Automx
DNS
Create the following A records: autoconfig.edgarbv.com. IN A xxx.xxx.xxx.xxx autodiscover.edgarbv.com IN A xxx.xxx.xxx.xxx
Let's encrypt
certbot certonly -d autodiscover.edgarbv.com -w /var/www/www.edgarbv.com/site/
certbot certonly -d autoconfig.edgarbv.com -w /var/www/www.edgarbv.com/site/
choose optioon 3. place files in the webroot directory
log file setup
touch /var/log/automx.log
chown www-data /var/log/automx.log
vi /etc/logrotate.d/automx
/var/log/automx.log { weekly rotate 3 compress nomail notifempty missingok }
/etc/automx.conf
# file: /etc/automx.conf [automx] provider = edgarbv.com # We care about any domain that we get a query for #domains = edgarbv.com domains = * debug = yes logfile = /var/log/automx.log # Protect against DoS memcache = 127.0.0.1:11211 memcache_ttl = 600 client_error_limit = 20 rate_limit_exception_networks = 127.0.0.0/8, ::1/128 # The DEFAULT section is always merged into each other section. Each section # can overwrite settings done here. [DEFAULT] account_type = email #account_name = Example Incorporated account_name = %u account_name_short = %d display_name = %s # If a domain is listed in the automx section, it may have its own section. If # none is found here, the global section is used. [global] backend = static action = settings # If you want to sign mobileconfig profiles, enable these options. Make sure # that your webserver has proper privileges to read the key. The cert file # must contain the server certificate and all intermediate certificates. You # can simply concatenate these certificates. #sign_mobileconfig = yes #sign_cert = /path/to/cert #sign_key = /path/to/key smtp = yes smtp_server = mail.edgarbv.com smtp_port = 587 smtp_encryption = starttls smtp_auth = plaintext smtp_refresh_ttl = 6 smtp_default = yes imap = yes imap_server = mail.edgarbv.com imap_port = 143 imap_encryption = starttls imap_auth = plaintext imap_refresh_ttl = 6 pop = yes pop_server = mail.edgarbv.com pop_port = 110 pop_encryption = none pop_auth = plaintext pop_refresh_ttl = 6 # local settings commented out because these are there for exceptions #[edgarbv.com] #backend = global # example.com uses settings from the global section
Apache setup
The examples and documentation are absolutely riddled with holes - complete rubbish! Thanks to gchameleon.tk for this post clearing this part up...
vi /etc/apache2/sites-enabled/autoconfig.edgarbv.com.conf
<IfModule mod_ssl.c> <VirtualHost *:80> ServerName autoconfig.edgarbv.com ServerAlias autoconfig.* DocumentRoot /badurl <IfModule mod_wsgi.c> WSGIScriptAliasMatch \ (?i)^/.+/(autodiscover|config-v1.1).xml \ /usr/lib/python2.7/dist-packages/automx_wsgi.py <Directory "/usr/lib/python2.7/dist-packages"> Require all granted </Directory> </IfModule> </VirtualHost> <VirtualHost *:443> ServerName autodiscover.edgarbv.com ServerAlias autodiscover.* DocumentRoot /badurl SSLCertificateFile /etc/letsencrypt/live/autoconfig.edgarbv.com-0001/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/autoconfig.edgarbv.com-0001/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf <IfModule mod_wsgi.c> WSGIScriptAliasMatch \ (?i)^/.+/(autodiscover|config-v1.1).xml \ /usr/lib/python2.7/dist-packages/automx_wsgi.py WSGIScriptAlias \ /mobileconfig \ /usr/lib/python2.7/dist-packages/automx_wsgi.py <Directory "/usr/lib/python2.7/dist-packages"> Require all granted </Directory> </IfModule> </VirtualHost> </IfModule>
Create the certificate files
certbot -d autoconfig.edgarbv.com -d autodiscover.edgarbv.com --apache
service apache2 restart
Testing
On the server / command line:
automx-test some@email.com
In the webbrowser (you will see the URLs in the output of the server test
http://autoconfig.edgarbv.com/mail/config-v1.1.xml?emailaddress=random@edgarbv.com
NB try a few different email addresses you should be resolving for.