail in CWP7?
« Reply #5 on: January 07, 2024, 11:36:19 PM »
It's all sort of a pedestrian exercise -- I don't do this on any of my servers. But it is easily scriptable if you wanted to make your own LetsEncrypt renewal script.

On one server I do something like this -- typically Nginx 301 redirects http traffic to https, but in order to renew a LE cert, you have to allow http traffic temporarily. So it needs to be renewed, reverted, restarted, redirected. :P